News
IT governance
-
February 16, 2022
16
Feb'22
CIO interview: Steve Williams, M&A lead and IT director, Waterstons
Steve Williams is applying decades of CIO experience to the advice he gives businesses during major mergers and acquisitions
-
February 15, 2022
15
Feb'22
Botched third-party configuration exposes Internet Society data to web
Personal data on members of The Internet Society was exposed after a supplier failed to secure its Azure storage
-
February 15, 2022
15
Feb'22
TA2451 targets aviation and transport sector with tailored lures
Newly designated cyber criminal group favours highly specific lures and a tried-and-tested modus operandi to compromise targets in the aviation, aerospace and transport sectors
-
February 11, 2022
11
Feb'22
CMA secures final Privacy Sandbox guarantees from Google
The CMA has secured a final set of Privacy Sandbox commitments from Google relating to the proposed removal of third-party cookies from its Chrome browser
-
February 11, 2022
11
Feb'22
Why security professionals should pay attention to what Russia is doing
Even though the average organisation is an unlikely target for a Russian state cyber attack, here's why security teams still need to watch what Russian threat groups are up to
-
February 10, 2022
10
Feb'22
IR35 reforms: HMRC slammed for ‘over-collecting tax’ from non-compliant public sector bodies
HMRC has moved to play down claims it is collecting more tax than it is due when tackling non-compliance with the IR35 reforms in the public sector
-
February 10, 2022
10
Feb'22
UK second in money laundering hall of shame
Banks need to step up their anti-money laundering processes if billions of pounds’ worth of criminal activity is to be prevented
-
February 09, 2022
09
Feb'22
Minister defends digital economy legislation before Lords
A digital minister has said that the UK’s forthcoming digital markets legislation is ‘superior’ to similar efforts in the EU, but could not commit to a specific time frame for when it will be introduced to Parliament
-
February 09, 2022
09
Feb'22
Linux-based clouds an open door for attackers, says VMware
Its prevalence as a cloud operating system means Linux is becoming a meal ticket for malicious actors, but the security industry does not seem to have cottoned on to this yet, says VMware
-
February 09, 2022
09
Feb'22
Ransomware ever more sophisticated and impactful, warns NCSC
UK’s National Cyber Security Centre teams up with US and Australian partners in a joint advisory warning organisations of the increasing sophistication exhibited by criminal ransomware gangs
-
February 09, 2022
09
Feb'22
Microsoft stomps on 48 bugs in February Patch Tuesday update
It’s a light Patch Tuesday for February 2022, as Microsoft issues fixes for just 48 CVEs, including a solitary zero-day
-
February 08, 2022
08
Feb'22
NHS England works with Ada Lovelace Institute to tackle AI bias in healthcare
A guide to algorithmic impact assessments is being used to help developers, data scientists and product owners check bias in healthcare systems
-
February 08, 2022
08
Feb'22
DPD delivers swift fix for serious API flaw
API vulnerability potentially left PII on DPD Group’s customers dangerously exposed, but was rapidly fixed on disclosure
-
February 08, 2022
08
Feb'22
Microsoft to start blocking macros to thwart malware
Microsoft is making changes to web macro permissions across multiple Office apps to help improve user security
-
February 08, 2022
08
Feb'22
The Security Interviews: Building the UK’s future cyber ecosystem
As the government lays out the next iteration of its Cyber Security Strategy, we speak to Plexal and Lorca’s Saj Huq about his work building a cyber ecosystem to support the UK’s future ambitions
-
February 08, 2022
08
Feb'22
Porn sites will be legally required to verify users’ ages
Porn sites could be legally obliged to verify that their users are 18 or over under proposed online safety rules, in UK government’s second attempt to prevent children from accessing pornography online
-
February 08, 2022
08
Feb'22
Right to disconnect and less monitoring key to better remote work
The World Health Organisation and International Labour Organisation warn against invasive workplace surveillance and promote right to disconnect in joint briefing on how to promote healthy and safe remote working
-
February 08, 2022
08
Feb'22
Nvidia’s Arm deal is dead
‘Significant regulatory challenges’ have prevented Nvidia in its $31bn attempt to purchase chipmaker Arm
-
February 07, 2022
07
Feb'22
Airport services firm thwarts attempted ransomware heist
Aviation services provider Swissport says its systems are mostly back up and running after a ransomware attack
-
February 07, 2022
07
Feb'22
Met police deploy facial recognition in Westminster
Police facial recognition deployment resulted in four arrests, but questions remain about the necessity, proportionality and legality of the technology’s use
-
February 04, 2022
04
Feb'22
Cyber attacks on European oil facilities spreading
Following a cyber attack on distribution facilities in Germany, more incidents have been reported in Belgium and the Netherlands, but it is too early to necessarily draw a link between them
-
February 04, 2022
04
Feb'22
Female tech founder programme hits Helsinki
From Denmark to Finland: Helsinki’s women in tech are introduced to Tech Nordic Advocates’ International Mentoring Programme
-
February 03, 2022
03
Feb'22
EC proposes new directive to improve gig economy work conditions
Gig economy workers in Europe could be entitled to more rights and better workplace protections under a directive proposed by the European Commission
-
February 03, 2022
03
Feb'22
French Supreme Court raises constitutional questions over EncroChat hacking secrecy
Conseil Constitutionnel to decide whether ‘defence secrecy’ over state EncroChat cryptophone hacking breaches French constitution
-
February 02, 2022
02
Feb'22
Mechanism underlying cookie popups found in breach of GDPR
A fundamental element of the mechanism by which the advertising industry requests tracking consent from web users has been found in breach of the General Data Protection Regulation
-
February 02, 2022
02
Feb'22
Zero-trust to soar in 2022, but dogged by implementation challenges
IT leaders are keen to invest in zero-trust, but face issues around a lack of expertise, and selling the concept into the C-suite
-
February 02, 2022
02
Feb'22
Reforms needed to tackle economic crime, says Treasury Committee
The Treasury Committee is disappointed at progress towards tackling economic crime and fraud in both the online and offline worlds, and is calling for more action
-
February 02, 2022
02
Feb'22
Nationwide Building Society streamlines digital onboarding through API
Building society is improving its digital onboarding process through application programming interface-based technology from a US startup
-
February 02, 2022
02
Feb'22
British Council data exposed by third-party cyber failure
The British Council entrusted confidential data on its students to a third-party and was let down
-
February 01, 2022
01
Feb'22
German fuel supplier taken offline in cyber attack
Cyber attack against Germany’s Oiltanking, a major fuel logistics company, affects 13 distribution terminals across Germany, in an incident with echoes of last year’s hit on Colonial Pipeline
-
February 01, 2022
01
Feb'22
Met Police faces legal action over Gangs Matrix
Campaign group Liberty is taking legal action against the Met over its use of the Gangs Matrix, claiming it is driven by racial stereotypes and disproportionately affects people from black and minority ethnic backgrounds
-
February 01, 2022
01
Feb'22
Dutch software engineers join campaign for research funding
Software researchers from all over Europe are sounding the alarm: to maintain a strong international competitive position, more financial resources must be committed to software research
-
February 01, 2022
01
Feb'22
Over one-fifth of ransomware attacks target financial sector
Newly published data reveals a significant uptick in cyber attacks against the financial services sector during the third quarter of 2021
-
January 31, 2022
31
Jan'22
Data on children of armed forces personnel exposed in breach
Data on 4,142 children of serving armed forces personnel was exposed in a data breach at the Ministry of Defence
-
January 28, 2022
28
Jan'22
Cyber skills gap affecting data privacy practice, finds ISACA
Organisations are struggling to fill both legal and technical privacy roles, with potentially damaging consequences, according to a report
-
January 27, 2022
27
Jan'22
CISOs must get out in front of Ukraine cyber crisis, says NCSC
The National Cyber Security Centre is urging UK organisations to take steps to bolster their cyber security resilience in response to the ongoing Ukraine crisis
-
January 27, 2022
27
Jan'22
Novel phishing campaign highlights need for MFA, says Microsoft
Microsoft details a new multi-stage phishing campaign that only affects victims without multifactor authentication in place
-
January 26, 2022
26
Jan'22
MPs to debate landmark IoT security law
Proposed bill mandates tighter protections for connected products, and adds new rules for broadband roll-out into the bargain
-
January 25, 2022
25
Jan'22
Prepare, but don’t panic, over supposed Russian cyber threat
A fresh alert from the US Department of Homeland Security may have IT security teams jumpy over the possibility that their organisations could be targeted by Russian state actors
-
January 25, 2022
25
Jan'22
Cyber Essentials programme gets biggest update since launch
NCSC implements a thorough revision of its Cyber Essentials scheme to reflect the changing security landscape
-
January 25, 2022
25
Jan'22
UK government launches internal cyber strategy
Multi-pronged government security strategy is designed to protect both core systems and public services
-
January 25, 2022
25
Jan'22
Retailers mired by manual data integration
Retail relies on third-party data sources to drive business decisions and competitive pricing, but many struggle to pull in this data
-
January 24, 2022
24
Jan'22
MPs say Online Safety Bill fails to tackle full range of harms
A DCMS select committee has warned that the Online Safety Bill should be expanded to cover more types of harmful content, such as child abuse material designed to circumvent content removal
-
January 21, 2022
21
Jan'22
Tinder algorithm charging users more based on age
Popular dating app Tinder could have broken data protection and equality laws by using personal data about people’s age to set different prices
-
January 21, 2022
21
Jan'22
Cyber pros: Don’t revel in REvil’s downfall just yet
The arrests of REvil’s alleged kingpins is a welcome step, but as with any disruption to cyber criminal activity, it is never wise to assume law enforcement action means the threat has passed entirely
-
January 21, 2022
21
Jan'22
MoJ faces ICO enforcement over subject access requests backlog
Ministry of Justice receives enforcement notice from information commissioner over ‘substantial’ backlog of subject access requests described as being of ‘significant concern’
-
January 20, 2022
20
Jan'22
Ransomware attacks dropped 37% in December, claims NCC
Latest monthly data reveals a significant decline in ransomware attacks at the end of 2021, but a new, emergent gang is making waves
-
January 20, 2022
20
Jan'22
Updated cyber security regulations proposed for managed services sector
The Network and Information Systems regulations are to be updated to include MSPs and outsourcers, following a spate of supply chain attacks
-
January 20, 2022
20
Jan'22
Data of 515,000 vulnerable people stolen in Red Cross attack
The International Committee of the Red Cross is probing a cyber attack that has already seen the personal data of hundreds of thousands of the world’s most vulnerable people compromised
-
January 19, 2022
19
Jan'22
Investigators find Beijing 2022 app riddled with security flaws
Security flaws in Olympic app may put personal health data at risk of compromise in a man-in-the-middle attack