News

IT operations management and IT support

• September 21, 2022 21 Sep'22

  15-year-old Python bug present in 350,000 open source projects

  A Python tarfile vulnerability first disclosed in 2007 still persists to this day, according to analysis from Trellix

• September 20, 2022 20 Sep'22

  India ramps up on AI amid talent and scalability challenges

  Indian organisations are speeding up deployments of AI across multiple sectors, but legacy systems, siloed data and a shortage of AI-specific talent will stand in the way of greater adoption

• September 19, 2022 19 Sep'22

  How Mondelez is driving change with tech

  From empowering citizen developers to deploying drones to monitor the health of cocoa trees, Mondelez has been firing on all cylinders to disrupt the old ways of doing things

• September 16, 2022 16 Sep'22

  Barnet Council awards Capita contract extension

  Barnet Council has awarded Capita a contract extension as part of its transition away from a large contract with the supplier

• September 16, 2022 16 Sep'22

  Six new vulnerabilities added to CISA catalogue

  CISA adds six new vulnerabilities to its most-wanted list, including one that dates back to 2010

• September 15, 2022 15 Sep'22

  SAP maintenance fee increase: What you need to know

  SAP has written to its customers informing them of a price increase on annual maintenance fees. What are your options?

• September 15, 2022 15 Sep'22

  Nominations closing soon for annual cyber awards

  Nominations for the annual Security Serious Unsung Heroes Awards closes 16 September

• September 15, 2022 15 Sep'22

  Organisations failing to account for digital trust

  The vast majority of businesses are well aware of the importance of digital trust, yet very few have a dedicated staff role responsible for it, report finds

• September 15, 2022 15 Sep'22

  Full-stack observability top priority for IT teams

  Annual forecast reveals observability – the ability to see everything in the tech stack that could affect customer experience – has become a board-level imperative, but only a quarter of organisations have achieved it

• September 14, 2022 14 Sep'22

  FormBook knocks Emotet off top of malware chart

  FormBook emerged as the most widely seen malware in August, according to Check Point’s latest data

• September 14, 2022 14 Sep'22

  Microsoft patches 64 vulnerabilities on September Patch Tuesday

  Microsoft drops fixes for five critical vulnerabilities and one zero-day in its latest monthly update

• September 13, 2022 13 Sep'22

  Cloud compromise a doddle for threat actors as victims attest

  Two separate studies into the state of public cloud security reveal insight into the ease with which threat actors can compromise vast numbers of targets, and some of the challenges security teams are facing in the cloud

• September 13, 2022 13 Sep'22

  JP Morgan acquires fintech for payments modernisation

  JP Morgan acquires cloud-native payments technology as it modernises its IT infrastructure

• September 13, 2022 13 Sep'22

  Blancco works with charity to provide IT for African schools

  Blancco is providing data sanitisation and erasure software to The Turing Trust so that old IT equipment can be securely reused by school children in Sub-Saharan Africa, instead of adding to world’s growing e-waste problem

• September 12, 2022 12 Sep'22

  Mistakenly transferred $504m to be returned to Citigroup

  Judge rules that creditors should return $504m that was accidentally transferred to them by Citigroup

• September 12, 2022 12 Sep'22

  CISOs should spend on critical apps, cloud, zero-trust, in 2023

  Faced with a global recession next year, security buyers should try to direct investment towards technology that protects customer-facing and revenue-generating workloads, say analysts

• September 09, 2022 09 Sep'22

  Third of IT decision-makers rely on gut feel when choosing network operator

  Study from customer experience technology provider shows lack of transparency is cited as the most consistent quality failure of network providers

• September 09, 2022 09 Sep'22

  Interview: Keeping an IT business going during the Russian invasion

  After heading home and discovering that his country had been invaded, Konstantin Klyagin was forced to make life-changing family and business decisions

• September 08, 2022 08 Sep'22

  Chinese APT using PlugX malware on espionage targets

  China’s Bronze President APT is once again targeting government officials of interest to its paymasters, this time using forged diplomatic correspondence, according to the Secureworks Counter Threat Unit

• September 08, 2022 08 Sep'22

  The changing role of CIO in Sweden

  New technologies and evolving business models are changing the missions of IT leaders around the world – and in most cases, the result is slightly different from one country to another

• September 07, 2022 07 Sep'22

  August ’22 a bumper month for high-impact vulnerabilities

  Bugs in products from Apple, Google, Microsoft and VMware dominated the threat landscape in August, says Recorded Future

• September 07, 2022 07 Sep'22

  Prince’s Trust teams with threat management specialist in skills push

  Prince’s Trust hopes to address shortfall in cyber professionals and improve diversity in the industry

• September 07, 2022 07 Sep'22

  Hotel group IHG confirms cyber attack after two-day outage

  IHG, the operator of hotel chains Crowne Plaza, Holiday Inn, Intercontinental and Kimpton, says it has been targeted by an unknown threat actor

• September 07, 2022 07 Sep'22

  Cyber threats to Europe’s grid: Utilities rethink strategy

  The separation of operational and information technology at utilities across Europe is opening doors for cyber criminals

• September 06, 2022 06 Sep'22

  Bus company Go-Ahead fighting off cyber attack

  Go-Ahead Group, which operates bus companies around the UK, says it is in the process of dealing with a cyber attack that may cause disruption to services

• September 05, 2022 05 Sep'22

  How Okta is regaining customer trust after a cyber attack

  In early 2022, cyber firm Okta was among several tech companies hit by the Lapsus$ gang. Vice-president of customer trust Ben King talks about how he has been working behind the scenes to rebuild confidence after the incident

• September 02, 2022 02 Sep'22

  Dutch government finally allowed to use public cloud

  Public cloud is finally within reach for Dutch public services. Previously, the Dutch government was only allowed to use private clouds due to risks concerning privacy and security

• September 01, 2022 01 Sep'22

  New (ISC)² cyber careers schemes go live

  (ISC)² has opened up two new global cyber careers schemes to applicants to try to help organisations fill 2.7 million vacant roles worldwide

• August 31, 2022 31 Aug'22

  Singapore to expand 5G coverage to seaport

  The maritime hub will be testing the use of 5G in a range of maritime operations, including remote pilotage of vessels and drone delivery of components to ships

• August 31, 2022 31 Aug'22

  Norway has NOK200m plan to bolster cyber defences

  Norway is investing heavily in its cyber defences amid heightened threat from Russia

• August 31, 2022 31 Aug'22

  NHS staff fall further behind amid ransomware attack

  While some NHS bodies are now recovering their services after the ransomware attack on a crucial software supplier, others are still being forced to rely on pen and paper, and some will be waiting months to recover

• August 31, 2022 31 Aug'22

  Four years into GDPR, Norway hopes for safer data transfer to US

  Much of the data on the internet ends up on US servers at some point, and that is not always compatible with the General Data Protection Regulation, says Norwegian data protection authority

• August 30, 2022 30 Aug'22

  IAM house Okta confirms 0ktapus/Scatter Swine attack

  Following last week’s disclosureby Group-IB researchers of a major phishing campaign, Okta has warned its customers to be on their guard

• August 30, 2022 30 Aug'22

  Confronting the unique challenges of hiring IT professionals in Saudi Arabia

  As Saudi Arabia undergoes an economic transformation, new mandates are being implemented to help Saudi nationals keep up with global talent requirements

• August 25, 2022 25 Aug'22

  CIOs: Geopolitics impacts your IT strategy

  Research from analyst Gartner illustrates how geopolitics is influencing IT strategies

• August 25, 2022 25 Aug'22

  Security pros fret about stress and promotion over cyber attacks

  CIISec’s annual report on the state of the security profession reveals some home truths for security leaders

• August 23, 2022 23 Aug'22

  DevSecOps: Software developers lack sufficient security focus

  GitLab survey shows developers want to produce high-quality code, but ‘shifting’ security left is hard to achieve

• August 23, 2022 23 Aug'22

  NCSC shares cyber guidance for large infrastructure builds

  Balfour Beatty and McAlpine are among the large construction firms to have input into latest NCSC guidance for ensuring the security of major infrastructure projects

• August 22, 2022 22 Aug'22

  Kaspersky threat data added to Microsoft Sentinel service

  Microsoft and Kaspersky have agreed a collaboration to integrate Kaspersky’s threat data feeds into Microsoft’s cloud-native SIEM/SOAR service

• August 19, 2022 19 Aug'22

  Cozy Bear targets MS 365 environments with new tactics

  Cozy Bear, or APT29, is trying out new tricks as it seeks access to its targets’ Microsoft 365 environments

• August 18, 2022 18 Aug'22

  Growing MFA use spurs ‘pass-the-cookie’ attacks

  The exploitation of stolen session cookies by cyber criminals is once again back on the agenda, thanks to the growing popularity of multifactor authentication tools

• August 18, 2022 18 Aug'22

  It takes a breach to force boards to take notice of cyber, says UK government

  Too often, it takes a major incident for business leadership to pay attention to cyber issues, according to a government-commissioned study of victims

• August 18, 2022 18 Aug'22

  Ukraine war drives DDoS attack volumes ever higher

  There has been a boom in distributed denial-of-service attacks in the first six months of 2022, according to a report, with Russia’s war on Ukraine helping to drive activity

• August 16, 2022 16 Aug'22

  Why organisations need to harmonise their CIO and CISO roles

  Unless properly managed, conflicting responsibilities between the chief information officer and the chief information security officer can cause project delays and budget overruns, says Netskope’s Mike Anderson

• August 12, 2022 12 Aug'22

  Microsoft doles out $13.7m in bug bounties

  Microsoft’s Bug Bounty programme has paid a total of $13.7m to more than 300 researchers in almost 50 countries

• August 12, 2022 12 Aug'22

  Online Safety Bill ‘not fit for purpose’, say tech experts

  IT specialists lack confidence that legislation compelling tech firms to tackle online harms will work as intended, with only a small minority believing ‘harmful but legal’ content can be effectively and proportionately policed by internet platforms

• August 11, 2022 11 Aug'22

  Researcher finds 10 vulnerabilities in Cisco firewalls

  At Black Hat USA, Rapid7 researchers report on 10 security issues in popular Cisco firewall products, many of which do not yet have patches

• August 11, 2022 11 Aug'22

  NHS may take a month to recover from supply chain attack

  Ransomware attack victim Advanced warns its NHS customers they could be waiting until early September to fully recover their operations

• August 10, 2022 10 Aug'22

  Microsoft fixes two-year-old MSDT vulnerability in August update

  August’s Patch Tuesday drop fixes more than 120 CVEs, including another MSDT RCE zero-day that is being actively exploited.

• August 10, 2022 10 Aug'22

  ‘Coopetition’ a growing trend among ransomware gangs

  Sophos shares data from its new X-Ops unit at Black Hat in Las Vegas, revealing a growing number of ransomware victims being attacked by multiple gangs at the same time