News

IT for utilities and energy

• August 12, 2025 12 Aug'25

  Eight critical RCE flaws make Microsoft’s latest Patch Tuesday list

  Microsoft rolls out fixes for over 100 CVEs in its August Patch Tuesday update

• August 12, 2025 12 Aug'25

  Researchers firm up ShinyHunters, Scattered Spider link

  ReliaQuest researchers present new evidence that firms up a potential link, or outright partnership, between the ShinyHunters and Scattered Spider cyber gangs

• August 12, 2025 12 Aug'25

  UK work visa sponsors are target of phishing campaign

  Mimecast identifies a phishing campaign targeting UK organisations that sponsor migrant workers and students, opening the door to account compromise and visa fraud

• August 06, 2025 06 Aug'25

  Black Hat USA: Startup breaks secrets management tools

  Researchers at Cyata, an agentic identity specialist that has just emerged from stealth, found 14 CVEs in the widely used CyberArk Conjur and HashiCorp Vault enterprise secrets management platforms

• August 06, 2025 06 Aug'25

  Cyber criminals would prefer businesses don’t use Okta

  Okta details a phishing campaign in which the threat actor demonstrated some unusually strong opinions on what authentication methods they would like their targets to use

• August 06, 2025 06 Aug'25

  NCSC updates CNI Cyber Assessment Framework

  Updates to the NCSC’s Cyber Assessment Framework are designed to help providers of critical services better manage their risk profiles

• August 05, 2025 05 Aug'25

  Attacker could defeat Dell firmware flaws with a vegetable

  Cisco Talos discloses five vulnerabilities in cyber security firmware used on Dell Latitude and Precision devices, including one that could enable an attacker to log on with a spring onion

• August 04, 2025 04 Aug'25

  Black Hat USA: Halcyon and Sophos tag-team ransomware fightback

  Ransomware experts Halcyon and Sophos are to pool their expertise in ransomware, working together to enhance data- and intelligence-sharing and bringing more comprehensive protection to customers

• August 04, 2025 04 Aug'25

  Proliferation of on-premise GenAI platforms is widening security risks

  Research finds increased adoption of unsanctioned generative artificial intelligence platforms is magnifying risk and causing a headache for security teams

• July 30, 2025 30 Jul'25

  Scattered Spider tactics continue to evolve, warn cyber cops

  CISA, the FBI, NCSC and others have clubbed together to update previous guidance on Scattered Spider's playbook, warning of new social engineering tactics and exploitation of legitimate tools, among other things

• July 30, 2025 30 Jul'25

  MS Authenticator users face passkey crunch time

  The deadline for moving to passkeys in Microsoft Authenticator is rapidly approaching, and users are advised to take action now

• July 30, 2025 30 Jul'25

  AI-enabled security pushes down breach costs for UK organisations

  Organisations that are incorporating AI and automation into their cyber security practice are seeing improved outcomes when incidents occur, according to an IBM study

• July 29, 2025 29 Jul'25

  Global cyber spend will top $200bn this year, says Gartner

  Worldwide spending on cyber security will hit another record high in 2025, and will go higher still next year

• July 28, 2025 28 Jul'25

  European digital market figurehead pleads to Westminster

  Big EU industry joins with Europhile MP to persuade obstinate government officials to join the dataspaces intended to become the bedrock of Europe’s digital single market

• July 24, 2025 24 Jul'25

  SharePoint users hit by Warlock ransomware, says Microsoft

  Microsoft’s security analysts confirm a number of cyber attacks on on-premise SharePoint Server users involve ransomware

• July 24, 2025 24 Jul'25

  Dutch researchers use heartbeat detection to unmask deepfakes

  Dutch method to counter deepfakes analyses blood flow patterns in faces that current deepfake generation tools cannot yet replicate

• July 22, 2025 22 Jul'25

  Microsoft confirms China link to SharePoint hacks

  Microsoft confirms two known China-nexus threat actors, and one other suspected state-backed hacking group, are exploiting vulnerabilities in SharePoint Server

• July 22, 2025 22 Jul'25

  Chinese cyber spies among those linked to SharePoint attacks

  Exploitation of the ToolShell RCE zero-day in Microsoft SharePoint continues to gather pace, with evidence emerging of exploitation by nation state-backed threat actors

• July 22, 2025 22 Jul'25

  UK government to bring in ransomware payment ban

  Critical infrastructure operators, hospitals, local councils and schools will be among those banned from giving in to cyber criminal demands as the UK moves forward with proposals to address the scourge of ransomware

• July 21, 2025 21 Jul'25

  Patch ToolShell SharePoint zero-day immediately, says Microsoft

  The active exploitation of a dangerous zero-day vulnerability chain in Microsoft SharePoint – which was disclosed over the weekend – is underway. Immediate action is advised

• July 21, 2025 21 Jul'25

  The Security Interviews: Jason Nurse, University of Kent

  Jason Nurse, reader in cyber security at the University of Kent, discusses the psychological side of cyber and online safety, why placing blame on users as ‘the weakest link’ is wrong – and why security pros should think about user needs more

• July 18, 2025 18 Jul'25

  Is history repeating itself with the government’s push to open public sector cloud deals to SMEs?

  The UK government wants to help public sector IT buyers do away with legacy tech and migrate to the cloud, with the help of a soon-to-be-launched procurement marketplace. But haven’t we heard all this before?

• July 16, 2025 16 Jul'25

  Scattered Spider playbook evolving fast, says Microsoft

  Microsoft warns users over notable evolutions in Scattered Spider’s attack playbook, and beefs up some of the defensive capabilities it offers to customers in response

• July 15, 2025 15 Jul'25

  UKtech50 2025: The most influential people in UK technology

  Computer Weekly has announced the 15th annual UKtech50 – our definitive list of the movers and shakers in the UK tech sector

• July 15, 2025 15 Jul'25

  Current approaches to patching unsustainable, report says

  Organisations are struggling to prioritise vulnerability patching appropriately, leading to situations where everything is a crisis, which helps nobody, according to a report

• July 14, 2025 14 Jul'25

  Brits clinging to Windows 10 face heightened risk, says NCSC

  Businesses and consumers alike may not feel the need to upgrade to Windows 11 as its predecessor approaches end-of-life, but they are putting their own security at risk, says the NCSC

• July 11, 2025 11 Jul'25

  MoD supply chain cyber scheme gets up and running

  The Ministry of Defence and IASME have launched a certification scheme for organisations working in the UK defence supply chain, with construction firm Morgan Sindall the first business to achieve compliance

• July 10, 2025 10 Jul'25

  UK and France forge closer cyber, tech research ties

  The navigation and timing systems used by power suppliers and emergency services to run their operations will fall in scope of an Anglo-French research pact that will also foster development in AI and supercomputing

• July 08, 2025 08 Jul'25

  July Patch Tuesday brings over 130 new flaws to address

  Microsoft patched well over 100 new common vulnerabilities and exposures on the second Tuesday of the month, but its latest update is mercifully light on zero-days

• July 02, 2025 02 Jul'25

  US CISA agency extends Iran cyber alert, warns of CNI threat

  The US Cybersecurity and Infrastructure Security Agency reiterates guidance for operators of critical national infrastructure as it eyes the possibility of cyber attacks from Iran

• July 02, 2025 02 Jul'25

  Google fixes type confusion flaw in Chrome browser

  An actively exploited type confusion vulnerability in the Google Chrome web browser needs immediate attention from users

• July 02, 2025 02 Jul'25

  Dutch study uncovers cognitive biases undermining cyber security board decisions

  Dutch research reveals how cognitive biases can lead to catastrophic security decisions

• June 24, 2025 24 Jun'25

  UK ransomware costs significantly outpace other countries

  UK organisations hit by ransomware attacks paid much higher ransoms than in other countries over the past 12 months, according to study

• June 23, 2025 23 Jun'25

  Widening Middle Eastern war increases cyber risk

  With the entry of the US into the widening Middle Eastern conflict, cyber risk is likely to increase across the board

• June 20, 2025 20 Jun'25

  Cyber Essentials certifications rising slowly but steadily

  The number of businesses attaining the NCSC Cyber Essentials certification continues to increase, but much more can be done to raise awareness of the scheme

• June 20, 2025 20 Jun'25

  Dutch cloud pioneers face the hard limits of digital sovereignty

  The Netherlands’ ambitious talk of digital independence meets the unforgiving economics of global cloud dominance

• June 17, 2025 17 Jun'25

  UKtech50: Vote for the most influential person in UK technology

  Our judges have selected the top 50 leaders from a shortlist of nearly 500 people – now it’s your chance to tell us who you think is the most influential person in UK technology

• June 12, 2025 12 Jun'25

  UKtech50 2025: the longlist of the UK’s influential tech leaders

  Each year, Computer Weekly launches a search for the most influential people in UK IT, asking the tech community who it thinks should be in the top 50 – here is the longlist of everyone nominated for 2025

• June 12, 2025 12 Jun'25

  Sweden gets help pulling its sovereign AI socks up

  Urgent government calls for more high-powered sovereign computers to fulfil Swedish goal of building a more powerful AI industry answered by foreign financiers, US tech and Europe’s AI emergency fund

• June 11, 2025 11 Jun'25

  NHS IT the big winner in Reeves’ Spending Review

  The chancellor of the exchequer has significantly upped spending on digital and technology initiatives in the current Spending Review period, with the NHS receiving a 50% tech funding increase

• June 11, 2025 11 Jun'25

  June Patch Tuesday brings a lighter load for defenders

  Barely 70 vulnerabilities make the cut for Microsoft’s monthly security update, but an RCE flaw in WEBDAV and an EoP issue in Windows SMB Client still warrant close attention

• June 04, 2025 04 Jun'25

  NCSC sets out how to build cyber safe cultures

  The UK’s National Cyber Security Centre has published guidance for security teams and leaders on how to foster accessible and appropriate cyber security cultures in their organisations

• May 27, 2025 27 May'25

  Armed forces charity steps in to address cyber mental health crisis

  CIISec and military charity PTSD Resolution hope to address a gathering mental health crisis among frontline cyber professionals

• May 22, 2025 22 May'25

  Microsoft raises posse to target dangerous Lumma malware

  Microsoft, along with a consortium of partners, has seized and disrupted a significant part of the Lumma malware-as-a-service network used to steal data and funds

• May 21, 2025 21 May'25

  Ransomware attacks dropped by a third last month

  Reported ransomware attacks eased off during April following a dramatic spike in the first quarter of 2025

• May 16, 2025 16 May'25

  Mid-career professionals must learn to understand and use AI as GenAI tips balance

  Whether in the finance, IT or legal sectors, artificial intelligence will change the way businesses operate and how their people work

• May 13, 2025 13 May'25

  May Patch Tuesday brings five exploited zero-days to fix

  Microsoft fixes five exploited, and two publicly disclosed, zero-days in the fifth Patch Tuesday update of 2025

• May 08, 2025 08 May'25

  US tells CNI orgs to stop connecting OT kit to the web

  US authorities have released guidance for owners of critical national infrastructure in the face of an undisclosed number of cyber incidents

• May 07, 2025 07 May'25

  Oxford Uni adds cyber resilience module to MBA programme

  Oxford University’s Saïd Business School is working with cyber response specialist Sygnia to help future business leaders get on top of security

• May 07, 2025 07 May'25

  UK hands Indian IT suppliers competitive boost in trade deal

  Trade deal will exempt IT workers from India from paying National Insurance contributions for three years