News

IT governance

August 15, 2022 15 Aug'22
How clean data helps Southern Water identify vulnerable customers

Escalating prices means households around the country are having to tighten spending, with many struggling to pay their bills. Water4All, a consortium led by Southern Water, is using data to identify low-income and vulnerable households so they can ...
August 15, 2022 15 Aug'22
Report reveals consensus around Computer Misuse Act reform

A study produced by the CyberUp campaign reveals broad alignment among security professionals on questions around the Computer Misuse Act, which it hopes will give confidence to policymakers as they explore its reform
August 12, 2022 12 Aug'22
Online Safety Bill ‘not fit for purpose’, say tech experts

IT specialists lack confidence that legislation compelling tech firms to tackle online harms will work as intended, with only a small minority believing ‘harmful but legal’ content can be effectively and proportionately policed by internet platforms
August 11, 2022 11 Aug'22
NHS may take a month to recover from supply chain attack

Ransomware attack victim Advanced warns its NHS customers they could be waiting until early September to fully recover their operations

August 10, 2022 10 Aug'22
Microsoft fixes two-year-old MSDT vulnerability in August update

August’s Patch Tuesday drop fixes more than 120 CVEs, including another MSDT RCE zero-day that is being actively exploited.
August 10, 2022 10 Aug'22
‘Coopetition’ a growing trend among ransomware gangs

Sophos shares data from its new X-Ops unit at Black Hat in Las Vegas, revealing a growing number of ransomware victims being attacked by multiple gangs at the same time
August 10, 2022 10 Aug'22
UK to surveil convicted migrants with facial recognition

A Home Office scheme to biometrically scan the faces of convicted migrants who have already carried out punishments has come under fire from privacy and human rights groups for being discriminatory
August 09, 2022 09 Aug'22
Cyber insurance getting harder to obtain

Organisations looking to shore up their security postures face more and more barriers to obtaining cyber insurance
August 08, 2022 08 Aug'22
NHS recovering key services after attack on supplier

Incident at software provider Advanced took out multiple NHS services before the weekend, including the 111 advice service
August 05, 2022 05 Aug'22
Reliance on PSN may have exacerbated cyber attack impact

As it seeks a new supplier to reinvigorate the migration away from the Public Services Network, the Cabinet Office says relying on the legacy network may be putting public sector bodies at heightened risk in cyber attacks

August 04, 2022 04 Aug'22
SBRC to administer NCSC training across Scotland

The Scottish Business Resilience Centre has been awarded a £500,000 contract to extend cyber resilience training across more than 250 at-risk organisations
August 03, 2022 03 Aug'22
New EU due diligence law needs amending to stop tech sector abuse

European corporate due diligence directive seeking to transform how companies approach their human rights and environmental risk is welcome, but without further changes, it will fail to effectively curb tech firms’ harmful practices, claims ...
August 02, 2022 02 Aug'22
UK safety tech sector sees strong revenue and employment growth

Safety tech is now one of the fastest-growing sectors in the UK tech industry, with jumps in revenue, investment and employment
July 29, 2022 29 Jul'22
Austrian data firm accused of selling malware, conducting cyber attacks

Microsoft has accused DSIRF, an Austrian data services firm, of involvement in a string of cyber attacks
July 28, 2022 28 Jul'22
H0lyGh0st ransomware gang faces challenges, but still a threat

Digital Shadows reports on the recently identified H0lyGh0st ransomware outfit, a new threat actor operating out of North Korea that faces some clear challenges, but is nevertheless still a live threat
July 28, 2022 28 Jul'22
NCSC startups scheme turns focus to operational technology, SME security

NCSC for Startups initiative turns its focus to supporting innovation around securing operational technology and addressing the challenges facing small businesses
July 28, 2022 28 Jul'22
Home Office selects CGI as strategic delivery partner

IT services supplier will act as strategic delivery partner for the Home Office’s plans to modernise and join up UK law enforcement’s digital capabilities
July 28, 2022 28 Jul'22
Hibs push for the backup premier league with Acronis

Hibernian FC signs Acronis to get top division data protection and make the most of ticketing information and match footage as it tries to gain more value from the data it holds
July 27, 2022 27 Jul'22
Consumers left out of pocket as security costs soar

As the average cost of a security incident reaches an all-time high of nearly $4.5m, an IBM Security study reveals how these costs are being passed on to ordinary people
July 27, 2022 27 Jul'22
US doubles bounty on Lazarus cyber crime group to $10m

US State Department doubles a previously announced reward for information on North Korean cyber criminals, including the notorious Lazarus group
July 27, 2022 27 Jul'22
Retail software firm PrestaShop warns users about SQL injection attacks

Open source e-commerce platform PrestaShop warns thousands of small retailers that their customers’ credit card details may be at risk of compromise
July 27, 2022 27 Jul'22
Cyber security training ‘boring’ and largely ignored

Two-thirds of employees don’t bother to pay attention to cyber security training – and the fault does not lie with them
July 26, 2022 26 Jul'22
Secret court asked to quash a decade of MI5 surveillance warrants following ‘systemic breaches’

The culture at MI5 was to ‘prioritise’ missions ‘over everything else’, including compliance with safeguards designed to protect the public, the UK’s most secret court heard yesterday
July 26, 2022 26 Jul'22
No More Ransom initiative helps 1.5 million people in six years

One and a half million people have now taken advantage of free ransomware decryption tools offered by a joint European project
July 26, 2022 26 Jul'22
Meta publishes first-ever human rights report

Meta details its approach to protecting and promoting human rights, but civil society groups say the company has failed to grapple with the human rights risks associated with its own business model
July 26, 2022 26 Jul'22
Ducktail infostealer targets Facebook Business users

Newly uncovered Ducktail operation targets individuals with access to Facebook Business service and tries to steal their accounts
July 25, 2022 25 Jul'22
Home Office ‘unlawfully’ approved MI5 bulk surveillance warrants

MI5 provided ‘false information’ to the Home Office to secure bulk surveillance warrants, the Investigatory Powers Tribunal heard
July 25, 2022 25 Jul'22
NCSC seeks community input for Cyber Advisor service

The NCSC is proposing to establish a new Cyber Advisor service to train up experts in security guidance, and is inviting interested parties to come forward
July 25, 2022 25 Jul'22
The Security Interviews: Why you need to protect abandoned digital assets

The war in Ukraine and subsequent boycott of Russia resulted in a swathe of digital infrastructure being abandoned, becoming a potential vulnerability for many organisations, says Cyberpion’s Ran Nahmias
July 22, 2022 22 Jul'22
LinkedIn most impersonated brand in phishing attacks

Social network LinkedIn, along with Microsoft and DHL, are just some of the brands that are most frequently imitated by cyber criminals conducting phishing attacks
July 22, 2022 22 Jul'22
Forrester: European cloud adoption accelerates

The rise in public cloud usage across the UK and EU will speed up new cloud-specific regulations
July 21, 2022 21 Jul'22
Buy ‘plug-n-play’ malware for the price of a pint of beer

Three-quarters of malwares and almost 90% of exploits retail on the dark web for about £8.40 or less, according to a report
July 21, 2022 21 Jul'22
Russia-linked APTs targeted fleeing Ukrainian civilians

Mandiant and the US authorities have shared details of a phishing campaign that spoofed humanitarian information on evacuation procedures to target Ukrainians fleeing Russian bombardment
July 21, 2022 21 Jul'22
UK government introduces data reforms legislation to Parliament

Proposed changes to UK’s data protection regime include new grounds for data processing, significant powers for the secretary of state to direct the regime’s application, and fewer restrictions on law enforcement’s use of data
July 20, 2022 20 Jul'22
Transatlantic PET contest open for entries

A joint UK-US innovation prize challenge for developers of privacy-enhancing technologies has opened for entries
July 20, 2022 20 Jul'22
Cato aims to bust cyber myths as it extends network protections

Cato Networks is beefing up its platform’s security features with ransomware and data loss protections, and the firm’s security strategy lead Etay Maor is using the occasion – and his unique access to billions of data points from the firm’s network ...
July 20, 2022 20 Jul'22
Barnet Council to bring work outsourced to Capita back in-house by 2026

London borough is bringing swathes of outsourced services back in-house next year, with more to follow by 2026
July 20, 2022 20 Jul'22
Russia’s Cozy Bear abusing Dropbox, Google Drive to target victims

Russian APT known as Cozy Bear has become adept at quickly incorporating popular cloud storage services into its attack chain to avoid detection
July 19, 2022 19 Jul'22
Pro-business AI framework spans sector-specific regulations

But should organisations deploying artificial intelligence comply with EU or UK proposals?
July 18, 2022 18 Jul'22
US cyber agency CISA to open London office

The US Cybersecurity and Infrastructure Security Agency has chosen London to host its first office outside America
July 15, 2022 15 Jul'22
NHS trust ‘deliberately’ deleted up to 90,000 emails before tribunal hearing

A high-profile case brought by NHS whistleblower Chris Day raises questions about the adequacy of information governance practices in NHS hospital trusts
July 15, 2022 15 Jul'22
Drivers’ union calls for immediate dismissal of Uber executive

Uber’s continued employment of an executive directly involved in efforts to resist regulatory oversight puts the ride-hailing firm in breach of its 2018 licence conditions, says drivers’ union
July 15, 2022 15 Jul'22
Log4Shell on its way to becoming ‘endemic’

US government report concludes that, like Covid, Log4Shell will be with us for a long time to come
July 14, 2022 14 Jul'22
How hostile government APTs target journalists for cyber intrusions

Proofpoint shares data on multiple campaigns of cyber intrusions against journalists originating from threat actors aligned to the governments of China, Iran, North Korea and Turkey
July 14, 2022 14 Jul'22
ICO wants to ‘empower people through information’

Information Commissioner’s Office sets out commitment to safeguard the information rights of the most vulnerable people in UK society
July 13, 2022 13 Jul'22
Slippery phish wriggles around MFA protections, says Microsoft

Microsoft’s threat researchers share details of a phishing campaign that hit 10,000 organisations, against which standard multifactor authentication provides little defence
July 13, 2022 13 Jul'22
ICO calls for review into government use of private email and WhatsApp messages

Information Commissioner’s Office reprimands Department of Health and Social Care after ministers and officials conducted government business on their own email accounts and messaging apps
July 12, 2022 12 Jul'22
MaliBot Android malware spreading fast, says Check Point

The MaliBot malware is becoming a persistent and widespread problem, and Android users should be on their guard, says Check Point
July 12, 2022 12 Jul'22
Microsoft Windows Autopatch now generally available

Microsoft customers with Windows Enterprise E3 and E5 licences can now take full advantage of its new automated patching service
July 11, 2022 11 Jul'22
Oracle to open first sovereign cloud regions for EU-based users in 2023

Database software giant Oracle has set out plans to provide private enterprises and public sector organisations with access to sovereign cloud regions, with the first set to open in Spain and Germany next year