News
IT governance
-
August 16, 2022
16
Aug'22
Why organisations need to harmonise their CIO and CISO roles
Unless properly managed, conflicting responsibilities between the chief information officer and the chief information security officer can cause project delays and budget overruns, says Netskope’s Mike Anderson
-
August 15, 2022
15
Aug'22
Lawyers and journalists sue CIA and Mike Pompeo over Assange surveillance claims
CIA and its former director sued over allegations that they authorised unlawful spying on US citizens when they visited WikiLeaks founder Julian Assange at the Ecuadorian Embassy in London
-
August 15, 2022
15
Aug'22
How clean data helps Southern Water identify vulnerable customers
Escalating prices means households around the country are having to tighten spending, with many struggling to pay their bills. Water4All, a consortium led by Southern Water, is using data to identify low-income and vulnerable households so they can ...
-
August 15, 2022
15
Aug'22
Report reveals consensus around Computer Misuse Act reform
A study produced by the CyberUp campaign reveals broad alignment among security professionals on questions around the Computer Misuse Act, which it hopes will give confidence to policymakers as they explore its reform
-
August 12, 2022
12
Aug'22
Online Safety Bill ‘not fit for purpose’, say tech experts
IT specialists lack confidence that legislation compelling tech firms to tackle online harms will work as intended, with only a small minority believing ‘harmful but legal’ content can be effectively and proportionately policed by internet platforms
-
August 11, 2022
11
Aug'22
NHS may take a month to recover from supply chain attack
Ransomware attack victim Advanced warns its NHS customers they could be waiting until early September to fully recover their operations
-
August 10, 2022
10
Aug'22
Microsoft fixes two-year-old MSDT vulnerability in August update
August’s Patch Tuesday drop fixes more than 120 CVEs, including another MSDT RCE zero-day that is being actively exploited.
-
August 10, 2022
10
Aug'22
‘Coopetition’ a growing trend among ransomware gangs
Sophos shares data from its new X-Ops unit at Black Hat in Las Vegas, revealing a growing number of ransomware victims being attacked by multiple gangs at the same time
-
August 10, 2022
10
Aug'22
UK to surveil convicted migrants with facial recognition
A Home Office scheme to biometrically scan the faces of convicted migrants who have already carried out punishments has come under fire from privacy and human rights groups for being discriminatory
-
August 09, 2022
09
Aug'22
Cyber insurance getting harder to obtain
Organisations looking to shore up their security postures face more and more barriers to obtaining cyber insurance
-
August 08, 2022
08
Aug'22
NHS recovering key services after attack on supplier
Incident at software provider Advanced took out multiple NHS services before the weekend, including the 111 advice service
-
August 05, 2022
05
Aug'22
Reliance on PSN may have exacerbated cyber attack impact
As it seeks a new supplier to reinvigorate the migration away from the Public Services Network, the Cabinet Office says relying on the legacy network may be putting public sector bodies at heightened risk in cyber attacks
-
August 04, 2022
04
Aug'22
SBRC to administer NCSC training across Scotland
The Scottish Business Resilience Centre has been awarded a £500,000 contract to extend cyber resilience training across more than 250 at-risk organisations
-
August 03, 2022
03
Aug'22
New EU due diligence law needs amending to stop tech sector abuse
European corporate due diligence directive seeking to transform how companies approach their human rights and environmental risk is welcome, but without further changes, it will fail to effectively curb tech firms’ harmful practices, claims ...
-
August 02, 2022
02
Aug'22
UK safety tech sector sees strong revenue and employment growth
Safety tech is now one of the fastest-growing sectors in the UK tech industry, with jumps in revenue, investment and employment
-
July 29, 2022
29
Jul'22
Austrian data firm accused of selling malware, conducting cyber attacks
Microsoft has accused DSIRF, an Austrian data services firm, of involvement in a string of cyber attacks
-
July 28, 2022
28
Jul'22
H0lyGh0st ransomware gang faces challenges, but still a threat
Digital Shadows reports on the recently identified H0lyGh0st ransomware outfit, a new threat actor operating out of North Korea that faces some clear challenges, but is nevertheless still a live threat
-
July 28, 2022
28
Jul'22
NCSC startups scheme turns focus to operational technology, SME security
NCSC for Startups initiative turns its focus to supporting innovation around securing operational technology and addressing the challenges facing small businesses
-
July 28, 2022
28
Jul'22
Home Office selects CGI as strategic delivery partner
IT services supplier will act as strategic delivery partner for the Home Office’s plans to modernise and join up UK law enforcement’s digital capabilities
-
July 28, 2022
28
Jul'22
Hibs push for the backup premier league with Acronis
Hibernian FC signs Acronis to get top division data protection and make the most of ticketing information and match footage as it tries to gain more value from the data it holds
-
July 27, 2022
27
Jul'22
Consumers left out of pocket as security costs soar
As the average cost of a security incident reaches an all-time high of nearly $4.5m, an IBM Security study reveals how these costs are being passed on to ordinary people
-
July 27, 2022
27
Jul'22
US doubles bounty on Lazarus cyber crime group to $10m
US State Department doubles a previously announced reward for information on North Korean cyber criminals, including the notorious Lazarus group
-
July 27, 2022
27
Jul'22
Retail software firm PrestaShop warns users about SQL injection attacks
Open source e-commerce platform PrestaShop warns thousands of small retailers that their customers’ credit card details may be at risk of compromise
-
July 27, 2022
27
Jul'22
Cyber security training ‘boring’ and largely ignored
Two-thirds of employees don’t bother to pay attention to cyber security training – and the fault does not lie with them
-
July 26, 2022
26
Jul'22
Secret court asked to quash a decade of MI5 surveillance warrants following ‘systemic breaches’
The culture at MI5 was to ‘prioritise’ missions ‘over everything else’, including compliance with safeguards designed to protect the public, the UK’s most secret court heard yesterday
-
July 26, 2022
26
Jul'22
No More Ransom initiative helps 1.5 million people in six years
One and a half million people have now taken advantage of free ransomware decryption tools offered by a joint European project
-
July 26, 2022
26
Jul'22
Meta publishes first-ever human rights report
Meta details its approach to protecting and promoting human rights, but civil society groups say the company has failed to grapple with the human rights risks associated with its own business model
-
July 26, 2022
26
Jul'22
Ducktail infostealer targets Facebook Business users
Newly uncovered Ducktail operation targets individuals with access to Facebook Business service and tries to steal their accounts
-
July 25, 2022
25
Jul'22
Home Office ‘unlawfully’ approved MI5 bulk surveillance warrants
MI5 provided ‘false information’ to the Home Office to secure bulk surveillance warrants, the Investigatory Powers Tribunal heard
-
July 25, 2022
25
Jul'22
NCSC seeks community input for Cyber Advisor service
The NCSC is proposing to establish a new Cyber Advisor service to train up experts in security guidance, and is inviting interested parties to come forward
-
July 25, 2022
25
Jul'22
The Security Interviews: Why you need to protect abandoned digital assets
The war in Ukraine and subsequent boycott of Russia resulted in a swathe of digital infrastructure being abandoned, becoming a potential vulnerability for many organisations, says Cyberpion’s Ran Nahmias
-
July 22, 2022
22
Jul'22
LinkedIn most impersonated brand in phishing attacks
Social network LinkedIn, along with Microsoft and DHL, are just some of the brands that are most frequently imitated by cyber criminals conducting phishing attacks
-
July 22, 2022
22
Jul'22
Forrester: European cloud adoption accelerates
The rise in public cloud usage across the UK and EU will speed up new cloud-specific regulations
-
July 21, 2022
21
Jul'22
Buy ‘plug-n-play’ malware for the price of a pint of beer
Three-quarters of malwares and almost 90% of exploits retail on the dark web for about £8.40 or less, according to a report
-
July 21, 2022
21
Jul'22
Russia-linked APTs targeted fleeing Ukrainian civilians
Mandiant and the US authorities have shared details of a phishing campaign that spoofed humanitarian information on evacuation procedures to target Ukrainians fleeing Russian bombardment
-
July 21, 2022
21
Jul'22
UK government introduces data reforms legislation to Parliament
Proposed changes to UK’s data protection regime include new grounds for data processing, significant powers for the secretary of state to direct the regime’s application, and fewer restrictions on law enforcement’s use of data
-
July 20, 2022
20
Jul'22
Transatlantic PET contest open for entries
A joint UK-US innovation prize challenge for developers of privacy-enhancing technologies has opened for entries
-
July 20, 2022
20
Jul'22
Cato aims to bust cyber myths as it extends network protections
Cato Networks is beefing up its platform’s security features with ransomware and data loss protections, and the firm’s security strategy lead Etay Maor is using the occasion – and his unique access to billions of data points from the firm’s network ...
-
July 20, 2022
20
Jul'22
Barnet Council to bring work outsourced to Capita back in-house by 2026
London borough is bringing swathes of outsourced services back in-house next year, with more to follow by 2026
-
July 20, 2022
20
Jul'22
Russia’s Cozy Bear abusing Dropbox, Google Drive to target victims
Russian APT known as Cozy Bear has become adept at quickly incorporating popular cloud storage services into its attack chain to avoid detection
-
July 19, 2022
19
Jul'22
Pro-business AI framework spans sector-specific regulations
But should organisations deploying artificial intelligence comply with EU or UK proposals?
-
July 18, 2022
18
Jul'22
US cyber agency CISA to open London office
The US Cybersecurity and Infrastructure Security Agency has chosen London to host its first office outside America
-
July 15, 2022
15
Jul'22
NHS trust ‘deliberately’ deleted up to 90,000 emails before tribunal hearing
A high-profile case brought by NHS whistleblower Chris Day raises questions about the adequacy of information governance practices in NHS hospital trusts
-
July 15, 2022
15
Jul'22
Drivers’ union calls for immediate dismissal of Uber executive
Uber’s continued employment of an executive directly involved in efforts to resist regulatory oversight puts the ride-hailing firm in breach of its 2018 licence conditions, says drivers’ union
-
July 15, 2022
15
Jul'22
Log4Shell on its way to becoming ‘endemic’
US government report concludes that, like Covid, Log4Shell will be with us for a long time to come
-
July 14, 2022
14
Jul'22
How hostile government APTs target journalists for cyber intrusions
Proofpoint shares data on multiple campaigns of cyber intrusions against journalists originating from threat actors aligned to the governments of China, Iran, North Korea and Turkey
-
July 14, 2022
14
Jul'22
ICO wants to ‘empower people through information’
Information Commissioner’s Office sets out commitment to safeguard the information rights of the most vulnerable people in UK society
-
July 13, 2022
13
Jul'22
Slippery phish wriggles around MFA protections, says Microsoft
Microsoft’s threat researchers share details of a phishing campaign that hit 10,000 organisations, against which standard multifactor authentication provides little defence
-
July 13, 2022
13
Jul'22
ICO calls for review into government use of private email and WhatsApp messages
Information Commissioner’s Office reprimands Department of Health and Social Care after ministers and officials conducted government business on their own email accounts and messaging apps
-
July 12, 2022
12
Jul'22
MaliBot Android malware spreading fast, says Check Point
The MaliBot malware is becoming a persistent and widespread problem, and Android users should be on their guard, says Check Point