News

IT risk management

• October 22, 2024 22 Oct'24

  Danish government reboots cyber security council amid AI expansion

  Denmark’s government relaunches digital security initiative to protect business sectors and society at large

• October 21, 2024 21 Oct'24

  Can AI be secure? Experts discuss emerging threats and AI safety

  International cyber security experts call for global cooperation and proactive strategies to address the security challenges posed by artificial intelligence

• October 17, 2024 17 Oct'24

  NCSC chief warns of gap in cyber threats and defence capabilities

  The UK and its allies must take collective action to improve their cyber resilience and repel the increasing volume of severe cyber attacks, says NCSC chief

• October 17, 2024 17 Oct'24

  EU cyber security bill NIS2 hits compliance deadline

  The EU’s NIS2 bill will harmonise how companies and member states approach cyber security, but its success will depend on how well it is implemented and enforced

• October 15, 2024 15 Oct'24

  NCSC expands school cyber service to academies and private schools

  The National Cyber Security Centre is expanding its PDNS for Schools service to encompass a wider variety of institutions up and down the UK

• October 10, 2024 10 Oct'24

  NCSC issues fresh alert over wave of Cozy Bear activity

  The NCSC, FBI and NSA publish updated warning about Cozy Bear’s activities, highlighting a range of vulnerabilities the threat actor is using to set up its cyber attacks

• October 10, 2024 10 Oct'24

  Government launches cyber standard for local authorities

  Local government bodies are being invited to take advantage of a new NCSC-derived Cyber Assessment Framework to help enhance their resilience and ward off cyber attacks

• October 10, 2024 10 Oct'24

  How Recorded Future finds ransomware victims before they get hit

  Threat intel specialists at Recorded Future have shared details of newly developed techniques they are using to disrupt Rhysida ransomware attacks before the gang even has a chance to execute them

• October 10, 2024 10 Oct'24

  UK and US pledge closer working on children’s online safety

  In their first agreement on the subject of children’s online safety, the UK and US governments have said they will create a new working group to boost cooperation

• October 10, 2024 10 Oct'24

  Australia bolsters cyber defences with security bill

  Legislation tackles IoT security and establishes a Cyber Incident Review Board to bolster Australia’s cyber resilience

• October 09, 2024 09 Oct'24

  Five zero-days to be fixed on October Patch Tuesday

  Stand-out vulnerabilities in Microsoft’s latest Patch Tuesday drop include problems in Microsoft Management Console and the Windows MSHTML Platform

• October 08, 2024 08 Oct'24

  Secureworks: Ransomware takedowns didn’t put off cyber criminals

  The number of active cyber criminal ransomware gangs has surged by almost a third in the space of 12 months, according to the latest intelligence from Secureworks

• October 08, 2024 08 Oct'24

  UK’s cyber incident reporting law to move forward in 2025

  The UK government says that enforced cyber incident and ransomware reporting for critical sectors of the economy will help to build a better picture of the threat landscape and enable more proactive and preventative responses

• October 07, 2024 07 Oct'24

  IBM: Data breach cost in ASEAN hits new high

  The average cost of a data breach in ASEAN grew by 7% from last year, as organisations grapple with increasingly distributed IT environments and complex security systems

• October 04, 2024 04 Oct'24

  NCSC celebrates eight years as Horne blows in

  Outgoing NCSC interim leader Felicity Oswald shares her thoughts on the body’s work over the past eight years as she hands over the reins to incoming CEO Richard Horne

• October 04, 2024 04 Oct'24

  Cups Linux printing bugs open door to DDoS attacks, says Akamai

  The Cups Linux printing vulnerabilities disclosed at the end of September would seem to have a nasty sting in their tail, according to researchers at Akamai

• October 04, 2024 04 Oct'24

  Detective wrongly claimed journalist’s solicitor attempted to buy gun, surveillance tribunal hears

  Darren Ellis, who led a surveillance operation against journalists who exposed police failures, wrongly accused a solicitor of attempting to buy arms

• October 03, 2024 03 Oct'24

  Ex-PSNI officer seeking legal advice over comments made at Investigatory Powers Tribunal

   Ex PSNI officer ‘deeply angered’ by comments made by a former detective at a tribunal investigating allegations of unlawful surveillance against journalists

• October 03, 2024 03 Oct'24

  Microsoft files lawsuit to seize domains used by Russian spooks

  Microsoft has been given permission to seize multiple domains used by the Russian state threat actor Star Blizzard as part of a coordinated disruption effort undertaken ahead of the US elections

• October 02, 2024 02 Oct'24

  Detective behind ‘unlawful’ surveillance blamed Catholics for ‘perverse’ court decisions

  A former detective claimed Irish judges were ‘sectarians in robes’ after a court found police had unlawfully arrested journalists who produced a film exposing collusion with paramilitary murderers

• October 01, 2024 01 Oct'24

  Unmasked: The Evil Corp cyber gangster who worked for LockBit

  The NCA has named and shamed a prominent member of the Evil Corp cyber crime collective who also worked as an affiliate of the LockBit ransomware gang as the UK unveils new sanctions against 16 Russian cyber criminals

• October 01, 2024 01 Oct'24

  Businesses are getting some value from AI, but struggling to scale

  Survey from KPMG reveals IT leaders struggling to keep up with the pace of technology innovation

• October 01, 2024 01 Oct'24

  Cyber teams say they can’t keep up with attack volumes

  Over 60% of European security pros say their teams are understaffed, and over 50% don’t have enough budget, according to data from ISACA

• September 27, 2024 27 Sep'24

  Printing vulnerability affecting Linux distros raises alarm

  Security pros need to get in front of a series of vulnerabilities affecting the Cups Linux printing service after an apparently botched disclosure process saw technical details published in advance of a patch

• September 25, 2024 25 Sep'24

  CrowdStrike apologises to US government for global mega-outage

  CrowdStrike executive Adam Meyers appears before a US government committee to explain the series of errors that led directly to one of the biggest IT outages in history

• September 25, 2024 25 Sep'24

  Splunk and Cisco integration moving apace

  Splunk is rapidly integrating with Cisco’s technology to enable seamless transitions between their platforms while delivering advanced threat detection capabilities

• September 24, 2024 24 Sep'24

  Unique malware sample volumes seen surging

  BlackBerry’s latest ‘Global threat intelligence’ report details a surge in unique malware samples as threat actors ramp up the pace of targeted attacks

• September 23, 2024 23 Sep'24

  Microsoft shares progress on Secure Future Initiative

  Microsoft has published a progress report on its Secure Future Initiative, launched last year in the wake of multiple security incidents, and made a series of commitments to improve its internal cyber culture

• September 23, 2024 23 Sep'24

  Home Office eVisa scheme is ‘broken’, says Open Rights Group

  Digital rights campaigners say the Home Office’s plan to make its new electronic Visa scheme a real-time online-only process is part and parcel of the 'hostile environment' around immigration status

• September 23, 2024 23 Sep'24

  UK, US and Canada to collaborate on AI and cyber security

  International collaboration agreement will see the governments of Canada, the UK and the US work together to research, evaluate and test new defence technologies

• September 18, 2024 18 Sep'24

  NCSC exposes Chinese company running malicious Mirai botnet

  The NCSC and its Five Eyes allies have published details of the activities of a China-based cyber security company that is operating a Mirai IoT botnet in the service of government-backed intrusions

• September 18, 2024 18 Sep'24

  Europol provides detail on Ghost encrypted comms platform takedown

  Law enforcement bodies from across the world have revealed how they collaborated to bring down encrypted network Ghost and the new ways of working that have been established with Europol at the centre

• September 17, 2024 17 Sep'24

  Salesforce’s agentic AI platform to transform business automation

  CRM giant’s Agentforce lets organisations build and deploy autonomous agents to automate business processes through advanced learning and data integration

• September 17, 2024 17 Sep'24

  First CyberBoost Catalyse startup cohort named

  The first group of companies named to a cyber incubator programme run by Plexal and the National University of Singapore includes two growing UK businesses

• September 16, 2024 16 Sep'24

  Crest secures FCDO funding to help overseas countries increase their cyber-readiness

  Non-profit Crest is launching an initiative to help overseas, private-sector firms get better prepared for cyber threats

• September 15, 2024 15 Sep'24

  UK unites nations to discuss closing global cyber skills gap

  The UK government invites representatives from around the world to a summit to discuss how to address global IT security skills gap

• September 13, 2024 13 Sep'24

  Cyber workforce must almost double to meet global talent need

  Research from ISC2 finds global cyber workforce needs additional 4.8 million people to fully secure businesses

• September 11, 2024 11 Sep'24

  Datacentres granted critical national infrastructure status

  The global IT outage caused by CrowdStrike has shown why keeping datacentres secure and safe is critical to the UK

• September 11, 2024 11 Sep'24

  September Patch Tuesday: Update before 1 October

  Four critical remote code execution bugs in Windows and three critical elevated privileges vulnerabilities will keep admins busy

• September 11, 2024 11 Sep'24

  How Sonar is elevating code quality in the age of AI

  Sonar’s code quality platform helps developers maintain secure, high-quality code amid the rise of artificial intelligence-based coding assistants, now expanding into the Asian market

• September 10, 2024 10 Sep'24

  JFrog and GitHub unveil open source security integrations

  Secure software specialist JFrog is working with code development service GitHub to integrate the onboard capabilities of its Software Supply Chain Platform service into GitHub’s platform

• September 10, 2024 10 Sep'24

  ANZ CIOs to prioritise cyber security investments in 2025

  Cyber security remains high on the agenda for ANZ CIOs, followed by data analytics, cloud and generative AI

• September 05, 2024 05 Sep'24

  NCSC and allies call out Russia's Unit 29155 over cyber warfare

  The NCSC and counterpart agencies from the US and other countries have exposed a long-running campaign of Russian cyber espionage and warfare conducted by GRU Unit 29155

• September 05, 2024 05 Sep'24

  Fog ransomware crew evolving into wide-ranging threat

  The emergent Fog ransomware gang appears to be changing up its victimology in search of more cash-rich victims

• September 05, 2024 05 Sep'24

  Canadian arrested by France after cooperating with US on Sky ECC cryptophone investigation

  Thomas Herdman, who faces charges in France over his involvement in distributing Sky ECC encrypted phones, was arrested by French police despite agreeing to cooperate with US law enforcement

• September 04, 2024 04 Sep'24

  Retailers question using live facial recognition for shoplifting

  Retailers praise benefits of retrospective over live facial recognition in dealing with shoplifting, but stress there are ongoing concerns around the ethical, legal and safety implications of using the technology in stores

• September 04, 2024 04 Sep'24

  Fraud and scam complaints hit highest ever level in UK

  The Financial Ombudsman Service says it recorded almost 9,000 complaints about fraud and scams from April to June, the most ever recorded

• September 03, 2024 03 Sep'24

  Chief data officers highlight data integrity woes

  In a report from the company co-founded by web inventor Tim Berners-Lee, CDOs discuss the challenges of artificial intelligence and using increasing amounts of personal data

• September 03, 2024 03 Sep'24

  Transport for London hit by cyber attack

  London’s transport network provider TfL experiences cyber security incident, but reassures customers there is no impact on services

• August 29, 2024 29 Aug'24

  Met Police deploy LFR in Lewisham without community input

  The Met’s latest live facial recognition deployment in Catford has raised concerns over the lack of community engagement around the police force’s use of the controversial technology