News

IT governance

• June 09, 2021 09 Jun'21

  FBI arrests distributors accused of selling An0m encrypted phones to crime groups

  Working with overseas law enforcement, the FBI has arrested eight people and named a further 13 accused of distributing An0m phones to organised crime groups

• June 09, 2021 09 Jun'21

  RSA spins out fraud and risk unit as Outseer

  RSA Security is transitioning its fraud and risk intelligence work into a new business to be called Outseer

• June 09, 2021 09 Jun'21

  Microsoft fixes seven zero-days on its Patch Tuesday rounds

  Fixes for six actively-exploited – and one yet-to-be-exploited – zero-day bugs are released in the June 2021 Patch Tuesday update

• June 09, 2021 09 Jun'21

  Colonial Pipeline ransom seizure is a win, but don’t relax yet

  The security community is enthusiastic about the US authorities’ recovery of a significant part of the Colonial Pipeline ransomware payment, but this positivity should perhaps be somewhat tempered

• June 08, 2021 08 Jun'21

  NHS Digital delays data collection plans until September

  NHS Digital has postponed its proposed collection of GP data for two months, to allow more time for the public to understand the process and opt out if wanted

• June 08, 2021 08 Jun'21

  National data guardian calls for dialogue on NHS Digital GP plans

  The UK’s national data guardian says it is important the public has clarity on how their confidential medical information will be used and kept secure under NHS data-sharing plans

• June 07, 2021 07 Jun'21

  EU privacy chief investigates use of US cloud services

  Use of Amazon and Microsoft’s cloud services by public sector bodies in the European Union is being scrutinised by the bloc’s privacy watchdog

• June 07, 2021 07 Jun'21

  Siloscape malware a risk to Windows containers, Kubernetes

  Palo Alto’s Unit 42 reports on what appears to be the first-recorded malware targeting Kubernetes clusters through Windows containers

• June 07, 2021 07 Jun'21

  NCSC updates schools ransomware guidance amid surge

  The National Cyber Security Centre says it is dealing with a renewed surge of ransomware attacks targeting schools, colleges and universities

• June 07, 2021 07 Jun'21

  IBM pushes back against US government data requests

  Technology giant IBM says the US government has ‘no jurisdiction’ to request data from its European entities

• June 07, 2021 07 Jun'21

  Campaigners plan legal action over NHS data sharing

  Privacy coalition aims to force NHS Digital to push back its plans to scrape medical information on millions of patients into a central database

• June 04, 2021 04 Jun'21

  UK immigration exemption in Data Protection Act found unlawful

  Court of Appeal rules immigration exemption unlawful, but further hearings will follow to decide what remedies must be put in place

• June 04, 2021 04 Jun'21

  BCS: Lack of communication over NHS GPDPR ‘astonishing’

  The Chartered Institute for IT has warned that millions of people are not being properly informed of NHS Digital plans to harvest their data

• June 04, 2021 04 Jun'21

  Government action on ransomware epidemic gathers pace

  The US government steps up action against ransomware operators, while the UK’s NCSC publishes guidance on preparing to deal with a ransomware attack

• June 03, 2021 03 Jun'21

  Tories fined over email data protection breaches

  The Conservative Party broke the law by failing to properly keep records of who had unsubscribed from its mailing list

• June 03, 2021 03 Jun'21

  Pandemic a ‘once-in-a-lifetime’ chance to reshape security

  The volume of remote working has made it hard to paint an accurate picture of the true state of enterprise cyber security, but it presents an opportunity to change things up

• June 02, 2021 02 Jun'21

  Scottish businesses missing out on Cyber Essentials benefits

  More than a third of Scottish businesses do not believe they are adequately prepared to deal with a cyber security incident

• June 01, 2021 01 Jun'21

  Ex-IT manager stole over £800,000 from NHS trust

  A former senior IT manager at an Essex NHS trust has pleaded guilty to defrauding his employer out of more than £800,000

• May 28, 2021 28 May'21

  Privacy experts concerned over NHS data collection plans

  Security and data privacy experts warn NHS Digital that its data collection plans could increase risk and cause a public backlash

• May 27, 2021 27 May'21

  Loss of 150,000 police records made worse by management failures

  The loss of 150,000 records from a number of national policing systems was caused by a human coding error, but made worse by process and management failures

• May 27, 2021 27 May'21

  MP-backed push to stop tech giants claiming super-deduction tax relief thwarted

  Move to prevent the likes of Amazon using the government's new super-deduction policy to minimise their UK tax liabilities even further fails to win support in the House of Commons

• May 27, 2021 27 May'21

  NGOs file complaints against Clearview AI in five countries

  Privacy and human rights organisations have asked data protection regulators in the UK, France, Austria, Italy and Greece to investigate controversial facial recognition company Clearview AI

• May 26, 2021 26 May'21

  More data stolen in January 2021 than in all of 2017, says report

  The volume of data being stolen through breaches is growing steadily and shows no sign of slowing, according to a report from Imperva

• May 26, 2021 26 May'21

  Millions of pounds lost to crypto fraud on social media

  More than £63m has been lost nationally by victims of investment fraud via a social media platform, says Action Fraud

• May 26, 2021 26 May'21

  Nordic CIO interview: Tommi Tuovila, Neste

  Former Olympian talks to Computer Weekly about the challenges facing CIOs in a rapidly changing world

• May 25, 2021 25 May'21

  Threat of group GDPR legal action haunts CISOs

  The vast majority of security leaders questioned for a new report say they are concerned about the possibility of group legal settlements against them following a serious data breach

• May 25, 2021 25 May'21

  McAfee to change terms of auto-renewing consumer plans

  Consumers who found their McAfee antivirus contracts auto-renewed will be able to get out of their contracts and get their money back

• May 25, 2021 25 May'21

  Industry reflects on three years of GDPR

  Looking back on 12 tumultuous months, we assess how GDPR has weathered the effects of the Covid-19 pandemic and Brexit, and consider what the coming year may hold for data protection

• May 25, 2021 25 May'21

  Legacy vulnerabilities may be biggest enterprise cyber risk

  While high-profile cyber attacks and zero-days grab headlines, statistics gathered by network security specialists Cato suggest CISOs should be addressing legacy threats

• May 24, 2021 24 May'21

  Air India is latest victim of Sita hack

  Data on millions of people who flew with Air India between 2011 and 2021 appears to have been compromised in the recent Sita supply chain attack

• May 21, 2021 21 May'21

  Lack of developer attention to cloud security prompts alerts

  The personal data of over 100 million Android users may have been put at risk through a variety of cloud service misconfigurations

• May 20, 2021 20 May'21

  UK regulators commit to closer cooperation on digital economy

  Two UK regulators have issued a joint statement and signed a memorandum of understanding on the need for closer collaboration on digital markets

• May 20, 2021 20 May'21

  Pandemic tech use heightens consumer privacy fears

  Report on consumer attitudes to privacy finds evidence of a “heightened sense of fear” as digital footprints expand inexorably

• May 20, 2021 20 May'21

  Malicious scans for at-risk systems start minutes after disclosure

  Statistics collated by Palo Alto Networks reveal malicious actors begin scanning the internet for systems at risk of new CVEs within minutes

• May 20, 2021 20 May'21

  UK government publishes framework on automated decision-making

  The framework focuses on making the use of algorithms and automated decision-making systems within the public sector more ethical, transparent and accountable

• May 19, 2021 19 May'21

  ‘Nothing off the table’ in statutory Post Office scandal inquiry

  The government confirmed that the inquiry into the Post Office Horizon IT scandal will be given statutory status and wider scope

• May 19, 2021 19 May'21

  Reports of stolen Irish health service data being leaked online

  Leaking of deeply confidential and personal information on patient healthcare marks a new low for the criminal Conti gang

• May 18, 2021 18 May'21

  Microsoft EU Data Boundary dubbed ‘smoke and mirrors’

  Data protection experts claim Microsoft’s decision to create an EU Data Boundary is a tacit admission that it routinely transfers and processes the personal data of European citizens outside the bloc

• May 18, 2021 18 May'21

  Irish High Court dismisses legal bid by Facebook over EU-US data transfers

  Latest twist in long-running legal battle sees Facebook lose legal bid to prevent the Irish Data Protection Commissioner suspending its transfer of data about European citizens to the US

• May 17, 2021 17 May'21

  Conti ransomware syndicate behind attack on Irish health service

  More details continue to emerge of the significant ransomware attack on Ireland’s HSE

• May 17, 2021 17 May'21

  Government seeks input on supply chain security

  Amid concerns that too few companies are addressing vulnerabilities in their supply chain, DCMS is opening a consultation on new measures to enhance security

• May 14, 2021 14 May'21

  Colonial Pipeline paid $5m ransom, reports say

  Colonial Pipeline may have paid a significant ransom within hours of being attacked, it has emerged, but it’s unlikely the story ends here

• May 13, 2021 13 May'21

  Publishing exploit code does more harm than good, says report

  Disclosing exploit code before patches are available gives malicious actors a ‘massive’ head-start, says Kenna Security

• May 13, 2021 13 May'21

  Biden beefs up public-private security cooperation

  Joe Biden has signed a new Executive Order to harden US cyber security and government networks, with an emphasis on information sharing

• May 13, 2021 13 May'21

  CISOs weathered the pandemic well, but at personal cost

  Over 80% of CISOs think their existing security capabilities stayed strong during the worst of the Covid-19 pandemic, but now face stress and burnout on an unheard-of scale

• May 13, 2021 13 May'21

  Verizon DBIR underscores year of unprecedented cyber challenge

  Verizon 2021 Data Breach Investigations Report draws predictable conclusions as the impact of the Covid-19 pandemic continues to be felt

• May 12, 2021 12 May'21

  UK government publishes Online Safety Bill draft

  Bill builds on previous commitments by the government, which has added new measures to uphold democracy and freedom of speech while making tech giants more accountable

• May 12, 2021 12 May'21

  CyberUK 2021: NCSC encourages startups to invest in cyber

  National Cyber Security Centre is launching bespoke cyber security guidance aimed at the UK’s valuable startup community

• May 12, 2021 12 May'21

  UK to fund national cyber teams in Global South

  Government will commit millions of pounds to supporting vulnerable countries in establishing cyber capacity

• May 12, 2021 12 May'21

  Microsoft fixes four critical bugs on lighter Patch Tuesday

  Four critical RCE vulnerabilities put users of various Microsoft products at risk, and should be patched right away