News

IT governance

January 12, 2023 12 Jan'23
Guardian confirms Christmas 2022 cyber attack was ransomware

Guardian Media Group bosses confirm the 20 December cyber attack that left staff locked out of its London office and disrupted several key systems was an untargeted ransomware attack
January 11, 2023 11 Jan'23
Royal Mail services hit by major cyber attack

UK postal service Royal Mail is asking customers not to send any overseas letters or parcels while it deals with the impact of an ongoing cyber attack
January 11, 2023 11 Jan'23
Internet shutdowns cost global economy $24bn in 2022

Deliberate disruption of people’s access to the internet by governments is having a substantial economic impact and contributing to a range of human rights abuses, primarily against protestors
January 11, 2023 11 Jan'23
Microsoft fixes EoP zero-day on January Patch Tuesday

On the first Patch Tuesday of 2023, Microsoft fixed an elevation of privilege vulnerability in Windows Advanced Local Procedure Call, which has been actively exploited in the wild and may be co-opted into ransomware campaigns

January 10, 2023 10 Jan'23
Insurer Beazley introduces catastrophe bond to ease cyber risk

Insurance company Beazley says that its $45m cyber catastrophe bond will help to protect its balance sheet and enable it to offer more cyber insurance cover
January 10, 2023 10 Jan'23
Former subpostmaster Alan Bates, who ‘pulled up trees and moved mountains’, turns down OBE offer

Alan Bates, who fought for decades to expose the Post Office Horizon IT scandal, says it would be inappropriate to accept an OBE when former Post Office CEO Paula Vennells still holds her CBE
January 08, 2023 08 Jan'23
Vulnerable organisations to get free Cyber Essentials support

Charities and legal aid firms are among those to be offered free security checks and certifications from the National Cyber Security Centre
January 06, 2023 06 Jan'23
Proposed digital fraud refund rules risk excluding many victims

Proposals to establish a fraud refund mechanism in the UK risk excluding many victims of digitally enabled fraud, a major bank has warned
January 06, 2023 06 Jan'23
Russia’s Turla falls back on old malware C2 domains to avoid detection

Mandiant says it has observed the Russian APT UNC2410, also known as Turla, re-registering expired or sinkholed domains previously used by financially motivated cyber criminals
January 05, 2023 05 Jan'23
Generative AI: Preparing for next-gen artificial intelligence

ChatGPT is one of a new breed of AI models that promises to deliver machine-based creativity

January 05, 2023 05 Jan'23
Cyber gang abused free trials to exploit public cloud CPU resources

A South Africa-based cyber crime gang exploited free trials and introductory offers to run cryptominers via public cloud services, then did a runner without paying
January 05, 2023 05 Jan'23
Warning over ransomware attacks spreading via Fortinet kit

Following the disclosure of a critical vulnerability in October 2022, Fortinet VPN devices were exploited in two known ransomware attacks, with access likely sold on the dark web
January 05, 2023 05 Jan'23
Fallout from Guardian cyber attack to last at least a month

The Guardian newspaper’s offices remained shut into the New Year following a supposed ransomware attack, with disruption likely to last some time
January 03, 2023 03 Jan'23
Test of digital ID tech at Surrey nightclub proclaimed success

The majority of visitors to a Camberley venue who piloted a digital identification app developed by 1account said they found it easy to use and preferred it to standard physical ID
December 30, 2022 30 Dec'22
Top 10 Computer Weekly Downtime Upload podcasts of 2022

The team began with a sombre episode about Ukraine and went on to tackle the more familiar topics of diversity, datacentre sustainability and data. New for 22: Cliff Saran’s interviews with IT thought leaders
December 29, 2022 29 Dec'22
Top 10 technology and ethics stories of 2022

Here are Computer Weekly’s top 10 technology and ethics stories of 2022
December 29, 2022 29 Dec'22
Top 10 Nordic IT stories of 2022

Here are Computer Weekly's top 10 Nordic IT articles of 2022
December 29, 2022 29 Dec'22
Top 10 technology startup stories of 2022

Here are Computer Weekly’s top 10 technology startup stories of 2022
December 28, 2022 28 Dec'22
Complaints that NCA failed in duty of candour over EncroChat warrants ‘incredible’, court hears

NCA lawyers argue that a decision by an NCA intelligence officer to disclose notes of a key meeting after two-and-a-half years boosts her credibility as a witness
December 28, 2022 28 Dec'22
Top 10 Middle East IT stories of 2022

Here are Computer Weekly's top 10 Middle East IT articles of 2022
December 23, 2022 23 Dec'22
Top 10 IT leadership interviews of 2022

Computer Weekly talks to more IT leaders than any other publication, so we can share insights into the latest in strategy and best practice from the top CIOs, CTOs and CDOs
December 23, 2022 23 Dec'22
Top 10 Benelux IT stories of 2022

Here are Computer Weekly’s top 10 Benelux articles of 2022
December 23, 2022 23 Dec'22
Top 10 financial services IT stories of 2022

Here are Computer Weekly’s top 10 financial services IT articles of 2022, looking back at the moves and changes over the past year
December 22, 2022 22 Dec'22
Top 10 cyber security stories of 2022

The war in Ukraine loomed large over the cyber security news agenda, but 2022 also saw growing awareness of open source security, discussion around cyber insurance, and more besides
December 22, 2022 22 Dec'22
Top 10 crime, national security and law stories of 2022

Here are Computer Weekly’s top 10 crime, national security and law stories of 2022
December 22, 2022 22 Dec'22
Top 10 cyber crime stories of 2022

Cyber crime continued to hit the headlines in 2022, with impactful cyber attacks abounding, digitally enabled fraud ever more widespread and plenty of ransomware incidents
December 20, 2022 20 Dec'22
TSB hit with huge fine after IT migration disaster

TSB has been fined nearly £50m due to failings during its IT migration catastrophe
December 16, 2022 16 Dec'22
Shiseido data breach victims plan legal action over fake companies

Employees and former employees of cosmetics firm Shiseido whose data was stolen in a recent breach are planning group legal action after their information was used to establish fraudulent companies in their names
December 16, 2022 16 Dec'22
UK unis implement new IP traffic policies to combat ransomware

Jisc will introduce new measures to protect UK universities and research institutions from ransomware attacks that exploit the Remote Desktop Protocol remote-access feature
December 15, 2022 15 Dec'22
Digital Ethics Summit: Who benefits from new technology?

Experts at the 2022 Digital Ethics Summit say expedited development cycles and obviously over-hyped PR material, in tandem with the public’s near-total exclusion from conversations around technology, is creating distrust towards the tech sector
December 14, 2022 14 Dec'22
Criminal Cases Review Commission calls on more convicted subpostmasters to come forward

The Criminal Cases Review Commission wants more former subpostmasters to come forward if they think they were prosecuted by the Post Office based on data from the error-prone Horizon computer system
December 14, 2022 14 Dec'22
Private health provider data could be shared with NHS England

Plans are advancing to create a single source of healthcare data in England combining both private providers and the NHS to avoid a repeat of the Ian Paterson scandal
December 14, 2022 14 Dec'22
NHS gets new guidance on public benefits of data sharing

NHS national data guardian Nicola Byrne has published new guidance on how health and social care bodies should approach the task of evaluating public benefit when using data for purposes beyond individual care
December 14, 2022 14 Dec'22
Ethical hackers flex their muscles in 2022

Ethical hackers working through HackerOne programmes found 21% more vulnerabilities in 2022 than in 2021
December 14, 2022 14 Dec'22
Microsoft fixes two zero-days in final Patch Tuesday of 2022

December’s Patch Tuesday is typically a light month for Microsoft, and this year proved no exception, but there are still several critical issues worth addressing, and two zero-days for defenders to pore over
December 14, 2022 14 Dec'22
New cyber approaches ease Registers of Scotland’s AWS migration

As the holder of the oldest national public land register in the world, Registers of Scotland has a storied history dating back centuries. Find out how Palo Alto Networks is keeping its processes and data secure as it goes all-in on Amazon Web ...
December 13, 2022 13 Dec'22
EU issues draft data adequacy decision in favour of US

The European Commission has concluded that the United States does ensure an adequate level of protection for personal data transferred from the European Union and will now launch the process towards the adoption of an adequacy decision
December 13, 2022 13 Dec'22
More Uber data exposed in possible supply chain attack

A second incident affecting ride-sharing app Uber appears to have originated through a third party in a supply chain attack
December 12, 2022 12 Dec'22
Cloud-based fingerprint system for UK police nears completion

Police Digital Service announces that a new cloud-based fingerprint system developed under its Transforming Forensics programme is nearly complete, but data protection concerns around the use of US-based cloud providers remain
December 09, 2022 09 Dec'22
Iranian APT seen exploiting GitHub repository as C2 mechanism

A subgroup of the Iran-linked Cobalt Mirage APT group has been caught taking advantage of the GitHub open source project as a means to operate its latest custom malware
December 09, 2022 09 Dec'22
Online Safety Bill returns to Parliament

MPs and online safety experts have expressed concern about encryption-breaking measures contained in the Online Safety Bill as it returns to Parliament for the first time since its passage was paused in July
December 08, 2022 08 Dec'22
Consumers to get new protections against dodgy apps

Government’s new code of practice will impose new privacy and security measures on app store operators and developers
December 08, 2022 08 Dec'22
Apple to tap third party for physical security keys

Apple is launching a number of new security protections, including the addition of third-party-provided hardware security keys
December 07, 2022 07 Dec'22
Clinicians who raised patient safety risks claim Berkshire NHS trust deleted email evidence

A tribunal hearing considering claims that an NHS trust destroyed email evidence and had put the safety of geriatric patients at risk, was cut short after clinicians faced “life-changing” costs
December 07, 2022 07 Dec'22
Rackspace email outage confirmed as ransomware attack

An ongoing outage affecting Rackspace email customers is the result of a ransomware attack
December 07, 2022 07 Dec'22
Google, MS, Oracle vulnerabilities make November ’22 a big month for patching

Vulnerabilities affecting the likes of Google, Microsoft and Oracle proved particularly troublesome in November
December 07, 2022 07 Dec'22
Post Office scandal – “cock-up or cook-up”?

The second phase of the Post Office Horizon IT scandal raised more questions over who did what, when and where, with shocking revelations at every turn
December 06, 2022 06 Dec'22
Legacy IT magnifies cyber risk for Defra, says NAO

Some 30% of Defra’s applications are currently unsupported, magnifying cyber risk as the government department struggles to make progress on a digital transformation programme
December 06, 2022 06 Dec'22
EU fails to protect human rights in surveillance tech transfers

Transfers of surveillance technology from the European Union to African governments are carried out without due regard for the human rights impacts, the European Ombudsman has found after a year-long investigation into the European Commission’s ...
December 06, 2022 06 Dec'22
Don’t become an unwitting tool in Russia’s cyber war

Researchers have turned up evidence that enterprise networks are being co-opted by Russian threat actors to launch attacks against targets in Ukraine. How can you avoid becoming an unwitting tool in a state-backed attack?