News

IT risk management

• April 11, 2023 11 Apr'23

  Anne Keast-Butler named as new director of GCHQ

  The government has appointed current MI5 deputy director general Anne Keast-Butler to head signals and cyber agency GCHQ

• April 06, 2023 06 Apr'23

  IBM's Nataraj Nagaratnam on the cyber challenges facing cloud services

  Governments are introducing increasingly prescriptive data protection policies, but with organisations becoming ever more reliant on multiple cloud service platforms for essential business needs, how can they ensure they meet regulatory requirements?

• April 06, 2023 06 Apr'23

  Prioritise automated hardening over traditional cyber controls, says report

  A report from strategic risk specialist Marsh McLennan advises security buyers to funnel their budgets towards automated cyber security hardening techniques, saying they have a much better chance of reducing risk in a meaningful way

• April 06, 2023 06 Apr'23

  Clop ransomware booms in March as Fortra zero-day pays off for gang

  Backed by the threat actor tracked variously as Gold Tahoe and TA505, the Clop ransomware operation hit new ‘heights’ of activity last month, according to researchers

• April 05, 2023 05 Apr'23

  Quick-acting Rorschach ransomware appears out of nowhere

  Emergent Rorschach ransomware strain is highly advanced and quite unusual in its capabilities, warn researchers, who say they have been unable to link it to any other known strains

• April 05, 2023 05 Apr'23

  Italy’s ChatGPT ban: Sober precaution or chilling overreaction?

  Italy’s data protection authority issued a temporary ban on ChatGPT citing data protection concerns and alleged breaches of the GDPR. Is this a reasonable precaution, or a chilling restriction on personal freedoms?

• April 05, 2023 05 Apr'23

  Scottish police tech piloted despite major data protection issues

  Scottish policing bodies are pressing ahead with a data sharing pilot despite data protection issues around the use of US cloud providers, placing sensitive personal data of tens of thousands of people at risk

• April 04, 2023 04 Apr'23

  TikTok fined in UK over unlawful use of children’s data

  The ICO has fined TikTok £12.7m for breaches of data protection law, including unlawfully collecting data on children under 13

• April 04, 2023 04 Apr'23

  National Cyber Force carrying out daily hacking operations to disrupt hostile threats

  Government discloses details about the National Cyber Force’s disruption activities against terrorists, organised criminals and nation states – and names first NCF chief as James Babbage

• April 04, 2023 04 Apr'23

  Over 90% of organisations find threat hunting a challenge

  Understaffed security teams and high levels of background noise are making basic security operations tasks a chore for defenders, according to a report

• April 03, 2023 03 Apr'23

  Australia’s media and telecoms sector saw most data breaches in 2022

  The media and telecoms industry accounted for the bulk of stolen credentials in Australia in 2022, underscoring the need to shore up the country’s cyber security posture

• March 30, 2023 30 Mar'23

  OSC&R supply chain security framework goes live on Github

  The OSC&R framework for understanding and evaluating threats to supply chain security has made its debut on Github to allow anybody to contribute to the framework

• March 30, 2023 30 Mar'23

  NCSC issues revised security Board Toolkit for business leaders

  National Cyber Security Centre calls on CEOs and senior business leaders to take a more hands-on approach to cyber resilience with the launch of revised board-level tools

• March 30, 2023 30 Mar'23

  Reactive approach to cyber procurement risks damaging businesses

  Too many organisations are following a reactive approach to cyber security, which WithSecure believes is stifling security teams ability to demonstrate value and align with business outcomes

• March 29, 2023 29 Mar'23

  UK government publishes AI whitepaper

  Artificial intelligence whitepaper outlines UK government’s proposals to regulate the technology, which are based around creating an agile, “pro-innovation” framework

• March 29, 2023 29 Mar'23

  How organisations can weaponise data privacy

  Organisations should turn data privacy into a competitive advantage and look beyond regulatory compliance to build a privacy programme that aligns with business targets, says Gartner

• March 29, 2023 29 Mar'23

  Generative AI presents opportunities and challenges to UK schools

  Generative AI and LLMs hold great potential for use in the classroom, but the privacy and security implications of its use must be carefully considered, says the Department for Education

• March 28, 2023 28 Mar'23

  Microsoft expands AI Copilot project into security realm

  New Microsoft service, Security Copilot, will supposedly expand the reach, speed and effectiveness of cyber teams

• March 28, 2023 28 Mar'23

  Inside Group-IB’s cyber security playbook

  A focus on threat intelligence, fraud protection and its work with Interpol has enabled Group-IB to compete against bigger rivals in the market

• March 28, 2023 28 Mar'23

  Europol warns cops to prep for malicious AI abuse

  In a report looking at how large language models can be used by criminals, Europol’s Innovation Lab calls on law enforcement agencies to prepare themselves for wide-ranging impacts on their work

• March 27, 2023 27 Mar'23

  France latest to ban TikTok on government devices

  Following bans in the UK and US, France has moved to enact restrictions on TikTok, and other social media apps, on government devices

• March 24, 2023 24 Mar'23

  National Crime Agency sting operation infiltrates cyber crime market

  The UK National Crime Agency has tricked thousands of potential cyber criminals into registering with a fake website pretending to offer tools for creating DDoS attacks

• March 22, 2023 22 Mar'23

  Government launches seven-year NHS cyber strategy

  The new Cyber Security Strategy for Health and Adult Social Care lays out a plan for promoting cyber resilience in the sector by 2030 to protect services and patients alike

• March 21, 2023 21 Mar'23

  Nordics move towards common cyber defence strategy

  Nordic countries agree to work together to improve their cyber defences amid increasing threat

• March 21, 2023 21 Mar'23

  How Mimecast thinks differently about email security

  Mimecast CEO Peter Bauer believes the company’s comprehensive approach towards email security has enabled it to remain relevant to customers for two decades

• March 21, 2023 21 Mar'23

  Ransomware gangs harass victims to ‘bypass’ backups

  Analysis reveals how cyber criminal gangs are turning to extensive, targeted harassment campaigns to force victims to pay up, even if their backups are in good order

• March 20, 2023 20 Mar'23

  NCSC launches cyber check-up tools for SMEs

  The NCSC has launched two new security services aimed at SMEs that lack the resources to address cyber issues, and may underestimate their vulnerability to attack

• March 20, 2023 20 Mar'23

  BBC cracks down on TikTok after review

  The BBC is asking staff not to install TikTok on corporate-owned devices without a justified business purpose, although its use will still be allowed to share media content with its audiences

• March 17, 2023 17 Mar'23

  UK TikTok ban gives us all cause to consider social media security

  The UK government’s ban on TikTok should give all organisations cause to look into what information social media platforms are collecting on us, and what they are using it for

• March 16, 2023 16 Mar'23

  BEC attacks doubled in 2022, outstripping ransomware

  Massive growth in the volume of Business Email Compromise or BEC attacks was linked to a surge in successful phishing campaigns, according to data from Secureworks

• March 16, 2023 16 Mar'23

  TikTok banned on UK government devices

  The UK government has followed in the footsteps of its US and European counterparts and banned the use of Chinese social media app TikTok on official devices

• March 16, 2023 16 Mar'23

  Mandiant: Dangerous MS Outlook zero-day widely used against Ukraine

  A zero-day vulnerability in Microsoft Outlook that was fixed in the March Patch Tuesday update has likely been actively exploited by Russian actors for a year or more, and its use will now spread rapidly

• March 15, 2023 15 Mar'23

  Microsoft patches Outlook zero-day for March Patch Tuesday

  A highly dangerous privilege escalation bug in Outlook is among 80 different vulnerabilities patched in Microsoft’s March Patch Tuesday update

• March 14, 2023 14 Mar'23

  NatWest introduces limits on crypto trading to prevent fraud

  UK bank says its retail customers will benefit from daily and monthly limits on the amount they can pay into cryptocurrency exchanges

• March 14, 2023 14 Mar'23

  NCSC warns over AI language models but rejects cyber alarmism

  The UK's NCSC has issued advice for those using the technology underpinning AI tools such as ChatGPT, but says some of the security doomsday scenarios being proposed right now are not necessarily realistic

• March 13, 2023 13 Mar'23

  MI5 to oversee new National Protective Security Authority

  The new National Protective Security Authority will address various national security threats including state-sponsored cyber espionage against UK targets

• March 08, 2023 08 Mar'23

  UK government introduces revised data reform bill to Parliament

  Designed in close collaboration with technology businesses, the UK government is re-introducing an updated version of its Data Protection and Digital Information Bill to Parliament, which civil society groups say upends key safeguards

• March 08, 2023 08 Mar'23

  How ForgeRock is tackling identity management

  ForgeRock CEO Fran Rosch has set the identity and access management software supplier on a path to deliver a frictionless identity experience without compromising security or privacy

• March 07, 2023 07 Mar'23

  Nine in 10 enterprises fell victim to successful phishing in 2022

  Egress annual email security risk report breaks down impacts of email-based phishing attacks and data loss, and the effect these can have on organisations in terms of staff retention and morale

• March 07, 2023 07 Mar'23

  Taking back control: Could a distributed model breed a better AI?

  AI tools such as ChatGPT are trained on datasets scraped from the web, but you don’t have much say if your data is used. Technologist Bruce Schneier says it’s time to give control of AI training data back to the people

• March 07, 2023 07 Mar'23

  APAC IT leaders bullish on tech spending

  Over half of respondents in this year’s IT Priorities study have bigger IT budgets as they continue to make strategic investments in cyber security, cloud and automation, among other areas

• March 03, 2023 03 Mar'23

  White House unveils National Cybersecurity Strategy

  The strategy will focus on ensuring closer collaboration on cyber security between government and industry, while giving software and other tech companies a bigger role in combatting threats due to their resources and expertise

• March 02, 2023 02 Mar'23

  AI interview: Michael Osborne, professor of machine learning

  Artificial intelligence researcher speaks with Computer Weekly about the implications of a market-driven AI arms race and the overwhelming dominance of the private sector over the technology

• March 02, 2023 02 Mar'23

  Uber introduces dynamic pricing algorithm in London

  The dynamic pricing algorithm will allow Uber to set variable pay and pricing levels, but drivers are concerned about how their personal data will be used and the impact the algorithm will have on their livelihoods

• March 02, 2023 02 Mar'23

  WH Smith staff data accessed in cyber attack

  The retailer has said that customer data has not been affected by the incident as it is held in different systems, and that investigations into the attack are ongoing

• March 02, 2023 02 Mar'23

  Salt Labs identifies OAuth security flaw within Booking.com

  Security flaw in Booking.com OAuth implementation could be used to launch account takeovers, but researchers discovered and flagged the issue before it could be exploited in the wild

• March 01, 2023 01 Mar'23

  Data breaches in Australia on the rise, says OAIC

  Cyber security incidents were the cause of most data breaches, which rose by 26% in the second half of 2022, according to the Office of the Australian Information Commissioner

• February 24, 2023 24 Feb'23

  UK police have ‘culture of retention’ around biometric data

  A culture of retention around biometric data in UK policing is damaging public trust, says UK biometrics commissioner, who is calling for clear regulation to govern police use of biometric technologies

• February 23, 2023 23 Feb'23

  WithSecure proposes ‘undo’ button for ransomware

  WithSecure’s Activity Monitor technology supposedly overcomes the shortcomings of sandbox test environments, and may be able to stop ransomware attacks from ever happening

• February 23, 2023 23 Feb'23

  How APAC organisations can harness the power of IoT

  In a panel discussion moderated by Computer Weekly, industry experts from across Asia-Pacific discussed the use cases, challenges and future developments in the internet of things