News
IT governance
-
November 10, 2022
10
Nov'22
Cyber criminals have World Cup Qatar 2022 in their sights
Volumes of malicious cyber activity around the upcoming FIFA World Cup are already starting to tick upwards and are likely to continue to do so
-
November 09, 2022
09
Nov'22
UK’s National Cyber Advisory Board convenes for first time
Government convenes National Cyber Advisory Board to further its goals of making the UK one of the safest places to live and work online
-
November 09, 2022
09
Nov'22
Microsoft serves smorgasbord of six zero-days
November’s Patch Tuesday fixes significantly fewer vulnerabilities of late, but includes six actively-exploited zero-days, three of them of critical severity
-
November 09, 2022
09
Nov'22
Fujitsu expert witness in subpostmaster trial ‘manoeuvred’ into role, public inquiry told
A former Fujitsu technology expert who defended the Horizon system’s robustness in court was unhappy after being ‘manoeuvred’ into acting as an expert witness, public inquiry hears
-
November 08, 2022
08
Nov'22
Six subpostmaster convictions referred for appeal in Scotland
Six former subpostmasters in Scotland will have appeals against criminal convictions heard after being referred by Scotland’s Criminal Cases Review Commission
-
November 07, 2022
07
Nov'22
Public sector IT projects need ethical data practices from start
Data ethics needs to be integrated into public sector IT projects from the very start, and considered throughout every stage of the process, to be effective
-
November 07, 2022
07
Nov'22
Department for Education escapes £10m fine over data misuse
Department entrusted data on 28 million children to a company called Trustopia, which turned out to be anything but trustworthy, but has escaped a £10m fine under new rules
-
November 04, 2022
04
Nov'22
Microsoft: Nation-state cyber attacks became increasingly destructive in 2022
The willingness of nation-state actors to conduct destructive cyber attacks is a source of grave concern, as Microsoft’s latest annual Digital Defence Report lays bare
-
November 03, 2022
03
Nov'22
Confirmation bias led Post Office to prosecute subpostmasters without investigation, inquiry told
Former Post Office tech leader tells public inquiry that confirmation bias led to hundreds of subpostmasters being prosecuted for financial crimes without proper investigation
-
November 03, 2022
03
Nov'22
Automated threats biggest source of cyber risk for retailers
Threat actors targeting retailers during the coming holiday season are increasingly turning to automated forms of cyber attack, according to a report
-
November 03, 2022
03
Nov'22
Global coalition reaffirms commitment to fight ransomware
Representatives of 36 countries, as well as the EU, attended the second International Counter Ransomware Initiative Summit in Washington DC
-
November 02, 2022
02
Nov'22
Shadow digital secretary outlines Labour’s tech priorities
Labour’s digital and technology plans focus on reining in the power of the tech giants, boosting connectivity across the UK, and improving online safety
-
November 02, 2022
02
Nov'22
Dropbox code compromised in phishing attack
Cloud storage service says malicious actors successfully accessed some of its code within GitHub, but insists customer data is secure
-
November 02, 2022
02
Nov'22
UK spent £6.4m on secret cyber package for Ukraine
Westminster has revealed for the first time the existence of a previously top-secret security programme that has been helping Ukraine fend off Russian cyber attacks
-
November 01, 2022
01
Nov'22
A third of UK cyber leaders want to quit, report says
Nearly a third of UK security leaders are considering leaving their current role, and more than half are struggling to keep on top of their workload
-
November 01, 2022
01
Nov'22
NCSC looks back on year of ‘profound change’ for cyber
The NCSC ramped up its support for UK plc in the past 12 months, but it was events beyond the UK’s borders that proved the most impactful
-
October 31, 2022
31
Oct'22
Prepare today for potentially high-impact OpenSSL bug
OpenSSL trailed a critical vulnerability patch last week, which will be only the second such flaw ever found in the open source encryption project. Unfortunately, the first was Heartbleed
-
October 28, 2022
28
Oct'22
Post Office warned of Horizon software-induced ‘tragedy’ in 1999
Problems experienced during live trials of the Post Office Horizon system predicted the ‘tragedy’ that unfolded
-
October 27, 2022
27
Oct'22
Government ups cyber support for elderly, vulnerable web users
DCMS announces a funding boost to help the elderly, disabled and other vulnerable groups stay safe online and avoid being misled by disinformation
-
October 27, 2022
27
Oct'22
NHS to get new national CISO
The Department for Health and Social Care is seeking a new national CISO, who will be tasked with providing strategic cyber leadership, direction and expertise across DHSC and the wider NHS
-
October 27, 2022
27
Oct'22
LinkedIn adds new features to safeguard user privacy, security
Social media platform is adding a number of features and systems designed to protect legitimate users from inauthentic profiles and activity
-
October 27, 2022
27
Oct'22
Santander calls for cooperation to tackle APP fraud
New report puts forward key recommendations that the banking sector, government and other industries could take to tackle authorised push payment fraud
-
October 26, 2022
26
Oct'22
ICO warns against using biometrics for ‘emotional analysis’
ICO warning highlights risk of ‘systemic bias’ and discrimination associated with organisations using biometric data and technologies for emotion analysis
-
October 25, 2022
25
Oct'22
One in five tech workers subject to workplace surveillance
Digital surveillance is now a common feature of the UK’s post-pandemic economy, says Prospect Union, adding to growing calls for workers to be given a greater say over how technologies are deployed in the workplace
-
October 25, 2022
25
Oct'22
US authorities charge two Chinese spies over telco security probe
Two Chinese nationals have been charged with attempting to obstruct the criminal prosecution of a prominent Chinese telecoms firm
-
October 25, 2022
25
Oct'22
Germany: European Court of Justice asked to rule on legality of hacked EncroChat phone evidence
Berlin’s Regional Court has asked the European Court of Justice to answer questions about whether the use of hacked EncroChat phone evidence complies with European law
-
October 25, 2022
25
Oct'22
Digital-first businesses more willing to accept some fraud
Companies founded in the past 20 years appear more willing to accept higher levels of fraudulent activity during the customer onboarding process, according to a report
-
October 24, 2022
24
Oct'22
Complacency biggest cyber risk to UK plc, says ICO
Information commissioner John Edwards warns against complacency as his office issues a multimillion-pound fine to a building company that failed to prevent a ransomware attack
-
October 20, 2022
20
Oct'22
The Security Interviews: Why now for ZTNA 2.0?
With organisations facing escalating online threats, security teams need to improve their defences using zero-trust network access to preserve the integrity of their systems. Palo Alto Networks’ Simon Crocker shares his views on zero-trust network ...
-
October 20, 2022
20
Oct'22
Parliamentary committee launches inquiry into AI governance
MPs will examine the impacts of artificial intelligence throughout the UK economy and how governance of the technology can be improved ahead of the government publishing its formal regulatory proposals
-
October 19, 2022
19
Oct'22
Ransomware crews regrouping as LockBit rise continues
Overall ransomware activity dropped off in the third quarter of 2022, but increasing attack volumes in September may herald a difficult few months ahead
-
October 19, 2022
19
Oct'22
Treat cyber crime as a ‘strategic threat’, UK businesses told
The government’s new National Cyber Advisory Board aims to help elevate cyber discussion and spur action in the business community
-
October 18, 2022
18
Oct'22
Virtually all vulnerable open source downloads are avoidable
Some 96% of known vulnerable open source downloads could have been avoided altogether, according to a report
-
October 17, 2022
17
Oct'22
Biden ramps up China chip sanctions
The war of words between China and the US has ramifications across the high-tech sector. We report on the latest developments
-
October 14, 2022
14
Oct'22
Annual costs of Hackney ransomware attack exceed £12m
Hackney Council reveals new insight into the ongoing cost of a ransomware attack that devastated its systems two years ago
-
October 14, 2022
14
Oct'22
Office 365 email encryption flaw could pose risk to user privacy
A vulnerability in Microsoft Office 365 Message Encryption could leave the contents of emails dangerously exposed, but with no fix coming it’s up to users to decide how at risk they are
-
October 14, 2022
14
Oct'22
Advanced: Healthcare data was stolen in LockBit 3.0 attack
Advanced has revealed a total of 16 of its health and social care sector customers had their data exfiltrated in a recent ransomware attack
-
October 13, 2022
13
Oct'22
Perpetrators of subpostmaster suffering in Horizon scandal must face public inquiry
Victims demand that the perpetrators of the Post Office Horizon IT scandal face the public inquiry
-
October 12, 2022
12
Oct'22
Microsoft fixes lone zero-day on October Patch Tuesday
Microsoft patched a solitary zero-day vulnerability in its latest monthly drop, but fixes for two others disclosed in the past few weeks are nowhere to be seen
-
October 12, 2022
12
Oct'22
ICO selectively discloses reprimands for data protection breaches
Data protection experts question ICO’s selective approach to publishing formal reprimands for contravening the law, after FoI request reveals the Cabinet Office was among the organisations reprimanded
-
October 11, 2022
11
Oct'22
Contractor left Toyota source code exposed for five years
Source code related to Toyota’s T-Connect service was left exposed on GitHub for over five years by a contractor
-
October 10, 2022
10
Oct'22
Ukraine and EU explore deeper cyber collaboration
A Ukrainian delegation has met with officials from the EU’s ENISA cyber agency to explore deeper cooperation on cyber security issues
-
October 06, 2022
06
Oct'22
EU rolling out measures for online safety and AI liability
The European Council has approved the passage of the Digital Services Act to protect people’s rights online, while the European Commission has announced proposals to help those negatively affected by artificial intelligence to claim compensation
-
October 05, 2022
05
Oct'22
Italian Supreme Court calls for prosecutors to disclose information on Sky ECC hacking operation
Italy’s Supreme Court says Italian prosecutors and police should disclose information on how they obtained intercepted messages from the Sky ECC cryptophone network
-
October 04, 2022
04
Oct'22
Public sector aims to close digital skills gap with private sector
Digital leaders from the public sector have stressed the need to build up the digital skills and capabilities of civil servants to successfully deliver the government’s digital transformation ambitions, but not at the expense of supplier ecosystems
-
October 04, 2022
04
Oct'22
Tories to replace GDPR
IT industry reacts to the government’s plan to replace the pan-European data protection regulation
-
September 30, 2022
30
Sep'22
Surveillance tech firms complicit in MENA human rights abuses
Research finds companies are profiting from surveillance technologies that facilitate human rights abuses against migrants, asylum seekers and refugees in the Middle East and North Africa, with little to no oversight
-
September 28, 2022
28
Sep'22
Whistleblower Peter Duffy calls for oversight of NHS records to prevent evidence tampering
A whistleblower has called for greater oversight in the handling of ‘safety-critical digital information’ across the NHS, in light of a number of cases that raise questions about data governance and record-keeping within the health service
-
September 28, 2022
28
Sep'22
Most hackers exfiltrate data within five hours of gaining access
Insights from more than 300 sanctioned adversaries, otherwise known as ‘ethical’ hackers, reveal that around two-thirds are able to collect and exfiltrate data within just five hours of gaining access
-
September 26, 2022
26
Sep'22
How Russian intelligence hacked the encrypted emails of former MI6 boss Richard Dearlove
Hack by Russian-linked ColdRiver group exposed former MI6 chief Richard Dearlove’s contacts and email communications with government, military, intelligence and political officials