News
IT risk management
-
September 11, 2024
11
Sep'24
How Sonar is elevating code quality in the age of AI
Sonar’s code quality platform helps developers maintain secure, high-quality code amid the rise of artificial intelligence-based coding assistants, now expanding into the Asian market
-
September 10, 2024
10
Sep'24
JFrog and GitHub unveil open source security integrations
Secure software specialist JFrog is working with code development service GitHub to integrate the onboard capabilities of its Software Supply Chain Platform service into GitHub’s platform
-
September 10, 2024
10
Sep'24
ANZ CIOs to prioritise cyber security investments in 2025
Cyber security remains high on the agenda for ANZ CIOs, followed by data analytics, cloud and generative AI
-
September 05, 2024
05
Sep'24
NCSC and allies call out Russia's Unit 29155 over cyber warfare
The NCSC and counterpart agencies from the US and other countries have exposed a long-running campaign of Russian cyber espionage and warfare conducted by GRU Unit 29155
-
September 05, 2024
05
Sep'24
Fog ransomware crew evolving into wide-ranging threat
The emergent Fog ransomware gang appears to be changing up its victimology in search of more cash-rich victims
-
September 05, 2024
05
Sep'24
Canadian arrested by France after cooperating with US on Sky ECC cryptophone investigation
Thomas Herdman, who faces charges in France over his involvement in distributing Sky ECC encrypted phones, was arrested by French police despite agreeing to cooperate with US law enforcement
-
September 04, 2024
04
Sep'24
Retailers question using live facial recognition for shoplifting
Retailers praise benefits of retrospective over live facial recognition in dealing with shoplifting, but stress there are ongoing concerns around the ethical, legal and safety implications of using the technology in stores
-
September 04, 2024
04
Sep'24
Fraud and scam complaints hit highest ever level in UK
The Financial Ombudsman Service says it recorded almost 9,000 complaints about fraud and scams from April to June, the most ever recorded
-
September 03, 2024
03
Sep'24
Chief data officers highlight data integrity woes
In a report from the company co-founded by web inventor Tim Berners-Lee, CDOs discuss the challenges of artificial intelligence and using increasing amounts of personal data
-
September 03, 2024
03
Sep'24
Transport for London hit by cyber attack
London’s transport network provider TfL experiences cyber security incident, but reassures customers there is no impact on services
-
August 29, 2024
29
Aug'24
Met Police deploy LFR in Lewisham without community input
The Met’s latest live facial recognition deployment in Catford has raised concerns over the lack of community engagement around the police force’s use of the controversial technology
-
August 28, 2024
28
Aug'24
Global cyber spend to rise 15% in 2025, pushed along by AI
Security spending will increase at pace in 2025, with artificial intelligence, cloud and consultancy services all pushing outlay to new highs, according to Gartner
-
August 28, 2024
28
Aug'24
Cambridge Enterprise saves big with Keepit SaaS backup
University innovation body avoids hardware spend and saves management time as it switches from tape to cloud-to-cloud backup, instant recovery and decades-long retention from Keepit
-
August 28, 2024
28
Aug'24
Telegram founder Pavel Durov questioned over cyber crime charges
Billionaire founder of Telegram accused of failing to co-operate with law enforcement requests for lawful interception
-
August 28, 2024
28
Aug'24
How Kaspersky is driving growth in APAC
Kaspersky is leveraging its threat intelligence capabilities and local market knowledge to navigate geopolitical tensions and expand its footprint across the Asia-Pacific region
-
August 27, 2024
27
Aug'24
Palo Alto Networks bets on ‘precision AI’
Palo Alto Networks’ regional leader, Steven Scheurmann, explains how machine learning, neural networks and generative AI can help to prevent breaches in what it calls ‘precision AI’
-
August 22, 2024
22
Aug'24
New Qilin tactics a ‘bonus multiplier’ for ransomware chaos
Sophos X-Ops caught the Qilin ransomware gang stealing credentials stored by victims' employees in Google Chrome, heralding further cyber attacks and breaches down the line.
-
August 20, 2024
20
Aug'24
ICO launches privacy notice tool for SMEs
ICO tool designed to make it easier for small businesses and sole traders operating online to create bespoke data privacy notices for compliance purposes
-
August 20, 2024
20
Aug'24
Phishing links becoming bigger threat than email attachments
Phishing techniques are evolving away from malicious email attachments, according to a report
-
August 19, 2024
19
Aug'24
Challenges of deploying PQC globally
Quantum computers will eventually be powerful and reliable enough to crack strong encryption. PQC is the answer, but it could take years to deploy
-
August 19, 2024
19
Aug'24
Popular Microsoft apps for Mac at risk of code injection attacks
Researchers at Cisco Talos turn up evidence suggesting that Microsoft apps running on the Apple macOS operating system are not as secure as they seem
-
August 16, 2024
16
Aug'24
New Relic CEO on APAC growth and future of observability
New Relic CEO Ashan Willy talks up growth trajectory in APAC, the company’s long-term vision, and how going private has enabled it to make strategic investments
-
August 16, 2024
16
Aug'24
Campaigners criticise Starmer post-riot public surveillance plans
A UK government programme to expand police facial recognition and information sharing after racist riots is attracting criticism from campaigners for exploiting the far-right unrest to generally crack down on protest and increase surveillance
-
August 14, 2024
14
Aug'24
Automated police tech contributes to UK structural racism problem
Civil society groups say automated policing technologies are helping to fuel the disparities that people of colour face across the criminal justice sector, as part of wider warning about the UK’s lack of progress in dealing with systemic racism
-
August 13, 2024
13
Aug'24
NIST debuts three quantum-safe encryption algorithms
NIST has launched the first three quantum-resistant encryption algorithms, and as the threat of quantum-enabled cyber attacks grows greater, organisations are encouraged to adopt them as soon as they can
-
August 13, 2024
13
Aug'24
Australia’s cyber security skills gap remains pressing issue
Study reveals Australia’s critical shortage of cyber security professionals, escalating the risk of data breaches
-
August 08, 2024
08
Aug'24
Royal ransomware crew puts on a BlackSuit in rebrand
The Royal ransomware gang is back, with a new name and refreshed capabilities, including an apparently unique ‘partial encryption’ gambit, according to CISA
-
August 08, 2024
08
Aug'24
US lawmakers seek to brand ransomware gangs as terrorists
Proposals from legislators in Washington DC could shake up the global ransomware ecosystem and give law enforcement sweeping new powers
-
August 08, 2024
08
Aug'24
Ofcom issues online safety warning to firms in wake of UK riots
Ofcom has issued a warning reminding social media firms of their upcoming online safety obligations, after misinformation about the Southport stabbings sparked racist riots throughout the UK
-
August 07, 2024
07
Aug'24
Microsoft and CrowdStrike hit back at Delta’s legal threats
Microsoft and CrowdStrike have rejected claims by Delta Air Lines that it was left high and dry amid thousands of flight cancellations during July’s software outage, accusing the airline of ignoring their offers of help and running out-of-date IT ...
-
August 06, 2024
06
Aug'24
2024 seeing more CVEs than ever before, but few are weaponised
The number of disclosed CVEs soared by 30% in the first seven-and-a-half months of the year, but a tiny fraction of these have been exploited by threat actors, a reminder of the importance of focused security strategies
-
August 05, 2024
05
Aug'24
World’s largest companies at near-universal risk of supply chain breach
Data from SecurityScorecard once again focuses on the interconnected nature of business supply chains and the risk posed to operational resilience by unexpected IT problems and cyber threats
-
August 02, 2024
02
Aug'24
How CrowdStrike is leveraging AI to empower security teams
CrowdStrike CTO Elia Zaitsev explains how the company’s multi-agent AI architecture can help to enhance analyst efficiency and tackle cyber security challenges
-
August 01, 2024
01
Aug'24
CrowdStrike shareholders sue, alleging false security claims
A US pension fund is lining up a lawsuit against CrowdStrike, claiming the cyber company lied about the integrity of its systems, leading to failings that caused a worldwide IT outage
-
August 01, 2024
01
Aug'24
Banks, telcos call for more data sharing to fight fraud
A Which?-led coalition of banks and telecoms operators is calling on the UK's new government to take the lead on enabling data sharing to help fight digital fraud
-
July 31, 2024
31
Jul'24
API attacks surge by 65% in APAC, fuelled by rapid digitisation
Akamai's report reveals a significant rise in cyber attacks on web applications and APIs in the region over the past year, with financial and commerce sectors hardest hit
-
July 31, 2024
31
Jul'24
Campaigners call for evidence to reform UK cyber laws
The CyberUp Campaign for reform of the 1990 Computer Misuse Act launches an industry survey inviting cyber experts to share their views on how the outdated law hinders legitimate work
-
July 31, 2024
31
Jul'24
Breach costs soar as record ransomware payment made
IBM publishes data on the spiralling costs of cyber attacks and data breaches, while researchers identify what appears to be the largest ransomware payment ever made
-
July 30, 2024
30
Jul'24
Basic failures led to hack of Electoral Commission data on 40 million people
UK government identifies Chinese state-linked hackers as likely to have been behind attack on the Electoral Commission
-
July 29, 2024
29
Jul'24
Scam CrowdStrike domains growing in volume
Hundreds of malicious domains exploiting CrowdStrike’s branding are appearing all over the web in the wake of the 19 July outage. Experts from Akamai share some noteworthy examples, along with guidance on how to avoid getting caught out
-
July 29, 2024
29
Jul'24
CrowdStrike says most Falcon sensors now up and running
The vast majority of CrowdStrike Falcon sensors affected by a coding error have now been recovered, with a final resolution expected this week
-
July 29, 2024
29
Jul'24
WTO digital trade agreement aims to modernise global commerce
A digital trade deal negotiated over five years at the World Trade Organization has been signed by 91 countries, laying the groundwork for a new global digital trade regime
-
July 26, 2024
26
Jul'24
Ban predictive policing and facial recognition, says civil society
A coalition of civil society groups is calling for an outright ban on predictive policing and biometric surveillance in the UK
-
July 25, 2024
25
Jul'24
North Korean cyber APT targeting nuclear secrets
Mandiant has upgraded the North Korean threat actor known as Andariel to APT status and warned of coordinated efforts to steal western military IP, including nuclear secrets
-
July 25, 2024
25
Jul'24
Fortune 500 stands to lose $5bn plus from CrowdStrike incident
The largest global organisations hit by the CrowdStrike-Microsoft incident on 19 July will likely be out of pocket to the tune of billions of dollars
-
July 24, 2024
24
Jul'24
CrowdStrike blames outage on content configuration update
CrowdStrike publishes the preliminary findings of what will be a lengthy investigation into the root causes of the failed 19 July update that caused Windows computers to crash all over the world
-
July 24, 2024
24
Jul'24
Mimecast to buy insider threat specialist Code42
Mimecast is to buy fellow human-centred risk experts Code42 for an undisclosed sum to take advantage of its insider threat and data loss protection specialisms
-
July 23, 2024
23
Jul'24
Innovations to power secure-by-design development
Secure Code Warrior unveils technology designed to help CISOs and AppSec teams ensure their projects remain safe and free of coding errors and vulnerabilities – a big issue following the CrowdStrike incident
-
July 22, 2024
22
Jul'24
NCSC: Beware of criminal CrowdStrike opportunists
Financially motivated cyber criminals are already conducting opportunistic attacks on organisations that leverage the CrowdStrike incident, and more targeted attacks are sure to follow
-
July 22, 2024
22
Jul'24
CrowdStrike chaos shows risks of concentrated ‘big IT’
The concentration of so much mission-critical technology in the hands of a few large suppliers makes incidents like the Microsoft-CrowdStrike outage all the more dangerous