News
IT for utilities and energy
-
January 29, 2025
29
Jan'25
Vallance rejects latest charge to reform UK hacking laws
Science minister Patrick Vallance rejects proposed amendments to the Computer Misuse Act, arguing that they could create a loophole for cyber criminals to exploit
-
January 28, 2025
28
Jan'25
Concerns over Fujitsu billing application used at SSE Airtricity in Republic of Ireland
Under-scrutiny IT services firm has escalated fears over problems with one of its applications, used at a Republic of Ireland energy firm, to its headquarters in Japan
-
January 27, 2025
27
Jan'25
Cyber incident that closed British Museum was inside job
An IT incident that disrupted visitor access to the British Museum last week was the work of a disgruntled contractor who had been let go
-
January 22, 2025
22
Jan'25
Privacy professionals expect budget cuts, lack confidence
Over 50% of privacy professionals in Europe expect to see less money earmarked for data security initiatives in 2025, and many don’t have faith their organisations are taking the issue seriously, according to an ISACA report
-
January 22, 2025
22
Jan'25
Funksec gang turned up ransomware heat in December
The criminal ransomware fraternity was hard at work over the festive period, with attack volumes rising and a new threat actor emerging on the scene
-
January 15, 2025
15
Jan'25
Government, Nesta and ODI issue £600k smart data challenge to technologists
Department for Business and Trade, Challenge Works and the Open Data Institute have issued a Smart Data Challenge to app developers and entrepreneurs with a total prize fund of £600,000
-
January 15, 2025
15
Jan'25
Biggest Patch Tuesday in years sees Microsoft address 159 vulnerabilities
The largest Patch Tuesday of the 2020s so far brings fixes for more than 150 CVEs ranging widely in their scope and severity – including eight zero-day flaws
-
January 13, 2025
13
Jan'25
UK government plans to extend ransomware payment ban
A ban on ransomware payments by UK government departments will be extended to cover organisations such as local councils, schools and the NHS should new government proposals move forward
-
January 13, 2025
13
Jan'25
CNI operators should ask these 12 questions of their OT suppliers
The NCSC, CISA and others have set out 12 cyber security considerations CNI organisations and other users of operational technology should incorporate into their buying processes to force their suppliers to do better
-
January 10, 2025
10
Jan'25
Mandiant: Latest Ivanti vulns exploited by Chinese cyber spooks
Threat actors are once again lining up to exploit vulnerabilities in the widely used Ivanti product suite, with an apparent link to Chinese espionage activity
-
January 03, 2025
03
Jan'25
US Treasury incident a clear warning on supply chain security in 2025
A cyber incident at the US Department of the Treasury – blamed on a Chinese state actor – raises fresh warnings about supply chain risk after it was found to have originated via vulnerabilities in a remote tech support product
-
December 19, 2024
19
Dec'24
LockBit ransomware gang teases February 2025 return
An individual associated with the LockBit ransomware gang has broken cover to tease details of a new phase of the cyber criminal operation's activity, which they claim is set to begin in February 2025
-
December 19, 2024
19
Dec'24
Latest attempt to override UK’s outdated hacking law stalls
Amendments to the Data Bill that would have given the UK cyber industry a boost by updating restrictive elements of the Computer Misuse Act have failed to progress beyond a Lords committee
-
December 18, 2024
18
Dec'24
The Security Interviews: Martin Lee, Cisco Talos
Threat intel expert and author Martin Lee, EMEA technical lead for security research at Cisco Talos, joins Computer Weekly to mark the 35th anniversary of the first ever ransomware attack
-
December 18, 2024
18
Dec'24
Top 10 cyber security stories of 2024
Data breaches, data privacy and protection, and the thorny issue of open source security were all hot topics this year. Meanwhile, security companies frequently found themselves hitting the headlines, and not always for good reasons. Here are ...
-
December 18, 2024
18
Dec'24
Top 10 cyber crime stories of 2024
From ransomware targeting the NHS to nation-state-backed intrusions, 2024 was another big year for cyber criminals and cyber spooks alike, but they didn't have it all their own way as the good guys fought back
-
December 13, 2024
13
Dec'24
Computer Misuse Act reform gains traction in Parliament
An amendment to the proposed Data (Access and Use) Bill that will right a 35-year-old wrong and protect security professionals from criminalisation is to be debated at Westminster
-
December 12, 2024
12
Dec'24
Emerging Ymir ransomware heralds more coordinated threats in 2025
A newly observed ransomware strain has the community talking about more collaboration, and blurred lines, between threat groups next year, according to NCC’s monthly cyber barometer
-
December 10, 2024
10
Dec'24
Dangerous CLFS and LDAP flaws stand out on Patch Tuesday
Microsoft has fixed over 70 CVEs in its final Patch Tuesday update of the year, and defenders should prioritise a zero-day in the Common Log File System Driver, and another impactful flaw in the Lightweight Directory Access Protocol
-
December 10, 2024
10
Dec'24
iOS vuln leaves user data dangerously exposed
Jamf threat researchers detail an exploit chain for a recently patched iOS vulnerability that enables a threat actor to steal sensitive data, warning that many organisations are still neglecting mobile updates
-
December 03, 2024
03
Dec'24
Australian utilities explore potential of AI
Australia’s utilities sector is exploring and implementing AI to enhance grid stability, manage rooftop solar and prepare for the influx of electric vehicles
-
December 02, 2024
02
Dec'24
NCSC boss calls for ‘sustained vigilance’ in an aggressive world
NCSC CEO Richard Horne is to echo wider warnings about the growing number and severity of cyber threats facing the UK as he launches the security body’s eighth annual report
-
November 26, 2024
26
Nov'24
Sellafield operator opens dedicated cyber centre
The UK’s Nuclear Decommissioning Authority has opened a cyber security centre spanning its activities across the nuclear sector
-
November 26, 2024
26
Nov'24
Russian threat actors poised to cripple power grid, UK warns
UK government escalates cyber rhetoric in a speech at a Nato event, saying Russian advanced persistent threats stand ready to conduct cyber attacks that could ‘turn off the lights for millions’
-
November 25, 2024
25
Nov'24
Microsoft calls on Trump to ‘push harder’ on cyber threats
Microsoft’s Brad Smith urges president-elect Donald Trump to keep the faith when it comes to fighting back against hostile cyber actors from China, Iran and Russia
-
November 25, 2024
25
Nov'24
Geopolitical strife drives increased ransomware activity
The lines between financially motivated cyber criminals and nation state APTs are rapidly blurring, as geopolitical influences weigh heavily on the threat landscape, according to data from NCC
-
November 21, 2024
21
Nov'24
BianLian cyber gang drops encryption-based ransomware
The Australian and American cyber authorities have published updated intelligence on the BianLian ransomware gang, which has undergone a rapid evolution in tactics
-
November 21, 2024
21
Nov'24
Microsoft slaps down Egyptian-run rent-a-phish operation
Microsoft’s Digital Crimes Unit has conducted a successful takedown of almost 250 malicious websites used in the cyber criminal ONNX phishing-as-a-service operation
-
November 21, 2024
21
Nov'24
Fujitsu snubbed on private sector deal with Centrica due to Post Office scandal backlash
Centrica board said to be concerned about contracting Fujitsu due to its involvement in the Post Office scandal
-
November 20, 2024
20
Nov'24
Apple addresses two iPhone, Mac zero-days
Two zero-day vulnerabilities uncovered in Apple’s operating systems could have allowed for arbitrary code execution and cross-site scripting attacks
-
November 18, 2024
18
Nov'24
AWS widening scope of MFA programme after early success
AWS reports strong take-up of multi-factor authentication among customers since making it compulsory for root users earlier this year, and plans to expand the scope of its IAM programme in spring 2025
-
November 15, 2024
15
Nov'24
Microsoft UAE power deal at centre of US plan for AI supremacy
Microsoft pens artificial intelligence energy deal with United Arab Emirates oil giant ADNOC
-
November 13, 2024
13
Nov'24
China’s Volt Typhoon rebuilds botnet in wake of takedown
Nine months after its malicious botnet comprising legacy routers was disrupted by the Americans, Chinese APT Volt Typhoon is rebuilding and presents as persistent a threat as ever
-
November 12, 2024
12
Nov'24
Microsoft fixes 89 CVEs on penultimate Patch Tuesday of 2024
High-profile vulns in NTLM, Windows Task Scheduler, Active Directory Certificate Services and Microsoft Exchange Server should be prioritised from November’s Patch Tuesday update
-
November 12, 2024
12
Nov'24
Zero-day exploits increasingly sought out by attackers
Threat actors increasingly favour zero-day exploits to attack their victims before patches become available, according to the NCSC and CISA, which have just published a list of the most widely used vulnerabilities of 2023
-
November 07, 2024
07
Nov'24
Google Cloud MFA enforcement meets with approval
Latest Google Cloud policy to enforce multifactor authentication across its user base is welcomed by security professionals
-
November 07, 2024
07
Nov'24
AI a force multiplier for the bad guys, say cyber pros
CIISec’s annual report on the security profession finds evidence of growing concern that artificial intelligence will ultimately prove more useful to threat actors than defenders
-
November 01, 2024
01
Nov'24
CISA looks to global collaboration as fraught US election begins
The US' CISA cyber agency has unveiled a two-year International Strategic Plan to advance collaboration and improve resilience against shared risks and threats
-
October 29, 2024
29
Oct'24
EMEA businesses siphoning budgets to hit NIS2 goals
With NIS2 now in effect, European business leaders are having to divert budget from elsewhere to achieve compliance
-
October 22, 2024
22
Oct'24
Danish government reboots cyber security council amid AI expansion
Denmark’s government relaunches digital security initiative to protect business sectors and society at large
-
October 10, 2024
10
Oct'24
How Recorded Future finds ransomware victims before they get hit
Threat intel specialists at Recorded Future have shared details of newly developed techniques they are using to disrupt Rhysida ransomware attacks before the gang even has a chance to execute them
-
October 09, 2024
09
Oct'24
Five zero-days to be fixed on October Patch Tuesday
Stand-out vulnerabilities in Microsoft’s latest Patch Tuesday drop include problems in Microsoft Management Console and the Windows MSHTML Platform
-
October 08, 2024
08
Oct'24
Secureworks: Ransomware takedowns didn’t put off cyber criminals
The number of active cyber criminal ransomware gangs has surged by almost a third in the space of 12 months, according to the latest intelligence from Secureworks
-
October 08, 2024
08
Oct'24
UK’s cyber incident reporting law to move forward in 2025
The UK government says that enforced cyber incident and ransomware reporting for critical sectors of the economy will help to build a better picture of the threat landscape and enable more proactive and preventative responses
-
October 04, 2024
04
Oct'24
NCSC celebrates eight years as Horne blows in
Outgoing NCSC interim leader Felicity Oswald shares her thoughts on the body’s work over the past eight years as she hands over the reins to incoming CEO Richard Horne
-
October 04, 2024
04
Oct'24
Cups Linux printing bugs open door to DDoS attacks, says Akamai
The Cups Linux printing vulnerabilities disclosed at the end of September would seem to have a nasty sting in their tail, according to researchers at Akamai
-
October 03, 2024
03
Oct'24
SOC teams falling out of love with threat detection tools
Security operations centre practitioners are fed up of being flooded with pointless alerts and many no longer have much confidence in their threat detection tools, according to a report
-
October 01, 2024
01
Oct'24
Cyber teams say they can’t keep up with attack volumes
Over 60% of European security pros say their teams are understaffed, and over 50% don’t have enough budget, according to data from ISACA
-
September 24, 2024
24
Sep'24
Unique malware sample volumes seen surging
BlackBerry’s latest ‘Global threat intelligence’ report details a surge in unique malware samples as threat actors ramp up the pace of targeted attacks
-
September 18, 2024
18
Sep'24
Dreamforce 24: Salesforce taps Nvidia to power Agentforce
At Dreamforce in San Francisco, Salesforce and Nvidia detail some of the tech that will power the software giant's newly launched Agentforce service