News
IT for utilities and energy
-
April 22, 2024
22
Apr'24
IT leaders hiring CISOs aplenty, but don’t fully understand the role
Most businesses now have a CISO, but perceptions of what CISOs are supposed to do, and confusion over the value they offer, may be holding back harmonious relations, according to a report
-
April 17, 2024
17
Apr'24
Mandiant formally pins Sandworm cyber attacks on APT44 group
Mandiant has formally attributed a long-running campaign of cyber attacks by a Russian state actor known as Sandworm to a newly designated advanced persistent threat group to be called APT44
-
April 16, 2024
16
Apr'24
CISOs not yet convinced to invest in AI
CISOs say their eyes are fixed firmly on threats like ransomware and supply chain attacks, and while AI is becoming a threat that needs to be dealt with, it’s not yet an immediate spending priority
-
April 09, 2024
09
Apr'24
UK plc failing on multiple cyber measures
Government report shows 50% of businesses and 32% of charities reported a cyber attack or breach in the past 12 months and organisations across the UK are failing on multiple cyber measures
-
April 09, 2024
09
Apr'24
Is a cyber arms control treaty out of reach?
The world needs cyber arms control more than ever, but the challenges facing a multilateral agreement will be hard to surmount, according to researchers at Germany’s Digital Society Institute
-
April 03, 2024
03
Apr'24
RDP abused in over 90% of cyber attacks, Sophos finds
Threat actors continue to see great success using simple, tried and tested methods, and many defenders are failing to do the basics
-
March 29, 2024
29
Mar'24
Organisations getting better at spotting identity fraud
As the barriers to committing identity fraud continue to drop, organisations should consider more sophisticated technical measures to successfully up their game, according to a report
-
March 28, 2024
28
Mar'24
Sellafield to be prosecuted over alleged cyber compliance failure
Sellafield Ltd, the organisation responsible for cleaning up and decommissioning the UK's largest nuclear waste site, is to be prosecuted over alleged cyber security failings dating back to 2019
-
March 27, 2024
27
Mar'24
Cyber spies, not cyber criminals, behind most zero-day exploitation
Analysis from Google has found that zero-day vulnerabilities are much more heavily exploited for espionage purposes than for financially motivated cyber crime
-
March 27, 2024
27
Mar'24
Ofgem begins consultation on dynamic price caps
Smart meters make it possible to manage the electricity grid in a more flexible way, but millions are facing connectivity issues
-
March 26, 2024
26
Mar'24
Shareholders win when businesses do better at cyber
The more advanced a company’s cyber security performance, and the more engaged its board is with security issues, the greater the return for shareholders, a report has found
-
March 22, 2024
22
Mar'24
Open Data Institute launches digital policy manifesto
The Open Data Institute has launched a policy manifesto ahead of the UK general election that outlines policies and issues it believes must be part of the political discussion around digital and data
-
March 21, 2024
21
Mar'24
NCSC guidance to help CEOs work through cyber incidents
The NCSC has published in-depth guidance on how business leaders should respond to a cyber attack or data breach. Learn about some of the key steps you will need to follow
-
March 20, 2024
20
Mar'24
UK’s cyber resilience stagnates as more fall victim to attacks
The government is calling on businesses to ramp up their cyber protections as study shows improvements to resilience are stagnating amid an ever-growing volume of attacks
-
March 20, 2024
20
Mar'24
SAP S/4HANA data migration beset by poor and fragmented strategy
Survey finds customers transitioning to S/4HANA lack strategic thinking and skills, can’t access data, face challenges in data duplication, can’t use AI, and worry about compliance
-
March 18, 2024
18
Mar'24
The Security Interviews: Alex Yampolskiy, SecurityScorecard
Alex Yampolskiy conceived the idea for risk management specialist SecurityScorecard after getting stung by a SaaS supplier that was being cavalier with its customer data. He tells his story to Computer Weekly
-
March 17, 2024
17
Mar'24
UK’s AI ambitions pointless while cyber security is still neglected
The UK’s AI ambitions may be at considerable risk without stronger cyber defences across the private and public sectors
-
March 15, 2024
15
Mar'24
UK government calls on comms firms to limit installation of telegraph poles
After public demonstrations, minister urges communications industry to ‘do whatever it takes’ to share existing infrastructure to avoid ‘inappropriately or unnecessarily throwing up’ new telegraph poles
-
March 13, 2024
13
Mar'24
Microsoft AI-powered cyber service to go live in April
After a year being previewed by beta customers, Microsoft’s much vaunted Copilot for Security service is about to go on general release, promising time savings and improved accuracy for hard-pressed security pros
-
March 12, 2024
12
Mar'24
March Patch Tuesday throws up two critical Hyper-V flaws
Two critical vulnerabilities in Windows Hyper-V stand out on an otherwise unremarkable Patch Tuesday
-
March 11, 2024
11
Mar'24
Government not facing up to CNI cyber risks, committee warns
The Joint Committee on the National Security Strategy has accused the government of burying its head in the sand over the cyber threat to UK critical infrastructure
-
March 05, 2024
05
Mar'24
Banning ransomware payments back on the agenda
The idea of banning ransomware payments to cyber criminals is back on the agenda, with former NCSC chief Ciaran Martin arguing that tougher measures need to be taken
-
February 28, 2024
28
Feb'24
75% of third-party breaches target software, IT supply chains
Data drawn from SecurityScorecard’s telemetry reveals how supply chain breaches are becoming a weapon of choice for threat actors
-
February 28, 2024
28
Feb'24
Users love their cyber teams, but find them frustrating
Despite strong support for security teams, a good number of ordinary workers see them as obstructive to business goals, and would like to see them operate more transparently
-
February 27, 2024
27
Feb'24
How TeamViewer is charting its growth beyond remote connectivity
TeamViewer CEO Oliver Steil outlines the company’s efforts to build on its remote connectivity and control capabilities to support emerging use cases such as smart factories
-
February 27, 2024
27
Feb'24
Black Basta and Bl00dy ransomware gangs exploiting ConnectWise vulns
More ransomware gangs have been observed exploiting two dangerous vulnerabilities in ConnectWise ScreenConnect software, prompting new warnings for users to get patching
-
February 27, 2024
27
Feb'24
VulnCheck bug listing to help track new threats quicker
Exploit intelligence firm VulnCheck launches a proprietary Known Exploited Vulnerabilities catalogue in hopes of improving end-user access to intel on emerging threats and reaching those that the likes of CISA do not
-
February 27, 2024
27
Feb'24
Majority of UK employees ‘willingly gamble’ with security
Human-centric threats originating from employees continue to damage organisations both financially and reputationally, according to a report
-
February 27, 2024
27
Feb'24
Cozy Bear and other APTs changing tack as cloud adoption increases
A change in APT tactics has been observed resulting from greater adoption of cloud-based services, according to the NCSC
-
February 23, 2024
23
Feb'24
ConnectWise users see cyber attacks surge, including ransomware
ConnectWise ScreenConnect users who have yet to patch against a critical vulnerability are now being targeted by a barrage of cyber attacks, including ransomware
-
February 21, 2024
21
Feb'24
CVE volumes set to increase 25% this year
The number of reported Common Vulnerabilities and Exposures is likely to grow significantly in 2024, hitting a new high of almost 35,000, according to Coalition, a cyber insurance specialist
-
February 14, 2024
14
Feb'24
Southern Water customer data was taken in ransomware attack
Southern Water has started to contact customers whose data was stolen in a January 2024 ransomware attack on its systems
-
February 14, 2024
14
Feb'24
Microsoft patches two zero-days for Valentine’s Day
Two security feature bypasses impacting Microsoft SmartScreen are on the February Patch Tuesday docket, among more than 70 issues
-
February 13, 2024
13
Feb'24
Hunter-killer malware volumes seen surging
Latest Picus Security report on malware tactics, techniques and procedures reveals an increasing focus on disabling security defences
-
February 07, 2024
07
Feb'24
NCSC warns CNI operators over ‘living-off-the-land’ attacks
Malicious, state-backed actors may well be lurking in the UK’s most critical networks right now, and their operators may not even know until it is too late, warn the NCSC and its partners
-
February 07, 2024
07
Feb'24
South Staffs Water faces group action over Clop ransomware attack
South Staffordshire Plc, the parent company of South Staffordshire and Cambridge Water, is facing legal action from customers whose data was compromised in a 2022 Clop ransomware attack
-
February 06, 2024
06
Feb'24
UK’s McPartland Cyber Review to probe trust in technology
The UK government has launched a cyber security review that will investigate how best to give businesses the confidence they need to use new technologies
-
February 05, 2024
05
Feb'24
US sanctions Iranians behind CNI cyber attacks
US government issues new sanctions against six Iranians suspected of being behind a series of cyber attacks targeting critical national infrastructure, notably water supply systems
-
January 25, 2024
25
Jan'24
Bugcrowd sees surge in vulnerability submissions, led by public sector
Crowdsourced vulnerability disclosure and bug bounty platform Bugcrowd says it saw a 151% uptick in submissions related to government and public sector organisations in 2023
-
January 24, 2024
24
Jan'24
WebKit vulnerability sparks Apple’s first major security update of 2024
A zero-day in the open source WebKit browser engine that powers Safari has sparked Apple’s first major patch roll-out of the new year
-
January 24, 2024
24
Jan'24
Southern Water confirms cyber attack after Black Basta claims
Southern Water, which supplies millions of customers in southeast England, has confirmed it has fallen victim to a cyber attack, although its services appear to be running normally
-
January 24, 2024
24
Jan'24
AI will heighten global ransomware threat, says NCSC
The benefits of artificial intelligence to cyber criminals being well-known, the NCSC now assesses it’s likely AI will soon be widely used to enhance ransomware attacks
-
January 23, 2024
23
Jan'24
Treat cyber risk like financial or legal issue, says UK government
UK government and NCSC launch proposed code of practice on cyber security governance to help directors and business leaders toughen their defences
-
January 23, 2024
23
Jan'24
Leak of 26 billion records may prove to be ‘mother of all breaches’
The discovery of a dataset comprising 26 billion stolen records may prove to be record-breaking in both its size and the danger it poses to ordinary people
-
January 18, 2024
18
Jan'24
PSTN switch-off threatens access to adult social care services
The Public Switched Telephone Network switch-off is threatening vulnerable Londoners access to adult social care and other vital services, as councils are left to manage the cost without financial support from the centre, says London chief digital ...
-
January 11, 2024
11
Jan'24
Cisco fixes high-impact flaw in unified comms platform
Cisco unified comms customers are urged to patch a critical vulnerability in Unity Connection, a messaging and voicemail product
-
January 10, 2024
10
Jan'24
Windows Kerberos, Hyper-V vulns among January Patch Tuesday bugs
Microsoft starts 2024 right with another slimline Patch Tuesday drop, but there are some critical vulns to be alert to, including a number of man-in-the-middle attack vectors
-
January 09, 2024
09
Jan'24
Babuk Tortilla ransomware decryptor made available
A joint effort between Cisco Talos, Avast and the Dutch police will bring relief to many victims of a variant of the Babuk ransomware known as Tortilla
-
January 04, 2024
04
Jan'24
Celona and Palo Alto partner to enhance private 5G network security
Wireless services specialist Celona and security firm Palo Alto Networks are coming together to enhance device protection for organisations operating private mobile networks
-
January 03, 2024
03
Jan'24
Artificial intelligence to the front in Sweden’s National Technology Strategy
Sweden focuses in on artificial intelligence in its latest far-reaching national IT strategy