News

IT security

• November 26, 2021 26 Nov'21

  UK’s surveillance culture may be normalising use of tech for abuse

  Intense surveillance of public spaces by UK authorities may be playing a part in the normalisation of cyber stalking in intimate relationships

• November 25, 2021 25 Nov'21

  Government must prove its plans to police encryption work, says ex-cyber security chief

  Ciaran Martin, the former UK cyber security chief, says the government must explain how it can access encrypted communications without damaging cyber security and weakening privacy

• November 25, 2021 25 Nov'21

  UK consumers warned of increase in credit card application fraud

  There has been a sharp rise in fraudsters using stolen personal details to open credit card accounts

• November 24, 2021 24 Nov'21

  Consumer cyber bill to protect mobiles, smart devices

  Product Security and Telecommunications Infrastructure Bill will reinforce protections for consumer devices and mandate improvements to default security settings

• November 24, 2021 24 Nov'21

  Apple sues under-fire malware firm NSO

  Lawsuit alleges spyware firm NSO Group targeted Apple’s users, adding to the pressure on the under-fire company

• November 24, 2021 24 Nov'21

  Police tech introduced with little scrutiny or training

  A Lords inquiry into the adoption of advanced algorithmic technologies by police in England and Wales has been told that new tools are being introduced without proper training and with little scrutiny of their impacts

• November 23, 2021 23 Nov'21

  Schrems accuses Irish DPC of trying to block publication of Facebook documents

  Austrian lawyer Max Schrems has filed a complaint after the Irish data protection commissioner put his privacy organisation under pressure to sign a non-disclosure agreement

• November 23, 2021 23 Nov'21

  NCSC commits to new diversity measures

  The National Cyber Security Centre’s second annual report on diversity in cyber security finds room for improvement

• November 22, 2021 22 Nov'21

  Upcoming holidays prompt ransomware warning from authorities

  Ransomware gangs know how calendars work, and may target their attacks around major holidays to take advantage of more people being off work, according to a new alert

• November 22, 2021 22 Nov'21

  Black Friday cyber warning for 4,000 card-skimming victims

  NCSC warns thousands of small retailers that their websites are being exploited to steal customer data

• November 22, 2021 22 Nov'21

  CIO interview: Karl Hoods, CDIO, Department for Business, Energy and Industrial Strategy

  Moving to the cloud, developing staff skills and responding quickly to the pandemic – from a public sector IT leader’s perspective

• November 19, 2021 19 Nov'21

  Why is Emotet back, and should we be worried about it?

  The sudden reappearance of Emotet this week has security teams on high alert, but do we need to be worried about its return, and what should we be doing about it?

• November 19, 2021 19 Nov'21

  GCHQ, NSA chiefs recommit to counter cyber threats

  UK and US intelligence services reaffirm a joint commitment to disrupt and deter new and emerging cyber threats

• November 18, 2021 18 Nov'21

  Government to legislate to make APP fraud reimbursement mandatory

  UK payments regulator wants to reduce the huge sums of money lost to authorised push payment fraud and is calling on the banking and tech industries to play their part

• November 18, 2021 18 Nov'21

  Memento ransomware gang quick to retool for ‘optimum’ outcome

  The operators of a new ransomware called Memento are quick to retool for ‘success’ if they run up against a competent defender, says Sophos

• November 18, 2021 18 Nov'21

  Alert over spate of Iran-linked BitLocker attacks

  A joint advisory from western cyber agencies warns of a campaign of ‘ongoing malicious activity’ by an Iran-linked APT group exploiting BitLocker to extort its targets

• November 18, 2021 18 Nov'21

  Sky ECC provided free cryptophones to a Canadian police force

  Internal emails disclosed in a US court show how Sky Global supplied sample encrypted phones to a Canadian police force before its phone users became subject to an international police investigation

• November 18, 2021 18 Nov'21

  Cryptophone supplier Sky Global takes legal action over US government website seizures

  Canadian tech company Sky Global has filed a legal motion claiming that the US government unlawfully seized the company’s internet sites following police investigations into the use of its cryptophones by organised crime

• November 18, 2021 18 Nov'21

  AstraZeneca looks at the bigger picture in enterprise social media

  How do you work with people in different time zones and from different cultures and what happens when people leave the company?

• November 17, 2021 17 Nov'21

  Security startups line up on Cyber Runway

  Some 108 cyber security startups representing the UK’s most cutting-edge innovators are to join Plexal’s Cyber Runway accelerator

• November 17, 2021 17 Nov'21

  Zero-days: The next element of the service-based cyber economy?

  Digital Shadows researchers have reported on the emergence of zero-days as a service, which could be the next big thing in the cyber criminal underworld

• November 17, 2021 17 Nov'21

  Out of the shadows: The rise of ethical hackers in 2021

  Ethical hackers working on the Bugcrowd platform have saved organisations almost $30bn in risk during the Covid-19 pandemic, as the community sheds old stereotypes

• November 17, 2021 17 Nov'21

  GovTech to enhance Government on Commercial Cloud

  GCC 2.0 will include improvements in user onboarding and provide single credential access to public cloud services and engineering tools, among other areas

• November 16, 2021 16 Nov'21

  One-fifth of NCSC-supported cyber incidents linked to Covid-19

  National Cyber Security Centre has helped to thwart multiple cyber incidents that could have seriously disrupted the UK’s response to the pandemic

• November 15, 2021 15 Nov'21

  UK government proposes new rules for digital supply chain security

  Proposals could see IT service providers legally required to adhere to the NCSC’s Cyber Assessment Framework, among other things

• November 15, 2021 15 Nov'21

  Government bodies refuse FOI requests on basis of misleading database search times, says academic

  The Information Commissioner’s Office tells tribunal it would need to bring in external experts to search data using an Excel spreadsheet

• November 12, 2021 12 Nov'21

  New law needed to rein in AI-powered workplace surveillance

  MPs and peers call for new legislation to regulate the growing use of artificial intelligence in the workplace, which is being used to surveil workers’ performance and behaviour

• November 12, 2021 12 Nov'21

  Oversight of biometrics and surveillance should not go to ICO

  Biometrics and surveillance camera commissioner Fraser Sampson has panned the UK government’s proposed plan to absorb the functions of those roles under the remit of the information commissioner

• November 12, 2021 12 Nov'21

  BT applies Covid-19 R number modelling to threat response

  A prototype cyber security tool developed at BT uses epidemiological principles to detect and respond to cyber threats

• November 12, 2021 12 Nov'21

  IT Priorities 2022: APAC enterprises invest in digital future

  Nearly two-thirds of enterprises in Asia-Pacific plan to increase their IT budgets next year in areas such as cloud computing and cyber security to secure their digital future

• November 11, 2021 11 Nov'21

  HPE’s Aruba networking unit hit by cyber attack

  Undisclosed threat actor compromised data buckets used to run the Aruba Central cloud environment using a stolen access key

• November 11, 2021 11 Nov'21

  Finance ombudsman overturns more than three-quarters of bank decisions on APP fraud

  The financial services ombudsman is siding with customers in over 75% of complaints against banks that refuse to repay losses to authorised push payment fraud

• November 11, 2021 11 Nov'21

  Scale of crime-as-a-service economy a growing concern, say researchers

  The cyber criminal underground continues its evolution towards a service-based economy

• November 11, 2021 11 Nov'21

  Bank of England loses 161 computing devices in three years

  Bank cannot account for phones, laptops and tablets that have gone missing over the past three years

• November 11, 2021 11 Nov'21

  Lloyd v Google Supreme Court verdict brings end to privacy class actions against big tech in UK

  A ruling by the Supreme Court has left it financially unviable for individuals to bring class actions in the UK against big tech companies for privacy breaches

• November 10, 2021 10 Nov'21

  November Patch Tuesday drop fixes bugs in Excel, Exchange Server

  Another relatively light Patch Tuesday drop from Microsoft addresses 55 vulnerabilities, two of them already being exploited

• November 10, 2021 10 Nov'21

  EU artificial intelligence regulation risks undermining social safety net

  Europe’s proposed artificial intelligence regulation will not adequately protect people from European governments' increasing use of the technology in social security decisions and resource allocation, says Human Rights Watch

• November 09, 2021 09 Nov'21

  Yoti develops age estimation algorithm for under-13s

  Age estimation technology developed by Yoti is being pitched as a way of helping social media platforms and other online businesses protect younger internet users from harm

• November 09, 2021 09 Nov'21

  US seeks to extradite REvil affiliate who attacked Kaseya

  US Department of Justice unseals charges against a Ukrainian national accused of being behind the summer 2021 REvil ransomware attack on Kaseya

• November 08, 2021 08 Nov'21

  REvil associates arrested in international ransomware crackdown

  Two individuals suspected of conducting 5,000 REvil ransomware attacks were arrested by Romanian police last week as an international crackdown on the crime gang gathers pace

• November 08, 2021 08 Nov'21

  Gig economy workforce nearly trebles over five years

  Over four million people in England and Wales now work for gig economy platforms at least once a week, marking a nearly threefold increase since 2016

• November 08, 2021 08 Nov'21

  How cosmetics retailer Lush made over its approach to authentication

  Evolving approaches to IT at cosmetics retailer Lush meant the organisation’s previous approach to authentication was no longer up to scratch. Find out how it overcame this hurdle

• November 08, 2021 08 Nov'21

  Splunk’s cloud shift is paying off in APAC

  Splunk’s Asia-Pacific business is growing faster than the rest of the company, but it’s not resting on its laurels

• November 07, 2021 07 Nov'21

  Technology spending reaches record levels, fuelling jobs boom

  Spending on IT has reached its highest levels for a decade but a shortage of skilled IT professionals could dampen growth

• November 05, 2021 05 Nov'21

  US offers $10m reward for intel on DarkSide ransomware gang

  US government puts up a $10m reward for information on the DarkSide ransomware gang, the group that attacked Colonial Pipeline six months ago

• November 04, 2021 04 Nov'21

  The Netherlands works on resilience with large-scale national cyber exercise

  For the Netherlands, the biggest challenge in a large-scale cyber crisis is to maintain speed while exercising due care

• November 03, 2021 03 Nov'21

  Spyware firm NSO and others added to US banned Entity List

  US government bans target Israeli spyware makers and cyber firms in Russia and Singapore

• November 03, 2021 03 Nov'21

  Facebook self-imposes facial recognition moratorium

  Facebook and Meta have committed to halting their use of facial recognition technology and deleting the biometric data of more than a billion people by the end of 2021, but will retain the underlying algorithms and software for potential use in ...

• November 03, 2021 03 Nov'21

  UK’s Labour Party hit by third-party data breach

  Data on Labour Party members was recently compromised in an apparent cyber attack on a third-party data processor

• November 03, 2021 03 Nov'21

  BlackMatter ransomware crew shuts down, leaves victims in a bind

  The BlackMatter ransomware gang appears to be winding down its activities, possibly due to pressure from law enforcement

• November 03, 2021 03 Nov'21

  Adelaide healthcare network digitises manual processes

  The Central Adelaide Local Health Network has digitised manual processes in more than 20 speciality areas to improve patient experience and alleviate the workloads of frontline staff

• November 02, 2021 02 Nov'21

  Electronic waste excluded from COP26 agenda

  Data sanitation industry group calls on UK government to add electronic waste to the climate summit’s agenda

• November 02, 2021 02 Nov'21

  Convicted Silk Road admin stripped of £500k in crypto earnings

  Jailed Silk Road administrator Thomas White, aka Cthulhu, has been ordered to hand over more than £490,000 of illicit earnings

• November 01, 2021 01 Nov'21

  Businesses and governments urged to take action over Trojan Source supply chain attacks

  Businesses and governments have been put on alert to guard against Trojan Source hacking attacks

• November 01, 2021 01 Nov'21

  MPs and Lords grill Facebook over online safety efforts

  Facebook answers British lawmakers’ questions about the social media giant’s efforts to ensure the safety of its users, as part of legislative security of the government's proposed online safety bill

• October 29, 2021 29 Oct'21

  GDS secures up to £400m funding for One Login digital identity project

  HM Treasury agrees to spending review bid from Cabinet Office to create the new single sign-on system for government over the next three years

• October 29, 2021 29 Oct'21

  Facebook rebrands to Meta amid continuing controversies

  Facebook has changed its corporate name to Meta to support its work on the next generation of “social technologies”, but concerns around trust and privacy persist

• October 28, 2021 28 Oct'21

  CIA sought revenge against Julian Assange over hacking tool leaks, court hears

  The CIA discussed kidnapping Julian Assange after WikiLeaks published thousands of documents revealing its arsenal of hacking tools, defence lawyers tell a London court

• October 28, 2021 28 Oct'21

  Illegal state surveillance in Africa ‘carried out with impunity’

  Analysis of surveillance laws and practices in six African countries finds that existing privacy laws are failing to protect citizens from illegal digital surveillance, which is being facilitated and enabled by global tech companies

• October 28, 2021 28 Oct'21

  How ransomware crews pile on the pressure to get victims to pay

  Sophos researchers share some of the more common tactics ransomware gangs use to pressurise their victims into paying up

• October 27, 2021 27 Oct'21

  ‘No-one extradited from UK to US has committed suicide,’ US tells court in Assange appeal

  US government claims that a district judge has given WikiLeaks founder Julian Assange a ‘trump card’ to avoid extradition  

• October 27, 2021 27 Oct'21

  Government commits millions to security investment

  Spending Review adds more than £750m of funding to improve cyber security resilience across government

• October 27, 2021 27 Oct'21

  Cyber sector growth exacerbating skills shortage

  Data from security association (ISC)² shows demand for cyber pros is still outpacing supply as the sector continues an upward growth trajectory

• October 26, 2021 26 Oct'21

  DarkMarket takedown results in 150 arrests

  A coordinated operation by law enforcement has seen 150 taken into custody amid allegations of buying or selling illicit goods on the dark web

• October 26, 2021 26 Oct'21

  Cyber experts on how to nobble a Nobelium attack

  A recent spate of attempted Nobelium cyber attacks were mostly unsuccessful, but serve as a reminder to pay attention to some more fundamental aspects of security

• October 26, 2021 26 Oct'21

  Lacework expands into ANZ, eyes APAC market

  DevSecOps supplier Lacework’s expansion into Australia and New Zealand will pave the way for a broader move into the Asia-Pacific region

• October 25, 2021 25 Oct'21

  Attempted hack causes Tesco website outage

  Retailer’s website and app back after attempted hack caused problems over the weekend

• October 22, 2021 22 Oct'21

  Multi-government operation targets REvil ransomware group

  REvil has been forced offline by a multi-government hacking operation, marking the second time in 2021 that the group has gone dark

• October 22, 2021 22 Oct'21

  MEPs vote to expand Europol data mandate

  The European Parliament has voted in favour of expanding Europol’s mandate to process data and develop AI tools, but critics claim it contradicts a previous vote which opposed using new technologies to predict crime

• October 21, 2021 21 Oct'21

  Airport operator MAG boosts threat visibility with hybrid SOC

  With budget concerns weighing heavy during the pandemic, Manchester Airports Group ditched an impending capex-heavy cyber investment in favour of a hybrid managed/in-house approach. Learn more about its experience

• October 21, 2021 21 Oct'21

  APAC organisations warm to zero trust

  Two-thirds of APAC organisations have a zero-trust strategy even as they grapple with the lack of skills and other organisational challenges, study finds

• October 20, 2021 20 Oct'21

  US intelligence agencies issue advisory on BlackMatter gang

  Joint advisory on ransomware gang warns about potential of further attacks on critical infrastructure providers

• October 20, 2021 20 Oct'21

  LightBasin hackers breach 13 telcos in two years

  Hackers have obtained an undisclosed volume of subscriber information and call metadata in a sustained campaign against telecommunications firms

• October 20, 2021 20 Oct'21

  Police IT buyers should compel suppliers to prove AI claims

  House of Lords told that UK law enforcement bodies should use their position as buyers to compel private sector suppliers to divulge more information about how their AI-powered technologies work

• October 18, 2021 18 Oct'21

  How Samlesbury, Lancashire became the home of the National Cyber Force

  The National Cyber Force, a new branch of the military, is gearing up to fight battles in cyber space from the fields of Lancashire. Its presence is expected to bring a high-tech renaissance to the region

• October 18, 2021 18 Oct'21

  DCMS appoints Plexal to drive telecoms diversity strategy

  Government chooses UK innovation company to understand and develop the role of SMEs in the telecoms market with particular reference to how to create a diverse market that supports the creation of home-grown, sovereign technology

• October 14, 2021 14 Oct'21

  Apple scheme to detect child abuse creates serious privacy and security risks, say scientists

  Apple’s plan to automatically scan photos to detect child abuse would unduly risk the privacy and security of law-abiding citizens and could open up the way to surveillance, say the world’s top cryptographic experts

• October 14, 2021 14 Oct'21

  NHS Digital enhances in-house cyber awareness drive

  Keep IT Confidential campaign aims to help NHS staff understand more about security threats and learn how to reduce risk

• October 14, 2021 14 Oct'21

  Generation Novel hybrid workers bring new demands and risks

  Aruba survey warns business leaders that they must strike a balance between flexibility and security to address risky behaviours and evolving expectations of today’s tech-savvy workforce

• October 13, 2021 13 Oct'21

  Google Cybersecurity Action Team springs into life

  Google has announced a new Cybersecurity Action Team, with a mission to support security and digital transformation in governments, critical infrastructure, enterprises and small businesses

• October 13, 2021 13 Oct'21

  FCA warns over future hybrid working security risks

  Earlier this week, the Financial Conduct Authority issued fresh guidance to regulated organisations on keeping hybrid workers safe and secure

• October 13, 2021 13 Oct'21

  Microsoft warns of MysterySnail on October Patch Tuesday

  Microsoft has fixed a zero-day that is being actively exploited to deliver a new remote access trojan dubbed MysterySnail to targets

• October 13, 2021 13 Oct'21

  Former signals intel leader named godfather of UK security

  Sixth annual Security Serious Unsung Heroes Awards honours former Royal Corps of Signals colonel and infosec pioneer John Doody

• October 13, 2021 13 Oct'21

  Australia unveils ransomware action plan

  The Australian government has established a task force to address the ransomware menace and is proposing legislation to mandate reporting of ransomware incidents by businesses

• October 12, 2021 12 Oct'21

  BCS calls on government to retain protections against AI

  BCS, the Chartered Institute for IT, wants the government to retain protections that allow people to have decisions about them made by an AI reviewed by humans if needed

• October 12, 2021 12 Oct'21

  Ban UK police use of facial-recognition, House of Lords told

  Experts giving evidence to the House of Lords have said that UK police use of facial-recognition technology is disproportionate and ineffective, and further questioned the utility of algorithmic crime ‘prediction’ tools

• October 12, 2021 12 Oct'21

  Microsoft thwarts mega-DDoS attack on Azure platform

  2.4Tbps DDoS attack on an undisclosed Microsoft Azure customer may have been the largest ever attempted against a single target

• October 11, 2021 11 Oct'21

  Malaysia’s highway authority improves DR capabilities

  The Malaysian Highway Authority is now more resilient against cyber attacks through a local disaster-recovery-as-a-service offering powered by Veeam software

• October 11, 2021 11 Oct'21

  Covid-19 will loom over cyber strategy for years to come

  In remarks delivered to a Chatham House conference, NCSC head Lindy Cameron reflects on the security challenges facing the UK, and sets out some plans for the future

• October 11, 2021 11 Oct'21

  Sensitive documents to stay with whistleblower after deadline for agreement for their return passes

  A deadllne to agree the safe return of the sensitive banking details of former and current NatWest Group customers has passed without agreement

• October 11, 2021 11 Oct'21

  Singapore refreshes cyber security strategy

  The city-state updates its national cyber security strategy to shore up the security of critical infrastructure and enterprises while growing its cyber security industry, among other goals

• October 08, 2021 08 Oct'21

  Craft beer specialist Brewdog fixes serious app vulnerability

  Vulnerability in brewer’s mobile app could have resulted in serious consequences for its shareholders and customers

• October 08, 2021 08 Oct'21

  Fast-moving Ryuk campaign targets healthcare organisations

  Newly designated FIN12 gang leverages the work of the cyber criminal ecosystem to conduct lightning-fast ransomware attacks

• October 08, 2021 08 Oct'21

  NatWest admits to weaknesses in anti-money laundering systems

  Bank pleads guilty to failures concerning the laundering of hundreds of millions of pounds, but says it has since improved its anti-money laundering systems

• October 07, 2021 07 Oct'21

  ICO expresses concerns over its future independence

  In its response to the government’s data protection consultation, the Information Commissioner’s Office has raised worries over its future ability to function independently of government interference

• October 07, 2021 07 Oct'21

  Uber faces legal action over ‘racist’ facial verification system

  Two UK-based unions are taking Uber to court, claiming their members have been unfairly dismissed as a result of misidentification by the company’s facial verification system

• October 07, 2021 07 Oct'21

  Twitch data breach investigations continue

  Investigations are ongoing into a 125GB data breach that hit livestreaming platform Twitch, apparently the work of hacktivists

• October 06, 2021 06 Oct'21

  US lawmakers propose ransomware reporting rules

  Former presidential candidate Elizabeth Warren lends her support to a bill that would require corporate ransomware victims to disclose more information about their attacks to the authorities

• October 06, 2021 06 Oct'21

  Gaming service Twitch hacked, data leaked

  Users of livestreaming platform Twitch may be at risk after a 125GB torrent of data was leaked

• October 06, 2021 06 Oct'21

  Apache web server users urged to patch immediately

  New zero-day in Apache HTTP Server is already being actively exploited and must be addressed immediately