News

IT risk management

• July 13, 2022 13 Jul'22

  July Patch Tuesday brings more than 80 fixes, one zero-day

  While some admins can put their feet up and let Windows Autopatch do the hard work of updating their Microsoft estates, for the rest of us, the Patch Tuesday bandwagon keeps on keeping on

• July 13, 2022 13 Jul'22

  ICO calls for review into government use of private email and WhatsApp messages

  Information Commissioner’s Office reprimands Department of Health and Social Care after ministers and officials conducted government business on their own email accounts and messaging apps

• July 12, 2022 12 Jul'22

  MaliBot Android malware spreading fast, says Check Point

  The MaliBot malware is becoming a persistent and widespread problem, and Android users should be on their guard, says Check Point

• July 12, 2022 12 Jul'22

  Singapore doubles down on OT security

  The Cyber Security Agency of Singapore will fund 80 scholarships to groom a talent pool of operational technology security experts, among other efforts to bolster the security of critical infrastructure in the city-state

• July 11, 2022 11 Jul'22

  Microsoft VBA macro block will return

  Microsoft provides more details about its sudden decision to rollback a landmark security policy, and reassures users it is a temporary measure

• July 11, 2022 11 Jul'22

  SMEs lagging on multifactor authentication

  Only 46% of small business owners say they have implemented multifactor authentication, and just 13% mandate its use, according to a report

• July 07, 2022 07 Jul'22

  Tech companies face pressure over end-to-end encryption in Online Safety Bill

  An amendment to the Online Safety Bill, currently going through Parliament, will put pressure on tech companies over end-to-end encrypted messaging services

• July 07, 2022 07 Jul'22

  The Security Interviews: Inside Russia’s Ukraine information operation

  Computer Weekly speaks to Craig Terron of Recorded Future about delving deep inside the Russian disinformation machine, and how the Kremlin’s strategy is set to evolve

• July 06, 2022 06 Jul'22

  Plexal seeks new scaleups for next phase of Cyber Runway

  Established security startups looking to grow and scale their operations are being invited to join the next phase of Plexal’s Cyber Runway programme

• July 05, 2022 05 Jul'22

  Prepare for long-term cyber threat from Ukraine war, says NCSC

  The NCSC has published refreshed guidance on cyber preparedness as the war on Ukraine continues, urging organisations to pay attention to the state of their security teams

• July 05, 2022 05 Jul'22

  LogRhythm bullish on growth in APAC

  LogRhythm expects its business in the region to grow by over 20% this year thanks to demand from emerging economies where cyber security investments have not kept pace with cyber threats

• July 05, 2022 05 Jul'22

  NCSC CEO: Why we should run towards crises to elevate cyber security

  National Cyber Security Centre CEO Lindy Cameron, the 2022 Computer Weekly UKtech50 Most Influential Person in UK IT, reflects on a career immersed in crisis management, and how she is using this to elevate cyber security standards across the country

• July 04, 2022 04 Jul'22

  MPs call for ban on Chinese surveillance camera technology

  Nearly 70 MPs have called on the government to ban Chinese camera technology that is widely used by UK government agencies despite links to human rights abuses in China

• July 04, 2022 04 Jul'22

  Assange appeals against Priti Patel’s extradition order

  WikiLeaks founder is expected to raise concerns over the political nature of his prosecution, the likelihood of him receiving a fair trial, and the risk of a coercive plea bargain

• June 30, 2022 30 Jun'22

  ICO to cut back on fines for public sector data breaches

  Information commissioner John Edwards sets out a revised approach to how the ICO handles data breaches in the public sector, saying fining victims risks punishing the public twice over

• June 28, 2022 28 Jun'22

  Avast uncovers ‘thieves’ kitchen’ of malware-writing teens

  Researchers stumble across online community of 11 to 18-year-olds constructing, exchanging and spreading malware

• June 27, 2022 27 Jun'22

  Brexit a net negative for UK cyber, say CISOs

  Six years on from the UK’s Brexit vote, the majority of security professionals say leaving the EU has raised concerns over their ability to keep their organisations safe

• June 24, 2022 24 Jun'22

  Black Basta ransomware crew aiming for ‘big leagues’

  Emergent Black Basta ransomware gang has hit more than 50 countries since bursting onto the scene earlier this year, says Cybereason

• June 24, 2022 24 Jun'22

  Developers grapple with open source software security

  Software developers are taking longer to fix vulnerabilities and many do not know about the dependencies of open source software components they are using, study finds

• June 23, 2022 23 Jun'22

  SolarWinds unveils new development model to avoid a repeat of Sunburst

  SolarWinds has unveiled a new, secure-by-design software development model to protect itself from a repeat of the infamous 2020 cyber attack on its systems, and serve as a blueprint for the industry

• June 22, 2022 22 Jun'22

  NatWest files under whistleblower’s bed contain live customer data

  Former Royal Bank of Scotland worker wants bank to take back customer files and provide an ‘adequate receipt’

• June 22, 2022 22 Jun'22

  How TDCX is building a people-centric business

  Every digital tool deployed by the Singapore-based services firm is aimed at augmenting the performance and experience of its employees, says TDCX’s group CIO, Byron Fernandez

• June 21, 2022 21 Jun'22

  CNI leaders’ attitude to ransomware lackadaisical at best

  A survey of security decision-makers in sectors regarded as critical national infrastructure reveals a disappointing attitude to ransomware threats

• June 21, 2022 21 Jun'22

  Microsoft Office 365 has ability to ‘spy’ on workers

  Microsoft faces calls for ‘transparency’ over tools in Office 365 that allow employers to read staff emails and monitor their computer use at work

• June 20, 2022 20 Jun'22

  Lords move to protect cyber researchers from prosecution

  A cross-party group in the House of Lords has proposed an amendment to the Product Security and Telecommunications Infrastructure Bill that would address concerns about security researchers or ethical hackers being prosecuted in the course of their ...

• June 20, 2022 20 Jun'22

  Complex Russian cyber threat requires we go back to basics

  The situation in Russia is anything but simple, but it is the fundamentals of cyber security hygiene that pose the best defence against the country’s digital threat, as Mandiant’s Jamie Collier explains

• June 19, 2022 19 Jun'22

  Aussie mobile users most vulnerable to security threats

  Australia has the highest percentage of mobile app threats detected on a per-device basis, with iPhone users more likely to download a risky app than an Android user, study finds

• June 17, 2022 17 Jun'22

  Government responds to Data Reform Bill consultation

  Westminster claims its new data laws will boost British benefits, protect consumers, and seize the ‘benefits’ of Brexit

• June 13, 2022 13 Jun'22

  UK, US prepare to launch PET project

  A transatlantic prize challenge to accelerate development of privacy-enhancing technologies is set to begin

• June 13, 2022 13 Jun'22

  Government recommits to UK’s cyber future in Digital Strategy

  New strategy leans heavily on cyber security but stops short of announcing any initiatives that have not already been launched or heavily trailed

• June 13, 2022 13 Jun'22

  Qatar bolsters cyber security in preparation for World Cup

  With hackers honing their cyber weapons to target the upcoming football World Cup, Qatar is busy developing countermeasures and raising awareness

• June 10, 2022 10 Jun'22

  Snake Keylogger climbing malware charts, says Check Point

  Cyber criminals behind Snake Keylogger campaigns have been switching up their tactics in the past few weeks, say researchers

• June 10, 2022 10 Jun'22

  Commercialising open source

  Most software developed today takes advantage of open source, but there are still gaps in understanding what open source means in business

• June 09, 2022 09 Jun'22

  SolarWinds CEO offers to commit staffers to government cyber agencies

  A new proposal from SolarWinds’ outspoken CEO, Sudhakar Ramakrishna, could see software companies commit key staff to work with government cyber agencies to improve cooperation and incident response

• June 08, 2022 08 Jun'22

  ProxyLogon, ProxyShell may have driven increase in dwell times

  The median network intruder dwell time was up 36% to 15 days last year, thanks to massive exploitation of the ProxyLogon and ProxyShell vulnerabilities by IABs, according to new Sophos data

• June 07, 2022 07 Jun'22

  Weak IT and SecOps collaboration in ANZ opens doors to cyber attacks

  The weak collaboration between IT and security teams in Australia and New Zealand is exposing their organisations to data loss, business disruption and other potential consequences of cyber attacks

• May 31, 2022 31 May'22

  Researchers discover zero-day Microsoft vulnerability in Office

  Malicious Word documents have been used to invoke a previously undisclosed vulnerability in Microsoft Office without user interaction through Windows utility functions

• May 26, 2022 26 May'22

  Consultation launched on datacentre, cloud security

  The government is seeking views on how to boost the security and resilience of the UK’s datacentres and online cloud platforms

• May 26, 2022 26 May'22

  Most CFOs being left out of ransomware conversations

  Barely a tenth of CFOs are actively involved in planning for cyber attacks, according to a report

• May 25, 2022 25 May'22

  Rubrik charts data security path

  Backup and recovery software provider Rubrik now sees itself as a cyber security company that helps organisations recover from ransomware and other data security threats

• May 25, 2022 25 May'22

  Building a pathway to commercial quantum computing

  The shortage of expertise in quantum technologies will drive up salaries. A new report from TechUK assesses the route to commercialisation

• May 24, 2022 24 May'22

  ICO orders facial recognition firm Clearview AI to delete all data about UK residents

  UK data watchdog fines facial recognition company Clearview AI £7.5m for multiple privacy breaches. The firm, which offers services to law enforcement, faces growing pressure from regulators and legal action around the world

• May 24, 2022 24 May'22

  Ransomware volumes grew faster than ever in 2021

  Verizon’s annual DBIR assessment of the security landscape highlights an unprecedented boom in ransomware volumes, to the surprise of nobody

• May 24, 2022 24 May'22

  Bad bots make up a quarter of APAC’s web traffic

  Bots that run automated tasks have been responsible for stealing personal information among other malicious activities in the Asia-Pacific region, study finds

• May 23, 2022 23 May'22

  How Ivanti views patch management with a security lens

  Bringing development, operations and security teams together will help organisations to improve their visibility of IT assets and vulnerabilities while keeping threat actors at bay

• May 20, 2022 20 May'22

  Applying international law to cyber will be a tall order

  Many in the security community have voiced their support for the UK government’s ambitions to work towards agreement with other countries on the application of international law to cyber space, but not without some reservations

• May 19, 2022 19 May'22

  Defensive cyber attacks may be justified, says attorney general

  Speaking ahead of a speech at the Chatham House think tank, the UK’s attorney general has suggested defensive cyber attacks against hostile countries may be legally justifiable

• May 19, 2022 19 May'22

  Red teaming will be standard in Dutch governmental organisations by 2025

  The Dutch government wants to include the testing of the digital security of systems, processes and people – also known as red teaming – in all of its governmental organisations’ test planning and budgeting by 2025 at the latest

• May 18, 2022 18 May'22

  Mastercard biometric programme will allow payment authentication by smile

  Mastercard is inviting banks and merchants to join a programme to set standards for biometric payments technology

• May 17, 2022 17 May'22

  Veeam outlines data protection vision

  Veeam is looking to achieve an “outsized market leading position” by tapping its strengths in data protection and doubling down on innovation to help enterprises secure emerging workloads