News
IT governance
-
March 01, 2021
01
Mar'21
Digital secretary Dowden outlines UK post-Brexit data approach
The UK government is searching for a new information commissioner with an updated remit to use data to support growth and innovation, and plans on reaching new international data partnerships
-
March 01, 2021
01
Mar'21
Covid accelerates Bradford University remote working project
Pandemic injected fuel into university’s existing project to introduce remote working
-
February 25, 2021
25
Feb'21
NCSC Cyber Action Plan emphasises SME security
NCSC self-assessment tool launched to help sole traders and micro-businesses tackle their cyber security challenges
-
February 25, 2021
25
Feb'21
GCHQ sets out rules of the road for AI in cyber
A paper produced by GCHQ shows how the intelligence agency can use artificial intelligence responsibly as a tool to protect the UK’s national security
-
February 25, 2021
25
Feb'21
Tech-enabled hybrid working enables HSBC to cut 40% of its global office space
Bank is making huge reductions in the amount of office space it uses through a global hybrid-working policy
-
February 25, 2021
25
Feb'21
MHRA and other agencies to offer new resources for scam victims
New landing page resources will replace .uk domains suspended for criminal activity to help members of the public access appropriate guidance
-
February 25, 2021
25
Feb'21
IR35 private sector reforms: What IT contractors need to know
Computer Weekly asks contracting experts to answer questions about PSC bans, compliant umbrella companies and challenging status determinations, with the latest IR35 reforms coming into place
-
February 24, 2021
24
Feb'21
Vaccine passports prove an ethical minefield
Privacy campaigners warn that vaccine passports may turn out to be discriminatory and invasive, while technologists agree careful consideration must be given to their design
-
February 24, 2021
24
Feb'21
Is Clubhouse safe, and should CISOs stop its use?
With more concerns being raised over the privacy and security of social media app Clubhouse, we consider whether security teams should consider restricting or stopping employees from using it
-
February 24, 2021
24
Feb'21
Internet companies should provide real-time data on disinformation, Lords told
Fact-checking experts tell House of Lords inquiry that upcoming Online Safety Bill should force internet companies to provide real-time information on suspected disinformation, and warn against over-reliance on AI-powered algorithms to moderate ...
-
February 24, 2021
24
Feb'21
Businesses forced to ask IT service providers for help during pandemic
IT service providers have been approached by long-time enterprise customers asking for price cuts due to the impact of the pandemic
-
February 24, 2021
24
Feb'21
Bombardier is latest victim of Accellion supply chain attack
Canadian aviation company joins the growing list of Accellion breach victims
-
February 24, 2021
24
Feb'21
Warning on security risk from virtual events platforms
Vulnerabilities found in virtual events platforms could form part of a variant supply chain attack
-
February 23, 2021
23
Feb'21
XDR makes cyber a Stroll in the park for Aston Martin F1
Aston Martin Cognizant Formula One team will run SentinelOne’s Singularity XDR platform under the bonnet
-
February 23, 2021
23
Feb'21
AI powers reputational damage insurance policy
Reputational damage has an immediate impact on a company’s share price, and brand loyalty built over many years can be lost in an instant
-
February 23, 2021
23
Feb'21
CyberScotland offers centralised security resource hub
Newly launched partnership brings together security resources for individuals and organisations across Scotland
-
February 22, 2021
22
Feb'21
Microphones, smartphones, laptops among items stolen from BBC
A total of 105 devices have been stolen from the BBC in the past two years, some of which may have been spirited away by remote workers
-
February 22, 2021
22
Feb'21
Pandemic has exposed fractures in cyber fraud strategy
RUSI report urges a bolder and more coordinated response to cyber-enabled fraud as the pandemic lays bear the scale of the problem
-
February 19, 2021
19
Feb'21
European Commission proposes UK data adequacy agreement
The publication of two draft data adequacy decisions brings the UK closer to a final positive decision, which will enable the continued free flow of data between the EU and the UK if green-lit by member states
-
February 19, 2021
19
Feb'21
NCSC cyber defence scheme blocked thousands of scams in 2019
The NCSC has reported another productive year for its Active Cyber Defence programme
-
February 19, 2021
19
Feb'21
Biden will act on cyber security to fix SolarWinds mess
US will take action to modernise its defences in the wake of the SolarWinds attack, says US government cyber lead Anne Neuberger
-
February 18, 2021
18
Feb'21
Swedish police fined for unlawful use of facial-recognition app
Sweden’s data watchdog has found that Swedish police failed to conduct the data protection checks required by law before using controversial facial-recognition tool
-
February 18, 2021
18
Feb'21
HMRC accused of 'utter hypocrisy' over use of IT contractors enrolled in tax avoidance schemes
Campaign group calls for HMRC to face an investigation, while accusing the department of ‘utter hypocrisy’ for using IT contractors enrolled in disguised remuneration schemes
-
February 18, 2021
18
Feb'21
2020 a record year for cyber, thanks to Covid
The UK’s cyber industry now employs close to 50,000 people and contributes billions to the economy
-
February 18, 2021
18
Feb'21
Assessing UK law enforcement data adequacy
Data protection experts discuss the consequences of achieving data adequacy between the UK and EU for the UK’s intelligence services and criminal justice sector
-
February 17, 2021
17
Feb'21
North Korean Lazarus Group hackers indicted in US
Charges filed relate to Lazarus Group’s long-running cyber crime spree, including financial theft and extortion, WannaCry malware and the cyber attack on Sony Pictures
-
February 17, 2021
17
Feb'21
Egregor ransomware arrests confirmed
Authorities confirm that they have arrested an undisclosed number of cyber criminals associated with the Egregor ransomware
-
February 17, 2021
17
Feb'21
Emotional intelligence, empathy increasingly valued in CISOs
The pandemic has highlighted the value of soft skills, rather than technical ones, in security
-
February 17, 2021
17
Feb'21
Law firm and cyber criminals clash over source of stolen data
Cyber attack victim Jones Day says its data was stolen in a supply chain attack, but the gang holding it to ransom disagrees
-
February 16, 2021
16
Feb'21
North Korea accused of Pfizer Covid vaccine cyber attack
South Korean intelligence pins a recent attack on Pfizer, targeting information on coronavirus vaccines, on its neighbour
-
February 16, 2021
16
Feb'21
RDP, SSH exposures off the charts thanks to remote working
The Covid-19 pandemic has had an impact on the prevalence of certain vulnerabilities in the wild, according to a report
-
February 16, 2021
16
Feb'21
Egregor ransomware associates arrested amid disruption
Undisclosed number of arrests made in Ukraine after investigators tracked bitcoin ransom payments
-
February 15, 2021
15
Feb'21
Post Office to offer digital ID services to customers
Post Office partnership with Yoti is intended to expand customer choice as to how people prove their identity when accessing services
-
February 12, 2021
12
Feb'21
UK border surveillance regime highly privatised, says Privacy International
Research from Privacy International raises concerns about the deep involvement of technology companies in the development and deployment of various technologies throughout the UK’s border regime, along with the lack of scrutiny they receive
-
February 11, 2021
11
Feb'21
Hacked Finnish therapy business collapses
Vastaamo, the Finnish psychotherapy centre whose patients were blackmailed by a cyber criminal gang, has filed for bankruptcy
-
February 11, 2021
11
Feb'21
Low-complexity CVEs a growing concern
Analysis of thousands of CVEs logged with NIST in 2020 reveals some unwelcome developments
-
February 10, 2021
10
Feb'21
HelloKitty almost certainly behind CD Projekt ransomware attack
Theories that the cyber attack on a high-profile gaming studio was orchestrated by players who are disappointed in a videogame are likely wide of the mark, according to analysis
-
February 10, 2021
10
Feb'21
Windows 10, Server 2019 users must patch serious zero-day
Another dangerous zero-day exploit is among 56 vulnerabilities patched by Microsoft in February’s Patch Tuesday update
-
February 10, 2021
10
Feb'21
Sim-swapping crooks targeted celebrities, influencers
Eight arrests have been made in England and Scotland in connection with a series of Sim-swapping attacks targeting high-profile victims
-
February 10, 2021
10
Feb'21
Tech sector calls for renewed cooperation in global digital tax talks
Industry groups want renewed multilateral negotiations between countries about taxation of the digital economy in the wake of Joe Biden’s election as US president
-
February 09, 2021
09
Feb'21
Oracle claims major win in Australian public sector
Australian Data Centres will deploy Oracle’s Dedicated Region Cloud@Customer to host cloud services for the federal government
-
February 09, 2021
09
Feb'21
Data breaches are a ticking timebomb for consumers
Damage from data breaches goes far beyond the impact to the target organisation – an obvious fact that is too often overlooked, says F-Secure
-
February 09, 2021
09
Feb'21
Cyberpunk 2077 developer refuses to pay up after ransomware attack
Polish video game developer CD Projekt has released details of a ransomware attack on its systems
-
February 09, 2021
09
Feb'21
‘Batman Begins’ cyber attack is a warning to CNI providers
A thwarted cyber attack in a Florida town that could have resulted in the poisoning of the water supply is a timely reminder of the vulnerability of critical services
-
February 09, 2021
09
Feb'21
NHS reports fewer phishing emails in 2020
The NHSmail email service saw a steady decline in suspected phishing emails during the course of 2020
-
February 08, 2021
08
Feb'21
UK Cyber Security Council to take charge of skills strategy
New government-backed body will be set up to boost careers opportunities and professional standards in the cyber security sector
-
February 08, 2021
08
Feb'21
Interview: Robert Opp, chief digital officer, United Nations Development Programme
Chief digital officer of the United Nations Development Programme talks about the relationship between digital technologies and sustainability, and how it can be used for a more environmentally-friendly and inclusive future
-
February 08, 2021
08
Feb'21
Too few UK organisations offering cyber training for remote work
Nearly a year into the pandemic, a study reveals a concerning tendency for organisations not to bother offering security training for remote workers
-
February 08, 2021
08
Feb'21
Data of thousands of Dutch citizens leaked from government Covid-19 systems
Weak access controls and outdated systems blamed for leaking of the personal details of thousands of Dutch citizens tested for Covid-19
-
February 08, 2021
08
Feb'21
Sweden to establish national cyber security centre
Sweden becomes latest Nordic state to establish a national cyber security centre as the threat landscape grows
-
February 05, 2021
05
Feb'21
Security firm Stormshield loses source code in cyber attack
Source code from two products developed by French cyber security firm was compromised in a December 2020 incident
-
February 04, 2021
04
Feb'21
Woodland Trust hit by cyber attack in December
Conservation charity is investigating what it describes as a ‘sophisticated’ cyber attack but has waited nearly two months to inform its members
-
February 04, 2021
04
Feb'21
Fraud and cyber crime still vastly under-reported
The scale of digitally enabled crime in the UK is dramatically under-reported, new statistics indicate
-
February 03, 2021
03
Feb'21
Crypto malware targets Kubernetes clusters, say researchers
Newly identified Hildegaard malware targets Kubernetes clusters and seems to herald a new campaign from the TeamTNT gang
-
February 03, 2021
03
Feb'21
Foxtons rejects claims of slow reaction to data leak
Investigators have unearthed 16,000 data records that seem to have been stolen in an attack on property firm Foxtons last year, but the organisation says it acted by the book in dealing with the incident
-
February 03, 2021
03
Feb'21
‘Classic’ Cerber ransomware targets health sector in high volumes
Cerber ransomware-as-a-service seems to have re-emerged as one of the most critical cyber threats facing healthcare organisations, reports VMware Carbon Black
-
February 03, 2021
03
Feb'21
SolarWinds patches two critical CVEs in Orion platform
New vulnerabilities disclosed as SolarWinds reels from December 2020 Solorigate/Sunburst attack – but do not appear to have been exploited yet
-
February 01, 2021
01
Feb'21
Serco confirms Babuk ransomware attack
Outsourcing firm was hit by the ransomware last week but insists most of its operations are running as normal
-
February 01, 2021
01
Feb'21
UKRI suspends services after ransomware attack
UK Research and Innovation was hit by an undisclosed strain of ransomware at the end of January
-
February 01, 2021
01
Feb'21
IR35 private sector reforms: Zurich Insurance under fire over contractor blanket ban
Zurich Insurance is the latest high-profile financial services company to declare contractors can only continue to engage with it via umbrella setups from April 2021, ahead of the IR35 rules coming into force
-
February 01, 2021
01
Feb'21
CISOs invisible to their organisations, says BT report
Ignorance of cyber issues is leading to misplaced confidence in security in many organisations, as CISOs struggle to make themselves seen and heard
-
February 01, 2021
01
Feb'21
SBRC picks Check Point to support cyber helpline
The Scottish Business Resilience Centre has enlisted Check Point as the first security supplier to join its incident response partnership programme
-
January 29, 2021
29
Jan'21
Hunting and anti-hunting groups locked in tit-for-tat row over data gathering
The leaking of internal documents has prompted a row between pro- and anti-hunting groups about the legality of the other’s data collection practices
-
January 29, 2021
29
Jan'21
Biometrics ethics group addresses public-private use of facial recognition
Home Office’s Biometrics and Forensics Ethics Group releases briefing note on the use of live facial recognition in public–private collaborations following a year-long investigation
-
January 29, 2021
29
Jan'21
Revealed: Brits who fuelled ‘vicious’ conspiracy theory by Trump supporters
Trump supporters have apologised and paid millions in damages to the family of murdered Democratic Party staffer Seth Rich for promoting false allegations that Rich – not Russian agents – stole emails from the Democratic National Committee
-
January 29, 2021
29
Jan'21
Manufacturing particularly at risk of Solorigate-linked breaches
Every fifth victim of the SolarWinds Solorigate/Sunburst attack was a manufacturing organisation, say researchers
-
January 27, 2021
27
Jan'21
Pandemic response has improved privacy posture, says Cisco
Data privacy seems to be ‘coming of age’ to some extent and organisational responses to Covid-19 may be partly responsible, according to a report
-
January 27, 2021
27
Jan'21
Mimecast breach was work of SolarWinds attackers
Mimecast’s investigation into a January 2021 breach of its systems turns up evidence that the culprit was the same group that targeted SolarWinds in December
-
January 27, 2021
27
Jan'21
Emotet botnet goes offline as cops seize servers
The Emotet botnet has been disrupted and knocked offline after a major international effort by law enforcement
-
January 27, 2021
27
Jan'21
Grindr complaint results in €9.6m GDPR fine
Norway’s data protection authority plans to apply a fine totalling 10% of LGBTQ+ dating app Grindr’s revenues over its data sharing practices
-
January 27, 2021
27
Jan'21
Emergency Apple updates patch exploited zero-days
Three vulnerabilities could give attackers full control of their target Apple devices, and must be patched immediately
-
January 26, 2021
26
Jan'21
Conservatives broke data law to racially profile millions
The Conservative Party acted illegally in collecting data that inferred voters’ ethnicity and religious background, a Select Committee has heard
-
January 26, 2021
26
Jan'21
North Korean state attacks legitimate security researchers
Threat researchers specialising in vulnerability research and development appear to be being targeted by a North Korean state-backed group
-
January 26, 2021
26
Jan'21
ICO extends commissioner Denham’s term of office
Extension of Elizabeth Denham’s tenure as information commissioner will give the government more time to appoint her successor
-
January 26, 2021
26
Jan'21
Cyber fraud a national security issue, says Rusi report
A report from the Rusi think tank calls for fresh approaches to how we think about fighting fraud
-
January 22, 2021
22
Jan'21
ICO resumes adtech investigation
The UK Information Commissioner’s Office was criticised for ending its investigation into alleged malpractice in advertising technology, but has now resumed its probe
-
January 22, 2021
22
Jan'21
Sepa data leaks as agency resists ransom demands
The Scottish Environment Protection Agency is resisting extortion demands from a ransomware gang, but has suffered a data leak in retaliation
-
January 22, 2021
22
Jan'21
Google threatens to cut off Australia
Google’s threat to end its Australian Search operation comes in the face of new legislation that would force it to pay media publishers for news content
-
January 21, 2021
21
Jan'21
Hackney Council tenders for cyber security upgrade
Suppliers are being invited to tender for enhanced cyber security capabilities at ransomware victim Hackney Council
-
January 21, 2021
21
Jan'21
Immigration exemption in data protection law faces further legal challenge
Human rights groups set to take legal challenge against immigration exemption to Court of Appeal on the basis that everyone, regardless of their nationality or residence, should have their fundamental rights and freedoms protected as stated in the ...
-
January 21, 2021
21
Jan'21
Two-thirds of CISOs say they’ll be cyber attack victims this year
Security professionals are ever alert to the threats they face, but some still seem to think it is unlikely they will be attacked
-
January 21, 2021
21
Jan'21
Interview: Tony Porter, chief privacy officer, Corsight AI
Tony Porter speaks to Computer Weekly about the changes in facial-recognition during his time as surveillance camera commissioner, the ethics of using the technology, and his new role as chief privacy officer at Corsight AI
-
January 21, 2021
21
Jan'21
Incompetent cyber criminals leak data in opsec failure
Even cyber criminals need to pay attention to their information security posture, as this cautionary tale uncovered by Check Point reveals
-
January 20, 2021
20
Jan'21
Should I be worried about MFA-bypassing pass-the-cookie attacks?
Malicious actors bypassed multi-factor authentication using so-called pass-the-cookie attacks, but how worrying is this and what is the risk to organisations?
-
January 20, 2021
20
Jan'21
Malwarebytes also hit by SolarWinds attackers
The nation state group that attacked SolarWinds in December got inside Malwarebytes by exploiting privileged access to its Microsoft Office 365 tenant, the firm reveals
-
January 19, 2021
19
Jan'21
CIOs blame siloed IT teams and tools for misalignment
The inability of teams to see a single version of the truth is leading to a lot of time wasting among IT departments and businesses
-
January 19, 2021
19
Jan'21
Value of GDPR fines shows dramatic increase in 2020
European regulators imposed almost €160m worth of fines during the past 12 months, a substantial rise
-
January 19, 2021
19
Jan'21
Click fraud levels reach new heights in pandemic
Small companies risk losing £10,000 a year, and enterprises as much as £520,000, to cyber criminals as click fraud volumes spike
-
January 19, 2021
19
Jan'21
Criminals fiddled stolen Covid-19 vaccine data to damage trust
Malicious actors manipulated stolen Covid-19 data in a way clearly intended to damage public trust in vaccines, says the EMA
-
January 18, 2021
18
Jan'21
MoD reports 18% rise in data loss incidents
The Ministry of Defence reported more than five hundred data security incidents in 2019-20, with seven serious enough to warrant disclosure to the ICO
-
January 15, 2021
15
Jan'21
150,000 records accidentally wiped from police systems
Home Office claims data wiped from national police systems only relates to people who have never been convicted of a crime or had further police action taken against them following an arrest
-
January 15, 2021
15
Jan'21
US cyber security agencies get $9bn in Biden plan
New funding proposals come as US government reels from the impact of the December 2020 SolarWinds attack
-
January 15, 2021
15
Jan'21
Coalition proposes secure standard model for Covid-19 passports
Vaccination Credential Initiative is working to ensure that people vaccinated against Covid-19 can access their records in a secure, verifiable and privacy-preserving way
-
January 14, 2021
14
Jan'21
All EU states can take data protection cases against Facebook, says EU court
An opinion from the European Court of Justice has the potential to lead to a flood of privacy complaints against Facebook if upheld
-
January 14, 2021
14
Jan'21
Experian calls for less bureaucratic data regulations
Open banking requires cross-industry collaboration, but sharing personal data requires explicit consent, which can become a bottleneck
-
January 14, 2021
14
Jan'21
Old, on-premise systems targeted in Hackney ransomware attack
Council reveals some more insight into how the Pysa ransomware gang infiltrated its systems by exploiting legacy technology
-
January 14, 2021
14
Jan'21
Unforeseen consequences of new technologies put UK at risk
Lords committee told that the risks associated with various emerging digital technologies must be assessed together, with input from UK citizens, if the government is to avoid ‘siloisation’ of fundamentally interconnected problems
-
January 13, 2021
13
Jan'21
Court to rule on Facebook data sharing after Schrems drops legal challenge against Irish regulator
Irish High Court says it will issue a judgment as soon as possible over a draft decision by Ireland’s data protection commissioner to order Facebook to stop the transfer of data about EU citizens to datacentres in the US
-
January 13, 2021
13
Jan'21
World’s largest dark web market disrupted in major police operation
Coordinated international operation including Europol and the UK’s National Crime Agency has successfully taken DarkMarket offline
-
January 13, 2021
13
Jan'21
Covid-19 immunity passport tests to begin in UK
A Covid-19 immunity and vaccination passport developed by two UK firms and backed by Innovate UK has entered the live testing phase