News

IT governance

• September 23, 2024 23 Sep'24

  Home Office eVisa scheme is ‘broken’, says Open Rights Group

  Digital rights campaigners say the Home Office’s plan to make its new electronic Visa scheme a real-time online-only process is part and parcel of the 'hostile environment' around immigration status

• September 20, 2024 20 Sep'24

  UN body urges ‘globally inclusive and distributed’ AI governance

  A United Nations body set up to investigate the international governance of AI says the nature of how the technology currently operates requires a global approach to regulation that prioritises equity and inclusion

• September 19, 2024 19 Sep'24

  CIOs urged to pace AI adoption

  At the recent Gartner IT Symposium 2024 in Gold Coast, experts call for CIOs to pace their adoption of AI, manage costs and embrace ‘augmented leadership’

• September 18, 2024 18 Sep'24

  NCSC exposes Chinese company running malicious Mirai botnet

  The NCSC and its Five Eyes allies have published details of the activities of a China-based cyber security company that is operating a Mirai IoT botnet in the service of government-backed intrusions

• September 18, 2024 18 Sep'24

  Public digital transformation will be challenged by austerity

  Public sector and IT industry figures gathered at TechUK’s 10th annual Building the Smarter State event discussed how Labour’s ‘mission-driven’ policy approach can drive digital transformation efforts in the context of fresh austerity measures

• September 17, 2024 17 Sep'24

  Salesforce’s agentic AI platform to transform business automation

  CRM giant’s Agentforce lets organisations build and deploy autonomous agents to automate business processes through advanced learning and data integration

• September 17, 2024 17 Sep'24

  Fujitsu loses £50m in sales after Post Office scandal furore

  Supplier of the controversial Horizon IT system has been hit by public outrage after the Post Office scandal became mainstream news

• September 12, 2024 12 Sep'24

  Lord introduces bill to regulate public sector AI and automation

  A private members’ bill seeking to regulate the use of artificial intelligence (AI) and other automated technologies throughout the public sector has been brought to Parliament

• September 12, 2024 12 Sep'24

  Data sharing for immigration raids ferments hostility to migrants

  Data sharing between public and private bodies for the purposes of carrying out immigration raids helps to prop up the UK’s hostile environment by instilling an atmosphere of fear and deterring migrants from accessing public services

• September 12, 2024 12 Sep'24

  UK and others sign first ‘binding’ treaty on AI and human rights

  The UK, US and EU have all signed a treaty from the Council of Europe that aims to mitigate the threat AI poses to human rights, democracy and the rule of law, but commentators say it lacks enforcement mechanisms and creates loopholes

• September 11, 2024 11 Sep'24

  Datacentres granted critical national infrastructure status

  The global IT outage caused by CrowdStrike has shown why keeping datacentres secure and safe is critical to the UK

• September 11, 2024 11 Sep'24

  HMRC could lose millions in unpaid tax as non-compliant umbrella enters pre-pack administration

  HMRC looks set to miss out on millions of pounds in unpaid tax it is owed by a non-compliant umbrella company that slipped into administration, prompting renewed calls for the sector to be regulated

• September 05, 2024 05 Sep'24

  NCSC and allies call out Russia's Unit 29155 over cyber warfare

  The NCSC and counterpart agencies from the US and other countries have exposed a long-running campaign of Russian cyber espionage and warfare conducted by GRU Unit 29155

• September 05, 2024 05 Sep'24

  Fog ransomware crew evolving into wide-ranging threat

  The emergent Fog ransomware gang appears to be changing up its victimology in search of more cash-rich victims

• September 05, 2024 05 Sep'24

  Ongoing TfL cyber attack takes out Dial-a-Ride service

  The Dial-a-Ride assisted transit service for disabled people had to temporarily suspend part of its operations as Transport for London deals with an ongoing cyber attack, but the service has now been recovered

• September 04, 2024 04 Sep'24

  Retailers question using live facial recognition for shoplifting

  Retailers praise benefits of retrospective over live facial recognition in dealing with shoplifting, but stress there are ongoing concerns around the ethical, legal and safety implications of using the technology in stores

• September 04, 2024 04 Sep'24

  CMA clears Microsoft and Inflection AI transaction

  Microsoft’s hiring of Inflection AI teams is regarded as a merger under UK law, but this deal has not curbed competition in the artificial intelligence market

• September 04, 2024 04 Sep'24

  Fraud and scam complaints hit highest ever level in UK

  The Financial Ombudsman Service says it recorded almost 9,000 complaints about fraud and scams from April to June, the most ever recorded

• September 04, 2024 04 Sep'24

  Post Office and Fujitsu malevolence and incompetence means huge final taxpayers’ bill

  The human tragedy caused by the Post Office scandal cannot be measured, but the total financial cost will be well beyond the £1bn set aside by the government

• September 03, 2024 03 Sep'24

  TSB systems could be on the move again as BBVA eyes its parent

  TSB was migrated to the systems of Sabadell in a project remembered for its monumental IT meltdown in 2018

• August 30, 2024 30 Aug'24

  Norwegian Refugee Council leverages Okta for Good cyber scheme

  Pietro Galli, CIO of the Norwegian Refugee Council, reveals how the globally distributed NGO has been taking advantage of the Okta for Good CSR programme to improve its own cyber security and data protection practice, and elevate good practice in ...

• August 29, 2024 29 Aug'24

  Iranian APT caught acting as access broker for ransomware crews

  Members of Iran-backed Pioneer Kitten APT appear to be trying to supplement their pay packets by helping Russian-speaking ransomware gangs to access their victims in exchange for a cut of the profits

• August 29, 2024 29 Aug'24

  Study highlights secure software supply chain best practices

  Security trends report from open source firm shows the approaches IT leaders take to secure their software supply chain

• August 29, 2024 29 Aug'24

  Met Police deploy LFR in Lewisham without community input

  The Met’s latest live facial recognition deployment in Catford has raised concerns over the lack of community engagement around the police force’s use of the controversial technology

• August 28, 2024 28 Aug'24

  Iranian APT Peach Sandstorm teases new Tickler malware

  Peach Sandstorm, an Iranian state threat actor, has developed a dangerous new malware strain that forms a key element of a rapidly evolving attack sequence

• August 28, 2024 28 Aug'24

  Global cyber spend to rise 15% in 2025, pushed along by AI

  Security spending will increase at pace in 2025, with artificial intelligence, cloud and consultancy services all pushing outlay to new highs, according to Gartner

• August 26, 2024 26 Aug'24

  Linus Torvalds discusses Linux development, security and AI at KubeCon

  Linus Torvalds delves into the challenges in Linux development, the importance of swift security responses, and artificial intelligence’s future role in kernel programming

• August 22, 2024 22 Aug'24

  Post Office apologises for IT problem text alert that was never sent

  After subpostmasters complained they received no communications from the Post Office when they could not log in to the Horizon IT system, the organisation admits a text message alert failed to be sent

• August 21, 2024 21 Aug'24

  Pakistani national arrested over Southport ‘cyber terrorism’

  Authorities in Pakistan have arrested a man on suspicion of cyber terrorism over his role in the spread of online misinformation in the wake of the Southport knife attack

• August 20, 2024 20 Aug'24

  ICO launches privacy notice tool for SMEs

  ICO tool designed to make it easier for small businesses and sole traders operating online to create bespoke data privacy notices for compliance purposes

• August 20, 2024 20 Aug'24

  Phishing links becoming bigger threat than email attachments

  Phishing techniques are evolving away from malicious email attachments, according to a report

• August 19, 2024 19 Aug'24

  Popular Microsoft apps for Mac at risk of code injection attacks

  Researchers at Cisco Talos turn up evidence suggesting that Microsoft apps running on the Apple macOS operating system are not as secure as they seem

• August 16, 2024 16 Aug'24

  Thousands of NetSuite customers accidentally exposing their data

  Misconfigured permissions across live websites are leaving thousands of NetSuite users open to having their valuable customer data stolen, researchers say

• August 16, 2024 16 Aug'24

  Campaigners criticise Starmer post-riot public surveillance plans

  A UK government programme to expand police facial recognition and information sharing after racist riots is attracting criticism from campaigners for exploiting the far-right unrest to generally crack down on protest and increase surveillance

• August 14, 2024 14 Aug'24

  Automated police tech contributes to UK structural racism problem

  Civil society groups say automated policing technologies are helping to fuel the disparities that people of colour face across the criminal justice sector, as part of wider warning about the UK’s lack of progress in dealing with systemic racism

• August 14, 2024 14 Aug'24

  IR35 public sector reforms: HS2 finalises £6.2m settlement with HMRC over compliance failings

  After setting aside over £10m to cover its IR35 compliance liabilities, HS2 accounts confirm the organisation reached a final settlement with HMRC totalling £6.2m

• August 13, 2024 13 Aug'24

  NIST debuts three quantum-safe encryption algorithms

  NIST has launched the first three quantum-resistant encryption algorithms, and as the threat of quantum-enabled cyber attacks grows greater, organisations are encouraged to adopt them as soon as they can

• August 09, 2024 09 Aug'24

  The Security Interviews: Google’s take on confidential computing

  We speak to Google’s Nelly Porter about the company’s approach to keeping data as safe as possible on Google Cloud

• August 08, 2024 08 Aug'24

  Royal ransomware crew puts on a BlackSuit in rebrand

  The Royal ransomware gang is back, with a new name and refreshed capabilities, including an apparently unique ‘partial encryption’ gambit, according to CISA

• August 08, 2024 08 Aug'24

  US lawmakers seek to brand ransomware gangs as terrorists

  Proposals from legislators in Washington DC could shake up the global ransomware ecosystem and give law enforcement sweeping new powers

• August 08, 2024 08 Aug'24

  Ofcom issues online safety warning to firms in wake of UK riots

  Ofcom has issued a warning reminding social media firms of their upcoming online safety obligations, after misinformation about the Southport stabbings sparked racist riots throughout the UK

• August 07, 2024 07 Aug'24

  Microsoft and CrowdStrike hit back at Delta’s legal threats

  Microsoft and CrowdStrike have rejected claims by Delta Air Lines that it was left high and dry amid thousands of flight cancellations during July’s software outage, accusing the airline of ignoring their offers of help and running out-of-date IT ...

• August 06, 2024 06 Aug'24

  2024 seeing more CVEs than ever before, but few are weaponised

  The number of disclosed CVEs soared by 30% in the first seven-and-a-half months of the year, but a tiny fraction of these have been exploited by threat actors, a reminder of the importance of focused security strategies

• August 05, 2024 05 Aug'24

  Chinese cyber attack sparks alert over six-year-old MS vuln

  After a proof-of-concept for a six-year-old Microsoft vulnerability emerged in a Chinese APT attack chain, defenders should be on the look-out for exploitation of CVE-2018-0824

• August 05, 2024 05 Aug'24

  World’s largest companies at near-universal risk of supply chain breach

  Data from SecurityScorecard once again focuses on the interconnected nature of business supply chains and the risk posed to operational resilience by unexpected IT problems and cyber threats

• August 01, 2024 01 Aug'24

  CrowdStrike shareholders sue, alleging false security claims

  A US pension fund is lining up a lawsuit against CrowdStrike, claiming the cyber company lied about the integrity of its systems, leading to failings that caused a worldwide IT outage

• August 01, 2024 01 Aug'24

  Banks, telcos call for more data sharing to fight fraud

  A Which?-led coalition of banks and telecoms operators is calling on the UK's new government to take the lead on enabling data sharing to help fight digital fraud

• July 31, 2024 31 Jul'24

  Campaigners call for evidence to reform UK cyber laws

  The CyberUp Campaign for reform of the 1990 Computer Misuse Act launches an industry survey inviting cyber experts to share their views on how the outdated law hinders legitimate work

• July 31, 2024 31 Jul'24

  Mayor launches London Privacy Register for smart city information

  To increase transparency around and trust in London’s smart city technology deployments, the London Privacy Register aims to provide the public with more information about the systems they encounter in their day-to-day lives

• July 31, 2024 31 Jul'24

  Breach costs soar as record ransomware payment made

  IBM publishes data on the spiralling costs of cyber attacks and data breaches, while researchers identify what appears to be the largest ransomware payment ever made