News

IT governance

June 09, 2022 09 Jun'22
Trade body calls for public-private sector collab on digital ID

TechUK has published a report outlining 10 key recommendations it believes are urgently needed to enable the rapid creation of an effectively regulated digital identity marketplace
June 08, 2022 08 Jun'22
China using top consumer routers to hack Western comms networks

An advisory from US cyber authorities shares details of multiple vulnerabilities exploited by Chinese state actors to hack into Western telecoms networks
June 08, 2022 08 Jun'22
ProxyLogon, ProxyShell may have driven increase in dwell times

The median network intruder dwell time was up 36% to 15 days last year, thanks to massive exploitation of the ProxyLogon and ProxyShell vulnerabilities by IABs, according to new Sophos data
June 07, 2022 07 Jun'22
Software house Mega achieves holistic SaaS security with Synopsys

Mega International, a supplier of IT management software, turned to Synopsys’s Coverity and Black Duck products to reassure both itself and its customers that its software-as-a-service offerings were built to the best possible security standards

May 26, 2022 26 May'22
Consultation launched on datacentre, cloud security

The government is seeking views on how to boost the security and resilience of the UK’s datacentres and online cloud platforms
May 26, 2022 26 May'22
Two-thirds of UK organisations defrauded since start of pandemic

Nearly two out of three UK companies say they have experienced some form of fraud or economic crime in the past two years, according to a report
May 26, 2022 26 May'22
Most CFOs being left out of ransomware conversations

Barely a tenth of CFOs are actively involved in planning for cyber attacks, according to a report
May 24, 2022 24 May'22
ICO orders facial recognition firm Clearview AI to delete all data about UK residents

UK data watchdog fines facial recognition company Clearview AI £7.5m for multiple privacy breaches. The firm, which offers services to law enforcement, faces growing pressure from regulators and legal action around the world
May 24, 2022 24 May'22
Ransomware volumes grew faster than ever in 2021

Verizon’s annual DBIR assessment of the security landscape highlights an unprecedented boom in ransomware volumes, to the surprise of nobody
May 23, 2022 23 May'22
Did the Conti ransomware crew orchestrate its own demise?

Analysts examining the shutdown of the Conti ransomware syndicate suggest the cyber crime collective orchestrated its own demise

May 20, 2022 20 May'22
Applying international law to cyber will be a tall order

Many in the security community have voiced their support for the UK government’s ambitions to work towards agreement with other countries on the application of international law to cyber space, but not without some reservations
May 20, 2022 20 May'22
Third of organisations to outsource more IT amid talent shortage

Cutting costs is not the main reason for outsourcing IT in the UK, according to a major study
May 20, 2022 20 May'22
Microsoft drops emergency patch after Patch Tuesday screw up

Microsoft fixed a certificate mapping issue that caused server authentication failures on domain controllers for users that had installed the most recent Patch Tuesday updates
May 19, 2022 19 May'22
Defensive cyber attacks may be justified, says attorney general

Speaking ahead of a speech at the Chatham House think tank, the UK’s attorney general has suggested defensive cyber attacks against hostile countries may be legally justifiable
May 19, 2022 19 May'22
Deliveroo accused of ‘soft union busting’ with GMB deal

Smaller grassroots unions have criticised Deliveroo and GMB for making a “hollow” deal that will ultimately undermine workers’ self-organising efforts
May 19, 2022 19 May'22
Red teaming will be standard in Dutch governmental organisations by 2025

The Dutch government wants to include the testing of the digital security of systems, processes and people – also known as red teaming – in all of its governmental organisations’ test planning and budgeting by 2025 at the latest
May 16, 2022 16 May'22
Gartner Data & Analytics Summit: Unleash innovation on emergence from pandemic

Analysts at the Gartner Data & Analytics Summit in London urged D&A leaders to unleash innovation as their organisations emerge from the shadow of the pandemic
May 13, 2022 13 May'22
Pro-competition data sharing will not include users’ personal info, says minister

UK government proposals to improve competition in digital markets by making tech giants share data with smaller firms will not include consumers’ personal information, says digital minister
May 12, 2022 12 May'22
GPDPR data scrape a ‘mistake’, says leading scientist

Giving evidence to the Science and Technology Committee, academic, physician and science writer Ben Goldacre has expressed serious misgivings about the on-hold GPDPR NHS data scrape
May 11, 2022 11 May'22
CyberUK 22: Five Eyes focuses on MSP security

The western intelligence community has set out practical steps IT service providers and their customers can take to protect themselves
May 11, 2022 11 May'22
Data Reform Bill announced in Queen’s Speech

Government claims proposals to reform the UK’s data protection regime will create a framework ‘focused on privacy outcomes rather than box-ticking’
May 11, 2022 11 May'22
Analysts confirm return of REvil ransomware gang

Secureworks CTU analysis has found that the REvil ransomware is undergoing active development, possibly heralding a new campaign of cyber attacks
May 11, 2022 11 May'22
Microsoft fixes three zero-days on May Patch Tuesday

It’s the second-to-last Patch Tuesday as we know it, and Microsoft has fixed a total of 75 bugs, including three zero-days
May 10, 2022 10 May'22
CyberUK 22: Cyber leaders affirm UK’s whole-of-society strategy

On the opening day of CyberUK 2022, GCHQ director Jeremy Fleming and NCSC CEO Lindy Cameron have spoken of their commitment to the government’s ambition for a whole-of-society cyber strategy
May 10, 2022 10 May'22
Post Office scandal inquiry chair brings forward urgent compensation hearings

The chair of the Post Office Horizon scandal inquiry has brought forward hearings about compensation as victims warn that at this rate “people will die” before they get anything
May 10, 2022 10 May'22
CyberUK 22: NCSC refreshes cloud security guidance

The National Cyber Security Centre is revising its cloud guidance as increasing uptake of potentially vulnerable cloud services puts more organisations at risk of compromise
May 06, 2022 06 May'22
UK digital markets regulator to be given statutory powers

Digital Markets Unit will be put on statutory footing by UK government to ensure technology giants do not abuse market power, but announcement comes with no clear indication of when legislation will be introduced
May 03, 2022 03 May'22
Post Office scandal CEO could be stripped of CBE

Honours Forfeiture Committee to review Paula Vennells’ CBE in the light of Post Office scandal
April 28, 2022 28 Apr'22
Ransomware recovery costs dwarf actual ransoms

The cost of recovering from a ransomware attack far outweighs the ransoms now being demanded by cyber criminals, according to recent data
April 28, 2022 28 Apr'22
UK regulators seek input on algorithmic processing and auditing

Digital Regulation Cooperation Forum is inviting views on how the four UK watchdogs involved should approach regulating algorithms, following its publication of discussion papers and a 2022 workplan
April 28, 2022 28 Apr'22
Russia plumbs new depths in cyber war on Ukraine

Microsoft details cyber attacks on Ukrainian civilian communications, nuclear safety authorities, and the exploitation of the destruction of Mariupol in a phishing campaign
April 27, 2022 27 Apr'22
Russia-supporting cyber crime gang claims Coca-Cola as victim

Stormous cyber crime collective claims to have stolen 161GB of data from Coca-Cola, and says it plans to sell it off
April 27, 2022 27 Apr'22
Ransomware victims paying out when they don’t need to

Sophos’s annual State of Ransomware report shows dramatic increases in the impact of ransomware attacks, but also finds many organisations are paying ransoms when they don’t need to
April 27, 2022 27 Apr'22
Government digital ignorance puts Dutch economy at risk

In this interview, Michiel Steltman, managing director of Digital Infrastructure Netherlands, tells Computer Weekly why the Dutch digital economy is at risk due to a lack of knowledge and understanding at government level
April 27, 2022 27 Apr'22
Police question former Fujitsu worker again in Post Office scandal perjury investigation

Police have interviewed a former Fujitsu employee for the third time in the investigation into potential perjury during trials of wrongfully convicted subpostmasters
April 26, 2022 26 Apr'22
Odense Robotics helps develop key export for Denmark

Robotics seen as a future export sector for Denmark as investment startups build their skills in public sector projects
April 25, 2022 25 Apr'22
Government appoints head of technology transfer unit

Government announces a CEO to lead its initiatives around commercialising its knowledge assets
April 22, 2022 22 Apr'22
EU lawmakers propose limited ban on predictive policing systems

MEPs’ joint report on European Artificial Intelligence Act sets out limited ban on predictive policing systems alongside a raft of further amendments to improve redress mechanisms and extend the list of AI systems deemed high-risk
April 22, 2022 22 Apr'22
What’s up with Conti and REvil, and should we be worrying?

New intelligence on some of the world’s most prolific ransomware gangs suggests recent disruption to their activities was like water off a duck’s back
April 22, 2022 22 Apr'22
UAE bolsters cyber security

The United Arab Emirates has successfully improved its security posture amid mounting cyber threats
April 21, 2022 21 Apr'22
Zoom adds new round of cyber security enhancements

Videoconferencing platform Zoom adds multiple third-party security certifications and service enhancements
April 21, 2022 21 Apr'22
Five Eyes in new Russia cyber warning

Latest cross-body alert warns of Russian threat to utilities and other core elements of national infrastructure
April 21, 2022 21 Apr'22
Impact of Lapsus$ attack on Okta less than feared

Okta’s investigation into Lapsus$ breach of its systems via a Sitel workstation has concluded that the impact was significantly less than the maximum potential
April 20, 2022 20 Apr'22
Bots could help businesses polish up their green credentials

Metrics are a key aspect of a sound sustainability strategy and Oracle believes automation can help businesses achieve their environmental goals
April 20, 2022 20 Apr'22
Home secretary Priti Patel to decide whether to extradite Assange

Home secretary will decide in four weeks whether to approve Julian Assange’s extradition to the US, where he faces espionage and hacking charges
April 19, 2022 19 Apr'22
Softbank and UnaBiz team up on internet of robotic things

Japan’s Softbank Robotics and Singapore-based UnaBiz are bringing IoT and robotics technology together to improve facilities management, among other applications
April 14, 2022 14 Apr'22
Government agrees bulk surveillance powers fail to protect journalists and sources

Campaign group Liberty to launch legal appeal that will call for journalists to receive stronger legal protections from state surveillance
April 13, 2022 13 Apr'22
WatchGuard firewall users urged to patch Cyclops Blink vulnerability

The US authorities have seen fit to add the WatchGuard vulnerability used by Sandworm to build the Cyclops Blink botnet to its list of must-patch vulnerabilities
April 13, 2022 13 Apr'22
Microsoft patches two zero-days, 10 critical bugs

Patch Tuesday is here once again. This month, security teams must fix two privilege escalation zero-days in the Windows Common Log File System Driver and the Windows User Profile Service
April 13, 2022 13 Apr'22
Criminals researched hacking TTPs post-breach in ‘messy’ cyber attack

Sophos shares details of a cyber attack that saw attackers hang out in their victim environment for five months while they prepared to sow further mischief