News

IT security

• October 14, 2025 14 Oct'25

  Why Keir Starmer’s mandatory national digital ID system may be neither mandatory nor national

  The government’s proposals for a national digital identity scheme have been widely criticised, but is the prime minister smart enough to realise that an alternative plan could bring wider public benefits?

• October 14, 2025 14 Oct'25

  NCSC calls for action after rise in ‘nationally significant’ cyber incidents

  National Cyber Security Centre says businesses should take action now as the number of nationally significant cyber incidents doubles

• October 13, 2025 13 Oct'25

  Court dismisses Apple’s appeal against Home Office backdoor

  Investigatory Powers Tribunal rules that Apple’s appeal against a Home Office order to access encrypted data of Apple users world wide will no longer proceed.

• October 13, 2025 13 Oct'25

  UK police to upgrade illicit asset recovery system

  A new system is being developed by the Police Digital Service and NEC Software Solutions to help manage the recovery of criminal assets, replacing 20-year-old legacy infrastructure

• October 13, 2025 13 Oct'25

  Thales: Trust in AI for critical systems needs to be engineered

  Confidence in artificial intelligence capabilities that power critical systems must go beyond words and be built on a hybrid model that combines data with physics and logic to prove reliability, according to Thales’s chief scientist

• October 09, 2025 09 Oct'25

  Chat Control encryption plans delayed after EU states fail to agree

  Plans to require technology companies across Europe to monitor the contents of encrypted messages and emails have been delayed after European Union member states were unable to reach agreement following German objections

• October 09, 2025 09 Oct'25

  Warlock ransomware may be linked to Chinese state

  The operators of Warlock ransomware who exploited a set of SharePoint Server vulnerabilities earlier this year likely have some kind of link to the Chinese government, researchers claim

• October 08, 2025 08 Oct'25

  Teens arrested over Kido nursery hack

  London’s Met Police arrested two teenage boys in Hertfordshire on suspicion of involvement in the recent Kido nursery hack that saw the personal data of infants stolen and leaked

• October 08, 2025 08 Oct'25

  Qilin gang claims cyber attack on Japanese brewing giant

  The Qilin ransomware gang has claimed responsibility for a cyber attack that has halted brewing at Asahi Group Holdings, causing Japanese retailers to run low on beer

• October 07, 2025 07 Oct'25

  Alert over Medusa ransomware attacks targeting Fortra MFT

  Microsoft warns it is seeing potential mass exploitation of a Fortra GoAnywhere vulnerability by a threat actor linked to the Medusa ransomware-as-a-service operation.

• October 07, 2025 07 Oct'25

  Nato chooses Oracle to secure battlefield communications

  Nato has chosen Oracle and Druid to secure private 5G networks for cyber defence, war gaming and research, using Oracle Cloud and edge technology

• October 07, 2025 07 Oct'25

  The Security Interviews: David Bradbury, CSO, Okta

  Okta’s chief security officer talks security by default and explains why he thinks time is running out for the shared responsibility model

• October 06, 2025 06 Oct'25

  Oracle patches E-Business suite targeted by Cl0p ransomware

  Oracle pushes a patch for a dangerous zero-day under active exploitation by one of the most notorious ransomware gangs around

• October 06, 2025 06 Oct'25

  Police ordered to give reasons in closed court for seizing phone of UK Hamas lawyer

  London court orders police to disclose reasons for seizing and copying the contents of a phone belonging to a UK lawyer who represented Hamas, but refuses an injunction to prevent police from reviewing the phone until after judicial review

• October 06, 2025 06 Oct'25

  Police facial recognition trials show little evidence of benefits

  In-the-wild testing of police facial recognition systems has failed to generate clear evidence of the technology’s benefits, or to assess the full range of socio-technical impacts

• October 06, 2025 06 Oct'25

  Data sovereignty demand pushes Herabit to get S3 storage

  Italian service provider gets Cubbit DS3 distributed S3 storage to provide up to 2PB of cloud services to customers demanding data sovereignty, while cutting costs by up to 50%

• October 06, 2025 06 Oct'25

  Gartner: IT leaders need to prepare for GenAI legal issues

  GenAI is being embedded into enterprise software. This has implications for governance and regulatory compliance

• October 06, 2025 06 Oct'25

  UK government to consult on police live facial recognition use

  The UK’s policing minister has confirmed the government will consult on the use of live facial recognition by law enforcement before expanding its use throughout England, but so far, the technology has been deployed with minimal public debate or ...

• October 05, 2025 05 Oct'25

  Nakivo expands Proxmox backup and DR capabilities in v11.1

  Latest version of Backup & Replication adds MSP features, plus Proxmox VM backup functionality, while Nakivo responds to critical vulnerability it was tipped off about in February

• October 02, 2025 02 Oct'25

  PSNI appoints legal counsel to report on police conduct after McCullough surveillance review

  The Police Service of Northern Ireland has commissioned a senior lawyer to report back on whether there was any misconduct by police officers following the McCullough Review into the surveillance of journalists, lawyers and NGOs

• October 01, 2025 01 Oct'25

  Home Office issues new ‘backdoor’ order over Apple encryption

  A second Home Office technical capability notice requires Apple to provide access to encrypted data and messages of British users stored on its iCloud service

• October 01, 2025 01 Oct'25

  US government shutdown stalls cyber intel sharing

  A key US law covering cyber security intelligence sharing has expired without an extension or replacement amid a total shutdown of the federal government, putting global security collaboration at risk.

• October 01, 2025 01 Oct'25

  EU Chat Control plans pose ‘existential catastrophic risk’ to encryption, says Signal

  As EU member states prepare to vote on plans to mandate tech companies to introduce technology to scan messages before they are encrypted, Signal warns that Chat Control will create new security risks

• October 01, 2025 01 Oct'25

  Cato extends zero trust access to SASE platform

  Capability launched for secure access service edge platform extends zero trust network access to unmanaged devices including personal, contractor and BYOD endpoints

• September 30, 2025 30 Sep'25

  MPs press outsourcer TCS over Jaguar cyber attack

  The government’s cross-bench Business and Trade Committee has written to Tata Consultancy Services seeking answers over possible links to cyber attacks on Jaguar Land Rover, Marks and Spencer, and Co-op

• September 30, 2025 30 Sep'25

  Apple’s first iOS 26 security update fixes memory corruption flaw

  Apple issues an update for its brand new iOS 26 mobile operating system, fixing a potentially dangerous vulnerability affecting iPhones, iPads and other Mac devices

• September 30, 2025 30 Sep'25

  Cloud provider publishes ‘tech sovereignty’ plan for UK

  In the face of mounting data sovereignty concerns across Europe, UK cloud provider Civo lays out high-level plan for how the government can retain control and access of its data should the geopolitical situation sour

• September 30, 2025 30 Sep'25

  Harrods hackers start contacting customers

  Retailer Harrods has revealed that a number of customers whose data was stolen in a cyber attack have been contacted by the perpetrators

• September 30, 2025 30 Sep'25

  Google unveils AI-powered security to trap ransomware attacks

  The new security capability, available at no extra cost for most Google Workspace users, detects mass file encryption during ransomware attacks, stops the attacks from spreading and allows for restoration of files

• September 29, 2025 29 Sep'25

  UK and US urge Cisco users to ditch end-of-life security appliances

  An ongoing campaign of cyber attacks is targeting users of end-of-life Cisco security appliance kit

• September 29, 2025 29 Sep'25

  Harrods hit by second cyber attack in six months

  Data on approximately 430,000 Harrods shoppers was stolen in a third-party breach, but the cyber attack is not related to an earlier Scattered Spider incident, says the retailer

• September 29, 2025 29 Sep'25

  JLR tentatively restarts production, following £1.5bn government backing

  Jaguar Land Rover is to resume car production after a £1.5bn government loan guarantee amid its cyber attack fallout. Debate is growing over the bailout and insurance

• September 26, 2025 26 Sep'25

  Keir Starmer launches digital ID scheme, but does it stand a chance?

  Amid an economic crisis, public scepticism and confusing messages, could the government’s digital identity programme fail before it even gets off the ground?

• September 26, 2025 26 Sep'25

  Over half of India-based companies suffer security breaches

  Business supply chains, which include Indian companies, are at risk of attack as more than half of suppliers were breached last year

• September 26, 2025 26 Sep'25

  Microsoft hides key data flow information in plain sight

  Microsoft’s own documentation confirms that data hosted in its hyperscale cloud architecture routinely traverses the globe, but the tech giant is actively obfuscating this vital information from its UK law enforcement customers

• September 26, 2025 26 Sep'25

  Government to introduce mandatory digital ID

  Prime minister Keir Starmer says the scheme, which will be compulsory by the end of this parliament, will help crack down on illegal workers, as well as provide benefits to citizens

• September 26, 2025 26 Sep'25

  Okta CEO: AI security and identity security are one and the same

  At Oktane 2025 in Las Vegas, Okta CEO Todd McKinnon describes AI security and identity security as inseparable as he tees up a series of agentic security innovations

• September 26, 2025 26 Sep'25

  How Mediacorp stops livestreams from freezing at key moments

  Singapore’s national broadcaster has achieved a 99.5% crash-free rate for its mobile apps by using observability tools to find and fix issues in real time, ensuring a smoother experience for users

• September 25, 2025 25 Sep'25

  Government might support Jaguar Land Rover supply chain to mitigate cyber attack impact

  The government is considering buying car parts from JLR’s supply chain to sell them on to the company once it recovers from the August cyber attack

• September 25, 2025 25 Sep'25

  Co-op declares cyber attack damage cost £206m

  Co-op reveals £206m costs from April cyber attack, with revenues hit, member data stolen and shelves emptied, exposing major retail supply chain vulnerabilities

• September 25, 2025 25 Sep'25

  Netherlands establishes cyber resilience network to strengthen public-private digital defence

  Network will connect organisations in a cyber crime defence initiative that goes way beyond information sharing

• September 25, 2025 25 Sep'25

  Get HDD temperature right, or risk more drive failures

  We talk to Rainer Kaese of Toshiba about the right temperature to run hard disk drives at. Not getting it right risks higher failure rates than what would normally be expected

• September 24, 2025 24 Sep'25

  Oktane 2025: Okta takes aim at agentic AI governance gap

  Identity specialist Okta is laying the groundwork for a number of incoming announcements designed to help its customers get to grips with the challenge of securing non-human, agentic identities.

• September 24, 2025 24 Sep'25

  NCA arrests man following cyber attack that disrupted air travel

  The NCA has arrested a man in West Sussex over the cyber attack on Collins Aerospace that disrupted Heathrow and other EU airports. He has been released on conditional bail

• September 24, 2025 24 Sep'25

  McCullough Review finds PSNI failures but no ‘systemic’ surveillance of journalists

  A review by Angus McCullough KC reveals that Northern Ireland police failed to comply with the law but that there was no ‘widespread and systemic’ surveillance of journalists, lawyers and NGOs

• September 24, 2025 24 Sep'25

  Salesforce shifts focus from AI models to agentic AI

  Rather than being preoccupied with large language models, Salesforce is now focused on building AI agents, with an eye on achieving what it calls ‘enterprise general intelligence’

• September 23, 2025 23 Sep'25

  SolarWinds warns over dangerous RCE flaw

  A newly uncovered RCE flaw in SolarWinds’ helpdesk product bypasses two previously issued fixes, and users should prioritise updates as exploitation is likely to occur

• September 23, 2025 23 Sep'25

  Jaguar Land Rover extends cyber attack-induced shutdown to October

  Jaguar Land Rover is extending its production shutdown caused by the 31 August cyber attack into next month, as government ministers drop by and supply chain workers lose wages

• September 23, 2025 23 Sep'25

  ‘Our worst day’: The untold story of the Electoral Commission cyber attack

  As head of digital at The Electoral Commission, Andrew Simpson’s mettle was tested when threat actors gained access to the regulator’s email systems and accessed sensitive voter data. Three years on, he tells his story to Computer Weekly

• September 22, 2025 22 Sep'25

  Teen charged with Las Vegas casino cyber heist

  Another arrest of a teenage hacker associated with the Scattered Spider gang has been made, this time in relation to two 2023 cyber attacks on Las Vegas casinos and resorts