News

IT governance

• September 23, 2021 23 Sep'21

  MoD in second leak of Afghan citizens’ data

  A second breach of data relating to Afghan citizens at risk of Taliban reprisals has been reported by the Ministry of Defence

• September 23, 2021 23 Sep'21

  Threat actors target VMware vCenter Server users

  Users of VMware vCenter Server are advised to patch a series of vulnerabilities post haste

• September 22, 2021 22 Sep'21

  AI cannot be regulated by technical measures alone

  The regulation of artificial intelligence must address the power of tech companies, as technical measures alone will not be enough to prevent the harms caused by AI-driven technologies, says report

• September 21, 2021 21 Sep'21

  US sanctions Suex crypto exchange over ransomware links

  US Treasury cracks down on cryptocurrency exchange that supposedly facilitated proceeds from multiple ransomware gangs

• September 21, 2021 21 Sep'21

  Spanish police bust Mafia-linked phishing gang

  A joint operation between European authorities has dismantled a cyber criminal gang with links to the Italian Mafia

• September 21, 2021 21 Sep'21

  BlackMatter gang ramps up attacks on multiple victims

  A wave of new BlackMatter ransomware attacks is hitting organisations around the world, even as the US authorities mull new sanctions on ransom payment infrastructure

• September 20, 2021 20 Sep'21

  NGO Fair Trials calls on EU to ban predictive policing systems

  The use of artificial intelligence to predict criminal behaviour should be banned because of its discriminatory outcomes and high risk of further entrenching existing inequalities, claims Fair Trials

• September 16, 2021 16 Sep'21

  Travel-themed phishing lures spiked this summer

  As people begin to take holidays again after more than a year of restrictions and lockdowns, opportunist cyber criminals have taken note, according to new data from Palo Alto’s Unit 42

• September 15, 2021 15 Sep'21

  UN human rights chief calls for moratorium on AI technologies

  High commissioner’s call for a moratorium on the use of AI systems that pose a serious risk to human rights is accompanied by a UN report on the negative human rights impacts associated with the technology

• September 15, 2021 15 Sep'21

  Microsoft patches 66 vulnerabilities in September update

  Another lighter-than-usual Patch Tuesday update includes important fixes for recently disclosed vulnerabilities, including a dangerous zero-day, and an update in the PrintNightmare saga

• September 14, 2021 14 Sep'21

  Mass health tracker data breach has UK impact

  The leak of a database of 61 million users of health-tracking devices includes records on individuals located in the UK

• September 14, 2021 14 Sep'21

  Cost of ransomware attack in financial sector exceeds $2m

  Mid-sized financial services organisations worldwide spend an average of over $2m recovering from ransomware attacks

• September 14, 2021 14 Sep'21

  Apple patches ForcedEntry vulnerability used by spyware firm NSO

  Apple patches ForcedEntry vulnerability that was used to target political activists with spyware

• September 13, 2021 13 Sep'21

  Smishing attacks up sevenfold in six months

  Scam text messages are reaching pandemic proportions, thanks in part to the pandemic

• September 13, 2021 13 Sep'21

  Olympus likely victim of BlackMatter ransomware

  Key IT systems remain shut off at Olympus, five days after what seems to have been a BlackMatter ransomware attack

• September 09, 2021 09 Sep'21

  UK GDPR faces changes under planned reforms

  DCMS is launching a major consultation on proposed changes to the UK’s data protection regime, under which several key elements of the GDPR are likely to change

• September 08, 2021 08 Sep'21

  REvil reappearance may herald new ransom campaigns

  The re-emergence of the infamous REvil ransomware gang is a likely sign that more high-profile attacks will unfold over the coming weeks

• September 08, 2021 08 Sep'21

  Covid positive for security market, but still a source of stress

  CIISec’s latest “State of the profession report” highlights both positives and challenges for cyber pros arising from the past two years

• September 08, 2021 08 Sep'21

  Stolen credit card data worth about £13 on dark web, PayPal worth more

  The average price of a stolen credit card on a dark web marketplace comes in at around $17.40, or £12.60, according to new data – but the real money for cyber criminals is in hacked PayPal accounts

• September 07, 2021 07 Sep'21

  ICO in bid to end cookie pop-ups

  Outgoing information commissioner Elizabeth Denham will call on her equivalents across the G7 group of countries to collaborate on an overhaul of cookie consent pop-ups

• September 07, 2021 07 Sep'21

  Lords committee calls for evidence on digital regulation

  House of Lords Communications and Digital Committee has called for evidence to inform its inquiry into the effectiveness of digital regulation

• September 03, 2021 03 Sep'21

  Mandiant, Sophos detail dangerous ProxyShell attacks

  Threat researchers and incident responders continue to track threat activity around the dangerous ProxyShell Microsoft Exchange vulnerabilities, including impactful ransomware hits

• September 02, 2021 02 Sep'21

  WhatsApp fined €225m over GDPR breaches

  Irish data protection watchdog has issued one of the largest GDPR fines to date against Facebook-owned WhatsApp

• September 02, 2021 02 Sep'21

  Twitter tests auto-block feature for accounts at risk of abuse

  Latest Twitter feature automatically blocks abusive users, and is intended to help victims regain control of their experience on the platform

• September 01, 2021 01 Sep'21

  Experts warn on Office 365 phishing attacks

  Newly observed campaign is particularly dangerous because it appears to neutralise one of the most widely known anti-phishing techniques

• September 01, 2021 01 Sep'21

  Remote workers routinely bypassed security tools during pandemic

  New data from Palo Alto Networks reveals that over 25% of UK security leaders saw their employees circumventing or switching off security measures at the height of the pandemic

• August 27, 2021 27 Aug'21

  Are proposed data protection changes a threat to UK citizens’ privacy?

  Though changes are as-yet undefined pending an upcoming consultation, concerns are already being expressed over the government’s plan to liberalise data protection laws in the service of innovation and growth

• August 26, 2021 26 Aug'21

  Tech giants commit to Biden's cyber security action plan

  Some of the world’s most prominent tech giants have made a series of commitments to enhance the US’ national cyber security posture following a high-profile meeting with president Biden

• August 26, 2021 26 Aug'21

  Government unveils post-Brexit data flow proposals

  The government will pursue data partnerships with countries including Australia, South Korea and the US as part of a post-Brexit data regime that may also see substantial changes to the UK’s data protection law

• August 26, 2021 26 Aug'21

  NZ privacy lead John Edwards named new information commissioner

  DCMS has named John Edwards, currently New Zealand privacy commissioner, to succeed Elizabeth Denham as UK information commissioner

• August 25, 2021 25 Aug'21

  Algorithmic accountability needs meaningful public participation

  Global analysis by Ada Lovelace Institute and other research groups finds algorithmic accountability mechanisms in the public sector are hindered by a lack of engagement with the public

• August 25, 2021 25 Aug'21

  Calling the cops for ransomware attacks doesn’t help, say cyber pros

  A new study for the #Ransomaware campaign reveals some insight into why so few victims report ransomware attacks

• August 25, 2021 25 Aug'21

  UK loses £1.3bn to fraud and cyber crime so far this year

  New figures from the National Fraud Intelligence Bureau show a threefold spike in reported financial losses to fraud and cyber crime in the first six months of 2021

• August 24, 2021 24 Aug'21

  13 million malware attacks on Linux seen in wild

  Cryptominers, web shells and ransomware are the most common varieties of malwares targeting Linux systems, thanks to its prevalence as the backbone of most public cloud services

• August 24, 2021 24 Aug'21

  Half of MS Exchange servers at risk in ProxyShell debacle

  Up to 50% of MS Exchange users in the UK are exposed to three vulnerabilities that are now being actively exploited

• August 24, 2021 24 Aug'21

  Over a million opt out of NHS data-sharing

  Failure to communicate benefits of data-sharing proposals and privacy concerns are prompting large numbers of people to opt out of a proposed NHS Digital scheme

• August 24, 2021 24 Aug'21

  Campaign groups claim police have bypassed Parliament with plans for live facial-recognition tech

  Civil society groups call for Parliament to scrutinise the use of live facial-recognition cameras

• August 23, 2021 23 Aug'21

  Cities worldwide band together to push for ethical AI

  The chief digital and technology officers of London and Barcelona speak to Computer Weekly about their joint initiative launched with other cities to promote the ethical deployment of artificial intelligence in urban spaces

• August 19, 2021 19 Aug'21

  Pub apps harvesting swathes of customer data unnecessarily

  Some pub and restaurant chain apps demand data such as gender and marital status, raising eyebrows among privacy campaigners

• August 19, 2021 19 Aug'21

  IT leaders fear ‘trickle-down’ of nation-state cyber attacks

  Three-quarters of IT decision-makers are concerned that the tactics, techniques and procedures used by nation-state attackers could be used against them

• August 18, 2021 18 Aug'21

  UK government criticised for proposed facial-recognition guidance

  Privacy campaigners say the government's updated 'surveillance camera code of practice' does not do enough to mitigate abuses of facial-recognition technology

• August 17, 2021 17 Aug'21

  Educational publisher Pearson fined for data breach cover-up

  Securities and Exchange Commission says publisher misled its investors over the extent of a 2018 data breach

• August 17, 2021 17 Aug'21

  Security Think Tank: Building privacy-preserving apps and platforms

  ISACA’s Gaurav Deep Singh Johar explores how to embed privacy practices into digital platform architecture

• August 13, 2021 13 Aug'21

  How to get API deployments right

  Application programming interfaces are not the panacea for digital transformation and could even lead to escalating costs for problems that are better addressed through integration

• August 12, 2021 12 Aug'21

  ICO consults on new international data transfer agreement

  Information Commissioner’s Office to consult on its draft international data transfer agreement and guidance, which will replace standard contractual clauses to protect personal data during overseas transfers

• July 29, 2021 29 Jul'21

  HMRC hits Home Office with £33.5m bill over ‘careless’ application of IR35 rules

  The Home Office is the latest ministerial department to be hit with a multimillion-pound tax demand from HMRC after errors were discovered in its implementation of the IR35 rules

• July 28, 2021 28 Jul'21

  Almost half unaware of GP data-sharing plans

  Around half of adults in England – approximately 20 million people – remain unaware of the scope of the NHS GPDPR programme, prompting calls for a public education campaign

• July 27, 2021 27 Jul'21

  US lawmakers call for probe into ‘arrogant’ spyware firm

  US members of Congress have called for an investigation into NSO Group, the spyware supplier at the centre of a massive surveillance scandal

• July 27, 2021 27 Jul'21

  TikTok sets up cyber security hub in Dublin

  Dublin-based cyber centre will oversee the security of TikTok’s users across Europe

• July 26, 2021 26 Jul'21

  No More Ransom initiative saves £850m over five years

  Initiative’s free ransomware decryption tools have been used by more than six million people since 2016