News
IT security
-
March 13, 2024
13
Mar'24
British Library opens up over ransomware attack to help others
The British Library has opted for full transparency after experiencing a devastating ransomware attack, publishing details of the intrusion, its response and the lessons it has learned
-
March 12, 2024
12
Mar'24
March Patch Tuesday throws up two critical Hyper-V flaws
Two critical vulnerabilities in Windows Hyper-V stand out on an otherwise unremarkable Patch Tuesday
-
March 12, 2024
12
Mar'24
More DDoS attacks launched against APAC financial firms
The financial sector in Asia-Pacific saw more DDoS attacks in 2023, but no notable impact was reported, according to a report by Akamai and FS-ISAC
-
March 11, 2024
11
Mar'24
Aryaka advances network, security convergence with SASE as a service
Cloud-based software-defined networking and security services provider claims to transform global secure networking with unified secure access service edge solution
-
March 11, 2024
11
Mar'24
Government not facing up to CNI cyber risks, committee warns
The Joint Committee on the National Security Strategy has accused the government of burying its head in the sand over the cyber threat to UK critical infrastructure
-
March 11, 2024
11
Mar'24
Dutch organisations vulnerable to deepfake fraud
With the information many employees share on social media, Dutch companies are especially vulnerable to a new form of fraud
-
March 11, 2024
11
Mar'24
How Microsoft is easing GenAI adoption into financial services
Microsoft is supporting enterprise deployment models, addressing the risks of the technology and leveraging its industry cloud capabilities to ease generative AI adoption in the financial sector
-
March 11, 2024
11
Mar'24
TechUK calls for next government to introduce ‘industrial strategy’ for AI
Trade group TechUK publishes blueprint calling for winner of next election to boost tech startups, digitise government services and accelerate technology R&D
-
March 08, 2024
08
Mar'24
OSS leaders detail commitments to bolster software security
CISA has announced a number of actions to help secure the global open source ecosystem, as leading package repositories including the Python and Rust foundations advance their own initiatives
-
March 07, 2024
07
Mar'24
PSNI chief denies ‘industrial’ use of surveillance powers against journalists
PSNI chief constable Jon Boutcher has agreed to provide a report on police surveillance of journalists and lawyers to Northern Ireland’s policing watchdog
-
March 07, 2024
07
Mar'24
Government insists it is acting ‘responsibly’ on military AI
The government has responded to calls from a Lords committee that it must “proceed with caution” when it comes to autonomous weapons and military artificial intelligence, arguing that caution is already embedded throughout its approach
-
March 07, 2024
07
Mar'24
NI Policing Board pressed to open inquiry into PSNI spying on journalists’ phones
Amnesty International and the Committee on the Administration of Justice have asked Northern Ireland’s policing watchdog to open an inquiry into the Police Service of Northern Ireland’s use of surveillance powers against journalists
-
March 07, 2024
07
Mar'24
Western Sydney Metro deploys mission-critical communications for driverless transport
Nokiar teams with industrial partner to provide IP/MPLS backbone communications network and security solution for new Metro line connecting Australia’s largest city to airport
-
March 06, 2024
06
Mar'24
Apple patches zero-days amid ‘foundational’ post-quantum update
Apple’s iOS 17.4 update not only fixes zero-day flaws that are being actively exploited, but includes important new security protocols to safeguard users against future attacks
-
March 06, 2024
06
Mar'24
Cash-strapped cyber pros go rogue on the dark web
Research conducted by CIISec has turned up worrying evidence of hard-up legitimate cyber professionals offering their services to the cyber criminal underground
-
March 06, 2024
06
Mar'24
Nation states buying hacking tools from underground Russian cyber forums
State-sponsored hacking groups, posing as hacktivists, are using Russian cyber crime forums to stock up on cyber weapons, says Check Point Software’s threat analyst, Sergey Shykevich
-
March 05, 2024
05
Mar'24
Rapid7 hits out over botched vulnerability disclosure
Software development firm JetBrains and security specialist Rapid7 fall out over the handling of a critical vulnerability disclosure, while customers are left rushing to patch
-
March 05, 2024
05
Mar'24
ALPHV/BlackCat gang vanishes amid ransomware ‘turmoil’
Mystery surrounds the apparent disappearance of the ALPHV/BlackCat cyber crime gang amid reports that a prominent US victim paid a $22m ransom
-
March 05, 2024
05
Mar'24
Meta outage disrupts social media globally
Meta services, including Facebook, Instagram and Threads, have been downed in a brief service outage
-
March 05, 2024
05
Mar'24
IT chiefs fear Kubernetes data log overload
IT architectures are set to grow in complexity, and more mission-critical systems are being deployed on Kubernetes, meaning log files are becoming unmanageable
-
March 05, 2024
05
Mar'24
Open Rights Group accuses LiveRamp of ‘unlawful’ data processing
Privacy campaigners at Open Rights Group have submitted formal complaints to UK and French data regulators about allegedly unlawful data processing by online advertising firm LiveRamp
-
March 05, 2024
05
Mar'24
American Express customers exposed through third-party breach
US card giant warns customers that their personal details may have been exposed after a third party experienced a systems breach
-
March 05, 2024
05
Mar'24
Banning ransomware payments back on the agenda
The idea of banning ransomware payments to cyber criminals is back on the agenda, with former NCSC chief Ciaran Martin arguing that tougher measures need to be taken
-
March 04, 2024
04
Mar'24
The Security Interviews: Cyber security is about managing risk effectively
Effective cyber security must lead to cyber resilience – that is, the ability to anticipate, protect against, withstand and recover from any adverse condition, disruption or compromise, as Kyndryl’s security practice leader explains
-
March 01, 2024
01
Mar'24
Fancy Bear sniffs out Ubiquiti router users
The authorities have warned users of Ubiquiti EdgeRouter products to take remedial action after a number of devices were hijacked into a malicious botnet by a Russian cyber espionage unit
-
March 01, 2024
01
Mar'24
APAC firms bullish on IT spending
More than half of organisations plan to spend more on key areas such as cyber security, generative AI and cloud in a sign of growing optimism across the region
-
February 29, 2024
29
Feb'24
Home Office GPS tagging of asylum seekers breaches data protection law
The Information Commissioner’s Office has issued an enforcement notice against the Home Office after finding its programme to tag asylum seekers with GPS monitors breaches data protection law
-
February 29, 2024
29
Feb'24
Okta doubles down on cyber in wake of high-profile breaches
Okta launches Secure Identity Commitment to shore up its technology in the wake of a damaging breach and elevate best practice around identity
-
February 29, 2024
29
Feb'24
DSIT publishes results of public digital identity trust consultation
Report from Department for Science, Innovation and Technology shows UK public wants government to be accountable and transparent, and views trust and inclusivity as key
-
February 29, 2024
29
Feb'24
Police arrested journalists as part of surveillance operation to identify confidential sources
Three police forces took part in surveillance operations between 2011 and 2018 to identify sources that leaked information to journalists Trevor Birney and Barry McCaffrey, the Investigatory Powers Tribunal hears
-
February 28, 2024
28
Feb'24
New version of ALPHV/BlackCat ransomware hits victims
An updated version of the ALPHV/BlackCat ransomware has been spotted in the wild amid a series of attacks on American healthcare providers, prompting a new alert from the authorities
-
February 28, 2024
28
Feb'24
75% of third-party breaches target software, IT supply chains
Data drawn from SecurityScorecard’s telemetry reveals how supply chain breaches are becoming a weapon of choice for threat actors
-
February 28, 2024
28
Feb'24
Users love their cyber teams, but find them frustrating
Despite strong support for security teams, a good number of ordinary workers see them as obstructive to business goals, and would like to see them operate more transparently
-
February 27, 2024
27
Feb'24
Black Basta and Bl00dy ransomware gangs exploiting ConnectWise vulns
More ransomware gangs have been observed exploiting two dangerous vulnerabilities in ConnectWise ScreenConnect software, prompting new warnings for users to get patching
-
February 27, 2024
27
Feb'24
VulnCheck bug listing to help track new threats quicker
Exploit intelligence firm VulnCheck launches a proprietary Known Exploited Vulnerabilities catalogue in hopes of improving end-user access to intel on emerging threats and reaching those that the likes of CISA do not
-
February 27, 2024
27
Feb'24
Majority of UK employees ‘willingly gamble’ with security
Human-centric threats originating from employees continue to damage organisations both financially and reputationally, according to a report
-
February 27, 2024
27
Feb'24
Executive interview: David Wong, Thomson Reuters
We speak to the chief product officer of Thomson Reuters about working with artificial intelligence and embedding Microsoft Copilot for Word
-
February 27, 2024
27
Feb'24
Hycu uses AI to develop APIs for SaaS application backup
SaaS applications don’t usually come with built-in data protection, but Hycu plans to tackle that gap in the market with AI to generate the connectors needed to backup user data
-
February 27, 2024
27
Feb'24
Microsoft president commits to Azure open platform for AI
Brad Smith sets out Microsoft’s ambitions to make Azure the best platform to host foundational AI models, and train and run AI applications
-
February 27, 2024
27
Feb'24
Cozy Bear and other APTs changing tack as cloud adoption increases
A change in APT tactics has been observed resulting from greater adoption of cloud-based services, according to the NCSC
-
February 26, 2024
26
Feb'24
LockBit bids to save face after NCA takedown
The LockBit gang’s ringleader resurfaces with new infrastructure and new victims, claiming to have shrugged off a multinational police sting
-
February 26, 2024
26
Feb'24
Storage and backup spend in 2024 targets risk and resilience
The TechTarget and ESG spending intentions survey finds big bias towards averting risk and building organisational resilience, but on-premise storage a significant planned outlay
-
February 23, 2024
23
Feb'24
ConnectWise users see cyber attacks surge, including ransomware
ConnectWise ScreenConnect users who have yet to patch against a critical vulnerability are now being targeted by a barrage of cyber attacks, including ransomware
-
February 23, 2024
23
Feb'24
NCA trolls under fire LockBit gang leaders
The NCA has teased details of the identity of LockBit's main admin via the gang’s compromised dark web site, and hinted that he has been engaging with law enforcement
-
February 22, 2024
22
Feb'24
Cyber experts alarmed by ‘trivial’ ConnectWise vulns
The disclosure of two dangerous vulnerabilities in the popular ConnectWise ScreenConnect product is drawing comparisons with major cyber incidents, including the 2021 Kaseya attack
-
February 22, 2024
22
Feb'24
Toshiba and Orange test quantum encryption on traditional network
Researchers used QKD on a fibre-optic network spanning 184km to show how the technology could be used to secure networks cost-effectively
-
February 22, 2024
22
Feb'24
Inside LockBit: A ransomware gang in decline?
The LockBit ransomware gang was already on the ropes prior to the NCA-led takedown, according to security researchers
-
February 21, 2024
21
Feb'24
Australian data breach report highlights supply chain risks
The OAIC has called for organisations to proactively address privacy risks from outsourcing personal information handling to third parties
-
February 21, 2024
21
Feb'24
CVE volumes set to increase 25% this year
The number of reported Common Vulnerabilities and Exposures is likely to grow significantly in 2024, hitting a new high of almost 35,000, according to Coalition, a cyber insurance specialist
-
February 21, 2024
21
Feb'24
SITA enhances aviation SASE with automated multi-cloud networking service
Leading IT provider in the air transport industry announces strategic collaboration with multi-cloud networking firm to gain enhanced access to secure cloud-based offerings