News

IT governance

• February 03, 2025 03 Feb'25

  DeepSeek-R1 more readily generates dangerous content than other large language models

  Research scientists at cyber firm Enkrypt AI publish concerning findings from a red team exercise conducted against DeepSeek, the hot new generative AI tool

• January 31, 2025 31 Jan'25

  AI jailbreaking techniques prove highly effective against DeepSeek

  Researchers at Palo Alto have shown how novel jailbreaking techniques were able to fool breakout GenAI model DeepSeek into helping to create keylogging tools, steal data, and make a Molotov cocktail

• January 31, 2025 31 Jan'25

  DeepSeek API, chat log exposure a ‘rookie’ cyber error

  Security researchers at Wiz find a trove of DeepSeek data including API secrets and chat logs publicly exposed via an open source database management tool, raising questions about the fast-growing service’s approach to security

• January 30, 2025 30 Jan'25

  First international AI safety report published

  A global cohort of nearly 100 artificial intelligence experts publish first international AI safety report ahead of the third AI summit, outlining an array of challenges posed by the technology that will be used to inform upcoming discussions

• January 29, 2025 29 Jan'25

  Vallance rejects latest charge to reform UK hacking laws

  Science minister Patrick Vallance rejects proposed amendments to the Computer Misuse Act, arguing that they could create a loophole for cyber criminals to exploit

• January 28, 2025 28 Jan'25

  Datafy promises to slash massive EBS overprovisioning costs

  AWS Elastic Block Storage is often over-provisioned. Datafy virtualises EBS volumes to allow customers to scale capacity up and down, and says it will not charge customers if it doesn’t cut their costs

• January 24, 2025 24 Jan'25

  Labour’s first digital government strategy: Is it déjà vu or something new?

  Labour won the 2024 general election on a platform of change – and its technology cheerleader insists the new digital government strategy is all about change. Have we heard it all before or is this time really different?

• January 23, 2025 23 Jan'25

  ICO launches major review of cookies on UK websites

  ICO sets out 2025 goals, including a review of cookie compliance across the UK’s top 1,000 websites, as it seeks to achieve its ultimate goal of giving the public meaningful control over how their data is used

• January 23, 2025 23 Jan'25

  UK eVisa system problems persist despite repeated warnings

  Travellers are already having issues boarding UK-bound flights, while refugees have been left with no way to prove their immigration status in the UK, just two weeks after the Home Office transitioned to electronic visas

• January 22, 2025 22 Jan'25

  Privacy professionals expect budget cuts, lack confidence

  Over 50% of privacy professionals in Europe expect to see less money earmarked for data security initiatives in 2025, and many don’t have faith their organisations are taking the issue seriously, according to an ISACA report

• January 22, 2025 22 Jan'25

  Funksec gang turned up ransomware heat in December

  The criminal ransomware fraternity was hard at work over the festive period, with attack volumes rising and a new threat actor emerging on the scene

• January 20, 2025 20 Jan'25

  Government calls for expert views on computer evidence to learn lesson from Post Office scandal

  The government is calling for evidence from experts in computing and law to help it ensure no repeat of the miscarriages of justice in the Post Office scandal

• January 20, 2025 20 Jan'25

  Labour announces plans to overhaul digital government

  The Government Digital Service will be expanded along with changes to the way technology is funded, built and delivered across the public sector, as Labour aims for improvements previous administrations struggled to achieve

• January 17, 2025 17 Jan'25

  Lords debate government approach to automated decision-making

  During the second reading debate of a Lords private members’ bill seeking to better regulate public sector algorithms, the government argued existing measures were sufficient to protect the public

• January 16, 2025 16 Jan'25

  Biden signs new cyber order days before Trump inauguration

  With days left in the White House, outgoing US president Joe Biden has signed a wide-ranging cyber security executive order with far-reaching implications

• January 16, 2025 16 Jan'25

  Fujitsu staff at HMRC to strike for two days over pay

  More public image woes for Fujitsu as hundreds of staff to strike after colleagues at HMRC get significantly bigger pay rise

• January 16, 2025 16 Jan'25

  Russia’s Star Blizzard pivots to WhatsApp in spear-phishing campaign

  The Russian cyber spy operation known as Star Blizzard changed tactics after a takedown operation by Microsoft and the US authorities, turning to widely used messaging platform WhatsApp to try to ensnare its targets

• January 16, 2025 16 Jan'25

  Almost half of UK banks set to miss DORA deadline

  A significant minority of financial services organisations in the UK will not be fully compliant with the EU’s DORA cyber and risk management regulation when it comes into force on 17 January

• January 16, 2025 16 Jan'25

  Davos 2025: Digital supply chains at risk as world faces two years of turbulence

  World Economic Forum urges digital business leaders to build the resilience of supply chains, improve cyber defences and develop contingency plans

• January 15, 2025 15 Jan'25

  Users protest, flee TikTok as clock ticks on US ban

  As the US Supreme Court prepares to rule on the future of TikTok, rumours of a sale are swirling around Washington DC while panicked users make plans for an exodus

• January 15, 2025 15 Jan'25

  Biggest Patch Tuesday in years sees Microsoft address 159 vulnerabilities

  The largest Patch Tuesday of the 2020s so far brings fixes for more than 150 CVEs ranging widely in their scope and severity – including eight zero-day flaws

• January 13, 2025 13 Jan'25

  UK government plans to extend ransomware payment ban

  A ban on ransomware payments by UK government departments will be extended to cover organisations such as local councils, schools and the NHS should new government proposals move forward

• January 13, 2025 13 Jan'25

  CNI operators should ask these 12 questions of their OT suppliers

  The NCSC, CISA and others have set out 12 cyber security considerations CNI organisations and other users of operational technology should incorporate into their buying processes to force their suppliers to do better

• January 13, 2025 13 Jan'25

  Experts say ‘something has to break’ before banks slow IT-driven cost-cutting measures

  Banks will cut costs until something breaks and they are forced to scale back, according to industry experts

• January 10, 2025 10 Jan'25

  US bank FNBO uses Pindrop to tackle voice fraud, deepfakes

  Learn how First National Bank of Omaha in the US is enhancing customer authentication and verification in its contact centres, eliminating friction points and making life easier for its customer service teams, with Pindrop voice security technology

• January 03, 2025 03 Jan'25

  US Treasury incident a clear warning on supply chain security in 2025

  A cyber incident at the US Department of the Treasury – blamed on a Chinese state actor – raises fresh warnings about supply chain risk after it was found to have originated via vulnerabilities in a remote tech support product

• December 31, 2024 31 Dec'24

  Top 10 surveillance, journalism and encryption stories of 2024

  Revelations of covert and unlawful monitoring of journalists and their confidential sources by the Police Service of Northern Ireland and the Metropolitan Police attracted a huge amount of attention this year

• December 24, 2024 24 Dec'24

  Top 10 police technology stories of 2024

  Here are Computer Weekly’s top 10 police technology stories of 2024

• December 24, 2024 24 Dec'24

  Top 10 EMEA stories of 2024

  Here are Computer Weekly’s top 10 Europe, Middle East and Africa stories of 2024

• December 20, 2024 20 Dec'24

  Interview: How Green Cargo’s IT switched tracks to logistics success

  Green Cargo CIO Ingo Paas took a few turns to establish his company as a composable enterprise able to flex and react quickly

• December 20, 2024 20 Dec'24

  Top 10 data and ethics stories of 2024

  Here are Computer Weekly’s top 10 data and ethics stories of 2024

• December 19, 2024 19 Dec'24

  Latest attempt to override UK’s outdated hacking law stalls

  Amendments to the Data Bill that would have given the UK cyber industry a boost by updating restrictive elements of the Computer Misuse Act have failed to progress beyond a Lords committee

• December 18, 2024 18 Dec'24

  The Security Interviews: Martin Lee, Cisco Talos

  Threat intel expert and author Martin Lee, EMEA technical lead for security research at Cisco Talos, joins Computer Weekly to mark the 35th anniversary of the first ever ransomware attack

• December 18, 2024 18 Dec'24

  Top 10 cyber security stories of 2024

  Data breaches, data privacy and protection, and the thorny issue of open source security were all hot topics this year. Meanwhile, security companies frequently found themselves hitting the headlines, and not always for good reasons. Here are ...

• December 18, 2024 18 Dec'24

  Top 10 cyber crime stories of 2024

  From ransomware targeting the NHS to nation-state-backed intrusions, 2024 was another big year for cyber criminals and cyber spooks alike, but they didn't have it all their own way as the good guys fought back

• December 18, 2024 18 Dec'24

  Axon still in possession of Police Scotland encryption keys

  Supplier’s possession of encryption keys for Police Scotland data sharing system opens potential for access and transfer of sensitive data without the knowledge or consent of the force

• December 17, 2024 17 Dec'24

  Ofcom publishes Illegal Harms Codes of Practice

  The codes of practice and guidance from Ofcom outline the steps online services providers can take to protect their users from illegal harms

• December 17, 2024 17 Dec'24

  Digital Ethics Summit 2024: recognising AI’s socio-technical nature

  At trade association TechUK’s eighth annual Digital Ethics Summit, public officials and industry figures and civil society groups met to discuss the ethical challenges associated with the proliferation of artificial intelligence tools globally and ...

• December 17, 2024 17 Dec'24

  How NCS is tackling the enterprise IT market

  The technology service provider is counting on its government experience, global expert network and cyber security capabilities to penetrate the enterprise IT market

• December 16, 2024 16 Dec'24

  Post Office ‘weaponised’ IT system in most ‘extensive and prolonged’ miscarriage

  In closing, public inquiry counsel made clear that it’s not a computer system being investigated, but rather human beings

• December 16, 2024 16 Dec'24

  The Security Interviews: Stephen McDermid, Okta

  Okta regional chief security officer for EMEA sits down with Dan Raywood to talk about how Okta is pivoting to a secure-by-design champion

• December 13, 2024 13 Dec'24

  Computer Misuse Act reform gains traction in Parliament

  An amendment to the proposed Data (Access and Use) Bill that will right a 35-year-old wrong and protect security professionals from criminalisation is to be debated at Westminster

• December 12, 2024 12 Dec'24

  Emerging Ymir ransomware heralds more coordinated threats in 2025

  A newly observed ransomware strain has the community talking about more collaboration, and blurred lines, between threat groups next year, according to NCC’s monthly cyber barometer

• December 10, 2024 10 Dec'24

  Dangerous CLFS and LDAP flaws stand out on Patch Tuesday

  Microsoft has fixed over 70 CVEs in its final Patch Tuesday update of the year, and defenders should prioritise a zero-day in the Common Log File System Driver, and another impactful flaw in the Lightweight Directory Access Protocol

• December 10, 2024 10 Dec'24

  iOS vuln leaves user data dangerously exposed

  Jamf threat researchers detail an exploit chain for a recently patched iOS vulnerability that enables a threat actor to steal sensitive data, warning that many organisations are still neglecting mobile updates

• December 10, 2024 10 Dec'24

  UK police continue to hold millions of custody images unlawfully

  Annual report from the biometrics and surveillance camera commissioner of England and Wales highlights the ongoing and unlawful retention millions of custody images of innocent people never charged with a crime by police

• December 10, 2024 10 Dec'24

  DWP ‘fairness analysis’ reveals bias in AI fraud detection system

  Information about people’s age, disability, marital status and nationality influences decisions to investigate benefit claims for fraud, but the Department for Work and Pensions says there are ‘no immediate concerns of unfair treatment’

• December 10, 2024 10 Dec'24

  Nvidia investigation signals widening of US and China chip war

  The Biden administration has expanded sanctions to prevent China extending its AI capabilities – now, China is going after Nvidia

• December 10, 2024 10 Dec'24

  Controversial Horizon system to remain in Post Office branches as part of tech ‘fusion’, says source

  A source says the Post Office is set to buy the Horizon system from Fujitsu and combine it with both in-house developed and commercially available software

• December 09, 2024 09 Dec'24

  Inside Prudential’s AI strategy

  Prudential is leveraging AI across its operations, from enhancing customer interactions and streamlining internal processes to empowering its workforce through upskilling initiatives