News

IT for utilities and energy

• December 22, 2022 22 Dec'22

  Top 10 cyber security stories of 2022

  The war in Ukraine loomed large over the cyber security news agenda, but 2022 also saw growing awareness of open source security, discussion around cyber insurance, and more besides

• December 22, 2022 22 Dec'22

  Top 10 cyber crime stories of 2022

  Cyber crime continued to hit the headlines in 2022, with impactful cyber attacks abounding, digitally enabled fraud ever more widespread and plenty of ransomware incidents

• December 20, 2022 20 Dec'22

  Four-day working week set to stay at Atom bank

  Challenger bank Atom has formalised a four-day working week policy after a successful trial

• December 14, 2022 14 Dec'22

  Advanced Azov data wiper likely to become active threat

  Check Point deep dives into an emergent data wiper strain known as Azov, which is making waves with hundreds of new samples being submitted to VirusTotal daily

• December 14, 2022 14 Dec'22

  Ethical hackers flex their muscles in 2022

  Ethical hackers working through HackerOne programmes found 21% more vulnerabilities in 2022 than in 2021

• December 14, 2022 14 Dec'22

  Microsoft fixes two zero-days in final Patch Tuesday of 2022

  December’s Patch Tuesday is typically a light month for Microsoft, and this year proved no exception, but there are still several critical issues worth addressing, and two zero-days for defenders to pore over

• December 13, 2022 13 Dec'22

  EU issues draft data adequacy decision in favour of US

  The European Commission has concluded that the United States does ensure an adequate level of protection for personal data transferred from the European Union and will now launch the process towards the adoption of an adequacy decision

• December 13, 2022 13 Dec'22

  The nature of the CISO role will be in flux in 2023

  As cyber risk outpaces organisational defences, and cyber attacks and breaches cause more and more damage, the nature of the CISO role is entering a state of flux, according to a report

• December 09, 2022 09 Dec'22

  Iranian APT seen exploiting GitHub repository as C2 mechanism

  A subgroup of the Iran-linked Cobalt Mirage APT group has been caught taking advantage of the GitHub open source project as a means to operate its latest custom malware

• December 08, 2022 08 Dec'22

  Consumers to get new protections against dodgy apps

  Government’s new code of practice will impose new privacy and security measures on app store operators and developers

• December 08, 2022 08 Dec'22

  Apple to tap third party for physical security keys

  Apple is launching a number of new security protections, including the addition of third-party-provided hardware security keys

• December 07, 2022 07 Dec'22

  Google, MS, Oracle vulnerabilities make November ’22 a big month for patching

  Vulnerabilities affecting the likes of Google, Microsoft and Oracle proved particularly troublesome in November

• December 06, 2022 06 Dec'22

  Industrial IoT focus of next NCSC startup challenge

  The NCSC for Startups programme is looking for innovative ideas to encrypt and secure the industrial internet of things

• December 06, 2022 06 Dec'22

  Don’t become an unwitting tool in Russia’s cyber war

  Researchers have turned up evidence that enterprise networks are being co-opted by Russian threat actors to launch attacks against targets in Ukraine. How can you avoid becoming an unwitting tool in a state-backed attack?

• November 30, 2022 30 Nov'22

  South Staffs Water customer data leaked after ransomware attack

  Personal data of water utility’s direct debit customers exposed on the dark web following a Clop ransomware attack

• November 30, 2022 30 Nov'22

  Latest LockBit ransomware versions have wormable capabilities

  Sophos researchers have reverse-engineered the Lockbit 3.0 ransomware, shedding new light on its evolving capabilities and firming up links with BlackMatter

• November 30, 2022 30 Nov'22

  NIS regulations to be extended to cover MSPs

  The UK government is moving ahead with plans to update the Network and Information Systems regulations to bring outsourcers and MSPs into scope

• November 25, 2022 25 Nov'22

  Data management, backup becoming the CISO's responsibility

  More and more CISOs are taking on responsibility for wider data management strategies, and this trend looks set to grow next year

• November 22, 2022 22 Nov'22

  Ducktail spins new tales to hijack Facebook Business accounts

  The increasingly active Ducktail cyber crime operation is refining its operations, seeking new methods to compromise its victims’ Facebook Business accounts

• November 22, 2022 22 Nov'22

  Killnet DDoS hacktivists target Royal Family and others

  Russia-aligned hacktivists targeted multiple UK websites, including those of the Royal Family, in a new campaign of DDoS attacks

• November 22, 2022 22 Nov'22

  C-suite mystified by cyber security jargon

  Malware, supply chain attack, zero-day, IoC, TTP and Mitre ATT&CK are just some of the everyday terms that security pros use that risk making the world of cyber incomprehensible to outsiders

• November 21, 2022 21 Nov'22

  EDF UK deploys Riverbed’s Alluvio Aternity to tackle IT issues

  Monitoring software links into ServiceNow and PowerShell scripts are being used to automate remediation

• November 18, 2022 18 Nov'22

  Is Elon Musk’s Twitter safe, and should you stop using it?

  With a litany of security and compliance issues exposed and in many cases caused by Elon Musk’s takeover of social media platform Twitter, some may be asking if it’s still safe or appropriate to use

• November 17, 2022 17 Nov'22

  Brexit deregulation will make UK next Silicon Valley, vows Hunt

  Chancellor vows to revolutionise how the IT industry is regulated to spur competition, investment and innovation in a technological ‘Big Bang’

• November 17, 2022 17 Nov'22

  Another Log4Shell warning after Iranian attack on US government

  The breach of a US federal body by an Iranian threat actor exploiting the Adobe Log4j Log4Shell vulnerability has prompted a fresh flurry of patching

• November 16, 2022 16 Nov'22

  Global network fragmentation a source of increasing risk

  Risk consultancy’s report says the weaponisation of cyber space and geopolitical clashes herald a breakdown of global networks into distinct regional or national architectures

• November 11, 2022 11 Nov'22

  Volume of self-reported breaches to ICO jumps 30%

  The number of self-reported breaches to the UK’s Information Commissioner’s Office soared by nearly 30% in the 12 months to 30 June 2022

• November 09, 2022 09 Nov'22

  Microsoft serves smorgasbord of six zero-days

  November’s Patch Tuesday fixes significantly fewer vulnerabilities of late, but includes six actively-exploited zero-days, three of them of critical severity

• November 07, 2022 07 Nov'22

  UK climate tech startup investment doubles in 2022

  Climate technology investment has nearly doubled in the UK over the past year and is growing globally, but questions remain over how to scale capacity and whether the necessary change will occur in time to prevent climate catastrophe

• November 04, 2022 04 Nov'22

  Microsoft: Nation-state cyber attacks became increasingly destructive in 2022

  The willingness of nation-state actors to conduct destructive cyber attacks is a source of grave concern, as Microsoft’s latest annual Digital Defence Report lays bare

• November 03, 2022 03 Nov'22

  Microsoft pledges $100m in new IT support for Ukraine

  Microsoft will continue to offer free-of-charge technology support to Ukraine for the foreseeable future

• November 02, 2022 02 Nov'22

  UK spent £6.4m on secret cyber package for Ukraine

  Westminster has revealed for the first time the existence of a previously top-secret security programme that has been helping Ukraine fend off Russian cyber attacks

• November 01, 2022 01 Nov'22

  A third of UK cyber leaders want to quit, report says

  Nearly a third of UK security leaders are considering leaving their current role, and more than half are struggling to keep on top of their workload

• October 31, 2022 31 Oct'22

  Prepare today for potentially high-impact OpenSSL bug

  OpenSSL trailed a critical vulnerability patch last week, which will be only the second such flaw ever found in the open source encryption project. Unfortunately, the first was Heartbleed

• October 27, 2022 27 Oct'22

  LinkedIn adds new features to safeguard user privacy, security

  Social media platform is adding a number of features and systems designed to protect legitimate users from inauthentic profiles and activity

• October 25, 2022 25 Oct'22

  Apple patches new iPhone zero-day

  Apple’s latest patch fixes yet another zero-day, as security issues keep surfacing in its mobile products

• October 25, 2022 25 Oct'22

  Apple puts pressure on manufacturing partners to decarbonise their operations through yearly audits

  Consumer electronics giant wants its global supply chain partners to follow its lead on becoming a carbon-neutral company

• October 25, 2022 25 Oct'22

  Digital-first businesses more willing to accept some fraud

  Companies founded in the past 20 years appear more willing to accept higher levels of fraudulent activity during the customer onboarding process, according to a report

• October 24, 2022 24 Oct'22

  Half of staff might quit after a cyber attack, report says

  Findings from a survey of CISOs, IT leaders and staffers reveal how experiencing a cyber incident may take a larger-than-thought toll on employee retention

• October 21, 2022 21 Oct'22

  Ukrainian and UK IT sectors to deepen collaboration, partnerships

  BCS, the Chartered Institute for IT, and the IT Ukraine Association have signed an MoU to deepen collaboration between the UK and Ukrainian IT sectors, and champion new partnerships and growth opportunities

• October 20, 2022 20 Oct'22

  Cyber professional shortfall hits 3.4 million

  Shortage of cyber security professionals continues to grow and shows no signs of abating, says report

• October 19, 2022 19 Oct'22

  Treat cyber crime as a ‘strategic threat’, UK businesses told

  The government’s new National Cyber Advisory Board aims to help elevate cyber discussion and spur action in the business community

• October 18, 2022 18 Oct'22

  Subpostmaster federation failed its members when they needed it most

  A dereliction of duty saw subpostmaster federation ignore its members when IT problems hit and allowed the Post Office destroy their lives

• October 14, 2022 14 Oct'22

  Office 365 email encryption flaw could pose risk to user privacy

  A vulnerability in Microsoft Office 365 Message Encryption could leave the contents of emails dangerously exposed, but with no fix coming it’s up to users to decide how at risk they are

• October 12, 2022 12 Oct'22

  NCSC urges organisations to secure supply chains

  NCSC’s latest guidance package centres supply chain security, helping medium to large organisations assess and mitigate cyber risks from suppliers

• October 10, 2022 10 Oct'22

  Ukraine and EU explore deeper cyber collaboration

  A Ukrainian delegation has met with officials from the EU’s ENISA cyber agency to explore deeper cooperation on cyber security issues

• October 06, 2022 06 Oct'22

  Tech Nation and PwC launch joint climate tech accelerator

  The Net Zero X programme by Tech Nation and PwC will help climate tech companies to overcome common growth challenges and scale faster

• September 26, 2022 26 Sep'22

  Data analysis and artificial intelligence key industrial strategy missions for Labour

  Shadow business secretary announces Labour’s proposed industrial strategy, in which data would take a central role

• September 21, 2022 21 Sep'22

  NCSC publishes cyber guidance for retailers

  The NCSC has published tailored advice to support online retailers, hospitality providers and utility services in protecting themselves and their customers from cyber crime

• September 15, 2022 15 Sep'22

  Organisations failing to account for digital trust

  The vast majority of businesses are well aware of the importance of digital trust, yet very few have a dedicated staff role responsible for it, report finds