News
IT governance
-
December 08, 2022
08
Dec'22
Consumers to get new protections against dodgy apps
Government’s new code of practice will impose new privacy and security measures on app store operators and developers
-
December 08, 2022
08
Dec'22
Apple to tap third party for physical security keys
Apple is launching a number of new security protections, including the addition of third-party-provided hardware security keys
-
December 07, 2022
07
Dec'22
Clinicians who raised patient safety risks claim Berkshire NHS trust deleted email evidence
A tribunal hearing considering claims that an NHS trust destroyed email evidence and had put the safety of geriatric patients at risk, was cut short after clinicians faced “life-changing” costs
-
December 07, 2022
07
Dec'22
Rackspace email outage confirmed as ransomware attack
An ongoing outage affecting Rackspace email customers is the result of a ransomware attack
-
December 07, 2022
07
Dec'22
Google, MS, Oracle vulnerabilities make November ’22 a big month for patching
Vulnerabilities affecting the likes of Google, Microsoft and Oracle proved particularly troublesome in November
-
December 07, 2022
07
Dec'22
Post Office scandal – “cock-up or cook-up”?
The second phase of the Post Office Horizon IT scandal raised more questions over who did what, when and where, with shocking revelations at every turn
-
December 06, 2022
06
Dec'22
Legacy IT magnifies cyber risk for Defra, says NAO
Some 30% of Defra’s applications are currently unsupported, magnifying cyber risk as the government department struggles to make progress on a digital transformation programme
-
December 06, 2022
06
Dec'22
EU fails to protect human rights in surveillance tech transfers
Transfers of surveillance technology from the European Union to African governments are carried out without due regard for the human rights impacts, the European Ombudsman has found after a year-long investigation into the European Commission’s ...
-
December 06, 2022
06
Dec'22
Don’t become an unwitting tool in Russia’s cyber war
Researchers have turned up evidence that enterprise networks are being co-opted by Russian threat actors to launch attacks against targets in Ukraine. How can you avoid becoming an unwitting tool in a state-backed attack?
-
December 05, 2022
05
Dec'22
Fake investment ads persist on Meta’s social networks
Online adverts for investment scams relating to property and crypto assets are still getting past measures designed to stop them
-
December 05, 2022
05
Dec'22
DCMS to assess UK semiconductor industry
The ongoing global chip crisis, geopolitician tension with China and deal-blocking are the backdrop to this latest assessment
-
December 05, 2022
05
Dec'22
Cohesity doubles down on cyber-defence failings via backup
Datahawk service and Data Security Alliance bring clean data restores, ransomware artefact detection, data vaulting and data audit for a clearer understanding of attack impact
-
December 05, 2022
05
Dec'22
French cyber consultancy Hackuity sets up UK operation
Risk-based vulnerability management company is to establish a UK base of operations in the hope of expanding its enterprise client base
-
December 02, 2022
02
Dec'22
Post Office boosted its ‘coffers’ as Horizon system threw up unexplained shortfalls, inquiry told
The Post Office was ‘keen’ to make subpostmasters cover unexplained accounting shortfall as its business struggled, public inquiry hears
-
December 02, 2022
02
Dec'22
Twitter ‘replacement’ Hive Social shuts off service in privacy alert
Hive Social, a recently established social media network, has temporarily closed its servers to address deep structural privacy issues identified by ethical hackers
-
December 01, 2022
01
Dec'22
MI6 chief’s hacked emails attacked MI5 and betrayed British spy operations in China
Former UK spy boss Richard Dearlove leaked names of MI6 secret agent recruiters in China to back an aggressive right-wing US campaign against tech company Huawei. His emails were hacked and then leaked – probably by Russian intelligence
-
December 01, 2022
01
Dec'22
LastPass probes new cyber incident related to August attack
The August 2022 cyber attack on LastPass seems to have begat another incident, according to company CEO Karim Toubba
-
November 30, 2022
30
Nov'22
Microsoft 365 banned in German schools over privacy concerns
German schools cannot legally use Microsoft Office 365 over lack of clarity about how data is collected, shared and used, as well as the potential for unlawful transfer of European citizens’ personal data to the US
-
November 30, 2022
30
Nov'22
South Staffs Water customer data leaked after ransomware attack
Personal data of water utility’s direct debit customers exposed on the dark web following a Clop ransomware attack
-
November 30, 2022
30
Nov'22
NIS regulations to be extended to cover MSPs
The UK government is moving ahead with plans to update the Network and Information Systems regulations to bring outsourcers and MSPs into scope
-
November 30, 2022
30
Nov'22
Parity AI talks about auditing recruitment algorithms for bias
Algorithmic auditing firm Parity speaks to Computer Weekly about the process of auditing artificial intelligence for bias, following its partnership with AI-powered recruitment platform Beamery
-
November 29, 2022
29
Nov'22
‘Legal but harmful’ clause dropped from Online Safety Bill
Online Safety Bill’s ‘legal but harmful’ provision will be dropped by the UK government in favour of public risk assessments, tools to help users control the content they consume, and new criminal offences around self-harm
-
November 25, 2022
25
Nov'22
Data management, backup becoming the CISO's responsibility
More and more CISOs are taking on responsibility for wider data management strategies, and this trend looks set to grow next year
-
November 23, 2022
23
Nov'22
UK police arrest 120 in largest-ever cyber fraud crackdown
The administrator and more than 100 users of the iSpoof.cc cyber fraud website have been arrested in a major counter-fraud operation led by the Metropolitan Police
-
November 23, 2022
23
Nov'22
AI accountability held back by ‘audit-washing’ practices
Algorithmic auditing will be useless in holding artificial intelligence accountable until there are common standards, approaches and goals that scrutinise systems at each stage of development and deployment, says think-tank
-
November 23, 2022
23
Nov'22
South Korea data adequacy pact brings £15m Brexit bonus
UK government finalises a data adequacy agreement with South Korea, saying it will unlock a post-Brexit business bonus of just under £15m
-
November 23, 2022
23
Nov'22
Red team tool developer slams ‘irresponsible’ disclosure
UK security firm MDSec defends its Nighthawk command and control penetration testing framework after suggestions were made that it could be appropriated by threat actors
-
November 22, 2022
22
Nov'22
Ducktail spins new tales to hijack Facebook Business accounts
The increasingly active Ducktail cyber crime operation is refining its operations, seeking new methods to compromise its victims’ Facebook Business accounts
-
November 22, 2022
22
Nov'22
Killnet DDoS hacktivists target Royal Family and others
Russia-aligned hacktivists targeted multiple UK websites, including those of the Royal Family, in a new campaign of DDoS attacks
-
November 21, 2022
21
Nov'22
Bug Bounty Calculator helps organisations fine-tune their payouts
Newly launched comparison tool will supposedly help operators of vulnerability disclosure or bug bounty programmes to ensure their payments match market rates and expectations, and attract the right sort of attention
-
November 21, 2022
21
Nov'22
NHS federated data platform must avoid repeating Care.data mistakes, says national data guardian
UK’s national data guardian agrees with the ambitions of the platform, but warns that the programme must avoid ‘common pitfalls around trust and transparency’
-
November 21, 2022
21
Nov'22
AI adopted without due consideration for workers, MPs told
MPs have been warned that the rapid roll-out of artificial intelligence in workplaces has changed UK enterprises’ management practices so much that current employment law is no longer fit for purpose
-
November 21, 2022
21
Nov'22
NHS trust that deleted up to 90,000 emails cleared of deliberately concealing evidence
A tribunal found in a high-profile case brought by whistleblower Chris Day that an NHS trust had not deliberately concealed evidence when a director deleted up to 90,000 emails before he was due to testify
-
November 18, 2022
18
Nov'22
Is Elon Musk’s Twitter safe, and should you stop using it?
With a litany of security and compliance issues exposed and in many cases caused by Elon Musk’s takeover of social media platform Twitter, some may be asking if it’s still safe or appropriate to use
-
November 18, 2022
18
Nov'22
New gold standard to protect good faith hackers
HackerOne’s new Gold Standard Safe Harbour statement will supposedly act as a guarantee for good faith hacking
-
November 18, 2022
18
Nov'22
Post Office scandal inquiry’s expert IT witness ‘troubled’ by his findings
Controversial Post Office Horizon system lacked the integrity required to trust accounting data and contained ‘joke’ coding akin to an ‘overly engineered mousetrap’, inquiry told
-
November 18, 2022
18
Nov'22
CyberPeace Institute helps NGOs improve their security resilience
Adrien Ogée of the CyberPeace Institute talks about his work supporting NGOs and humanitarian organisations, and how the security community at large can help protect the world’s most vulnerable people
-
November 17, 2022
17
Nov'22
Brexit deregulation will make UK next Silicon Valley, vows Hunt
Chancellor vows to revolutionise how the IT industry is regulated to spur competition, investment and innovation in a technological ‘Big Bang’
-
November 17, 2022
17
Nov'22
Another Log4Shell warning after Iranian attack on US government
The breach of a US federal body by an Iranian threat actor exploiting the Adobe Log4j Log4Shell vulnerability has prompted a fresh flurry of patching
-
November 17, 2022
17
Nov'22
NHS Digital confirms final settlement of £3.95m with HMRC following conclusion of IR35 investigation
The health service’s digital arm has paid HMRC £3.95m in unpaid tax to cover the cost of its IR35 compliance errors
-
November 16, 2022
16
Nov'22
Global network fragmentation a source of increasing risk
Risk consultancy’s report says the weaponisation of cyber space and geopolitical clashes herald a breakdown of global networks into distinct regional or national architectures
-
November 15, 2022
15
Nov'22
APP fraud volumes expected to double by 2026, says report
Losses to authorised push payment fraud in the UK are expected to climb to over $1.5bn in the next four years. Meanwhile, the NAO accuses the Home Office of lagging on progress to tackle the issue
-
November 15, 2022
15
Nov'22
Met Police removes nearly two-thirds of people from gangs matrix
Legal action by human rights group Liberty forces Met Police to overhaul its gangs violence matrix database
-
November 14, 2022
14
Nov'22
Sadiq Khan launches Data for London Advisory Board
Board will look at how to join up and share data between public and private London organisations in an effort to build a stronger data economy and improve public services
-
November 11, 2022
11
Nov'22
Volume of self-reported breaches to ICO jumps 30%
The number of self-reported breaches to the UK’s Information Commissioner’s Office soared by nearly 30% in the 12 months to 30 June 2022
-
November 11, 2022
11
Nov'22
MoD recruits Immersive Labs to bolster cyber resilience
UK’s Ministry of Defence will run cyber drills and address its security talent gap with Immersive Labs’ CyberPro, Cyber Crisis Simulator and Application Security products
-
November 10, 2022
10
Nov'22
Scrutinising AI requires holistic, end-to-end system audits
Understanding the full impacts of artificial intelligence requires organisations to conduct end-to-end social and technical audits of their systems, but the process comes with a number of challenges
-
November 10, 2022
10
Nov'22
Cyber criminals have World Cup Qatar 2022 in their sights
Volumes of malicious cyber activity around the upcoming FIFA World Cup are already starting to tick upwards and are likely to continue to do so
-
November 09, 2022
09
Nov'22
UK’s National Cyber Advisory Board convenes for first time
Government convenes National Cyber Advisory Board to further its goals of making the UK one of the safest places to live and work online
-
November 09, 2022
09
Nov'22
Microsoft serves smorgasbord of six zero-days
November’s Patch Tuesday fixes significantly fewer vulnerabilities of late, but includes six actively-exploited zero-days, three of them of critical severity