News
IT security
-
April 12, 2023
12
Apr'23
April Patch Tuesday fixes zero-day used to deliver ransomware
A zero-day in the Microsoft Common Log File System that has been abused by the operator of the Nokoyawa ransomware is among 97 vulnerabilities fixed in April’s Patch Tuesday update
-
April 12, 2023
12
Apr'23
Gartner: Rebalance cyber investment towards human-centric elements
Security decision-makers need to reprioritise their investment outlooks towards people, rather than technology, according to the latest market forecast from Gartner
-
April 12, 2023
12
Apr'23
Okta integrates with Singapore’s national digital ID system
The integration with Singpass will let Okta customers authenticate consumers using Singapore’s national digital ID system and is expected to expand the company’s reach in regulated industries
-
April 11, 2023
11
Apr'23
Anne Keast-Butler named as new director of GCHQ
The government has appointed current MI5 deputy director general Anne Keast-Butler to head signals and cyber agency GCHQ
-
April 11, 2023
11
Apr'23
KFC, Pizza Hut data stolen in January ransomware attack
Yum!, the parent organisation behind KFC and Pizza Hut in the UK, has disclosed that employee data was accessed and exfiltrated in a January 2023 ransomware attack
-
April 11, 2023
11
Apr'23
UKtech50 2023: Help us find the most influential people in UK IT
Computer Weekly’s annual search for the 50 most influential people in UK IT is back – let us know who you would like to nominate for this year’s list
-
April 06, 2023
06
Apr'23
IBM's Nataraj Nagaratnam on the cyber challenges facing cloud services
Governments are introducing increasingly prescriptive data protection policies, but with organisations becoming ever more reliant on multiple cloud service platforms for essential business needs, how can they ensure they meet regulatory requirements?
-
April 06, 2023
06
Apr'23
Prioritise automated hardening over traditional cyber controls, says report
A report from strategic risk specialist Marsh McLennan advises security buyers to funnel their budgets towards automated cyber security hardening techniques, saying they have a much better chance of reducing risk in a meaningful way
-
April 06, 2023
06
Apr'23
Clop ransomware booms in March as Fortra zero-day pays off for gang
Backed by the threat actor tracked variously as Gold Tahoe and TA505, the Clop ransomware operation hit new ‘heights’ of activity last month, according to researchers
-
April 05, 2023
05
Apr'23
Quick-acting Rorschach ransomware appears out of nowhere
Emergent Rorschach ransomware strain is highly advanced and quite unusual in its capabilities, warn researchers, who say they have been unable to link it to any other known strains
-
April 05, 2023
05
Apr'23
Cops bust Genesis cyber crime marketplace
Multinational Operation Cookie Monster takes down Genesis Market, a crucial source of compromised data used by criminals for fraud and other cyber attacks
-
April 05, 2023
05
Apr'23
Italy’s ChatGPT ban: Sober precaution or chilling overreaction?
Italy’s data protection authority issued a temporary ban on ChatGPT citing data protection concerns and alleged breaches of the GDPR. Is this a reasonable precaution, or a chilling restriction on personal freedoms?
-
April 05, 2023
05
Apr'23
Scottish police tech piloted despite major data protection issues
Scottish policing bodies are pressing ahead with a data sharing pilot despite data protection issues around the use of US cloud providers, placing sensitive personal data of tens of thousands of people at risk
-
April 04, 2023
04
Apr'23
TikTok fined in UK over unlawful use of children’s data
The ICO has fined TikTok £12.7m for breaches of data protection law, including unlawfully collecting data on children under 13
-
April 04, 2023
04
Apr'23
National Cyber Force carrying out daily hacking operations to disrupt hostile threats
Government discloses details about the National Cyber Force’s disruption activities against terrorists, organised criminals and nation states – and names first NCF chief as James Babbage
-
April 04, 2023
04
Apr'23
Threat researchers dissect anatomy of a Royal ransomware attack
Trellix researchers share the inside track on a Royal ransomware attack that hit one of its customers in late 2022
-
April 04, 2023
04
Apr'23
Over 90% of organisations find threat hunting a challenge
Understaffed security teams and high levels of background noise are making basic security operations tasks a chore for defenders, according to a report
-
April 03, 2023
03
Apr'23
Australia’s media and telecoms sector saw most data breaches in 2022
The media and telecoms industry accounted for the bulk of stolen credentials in Australia in 2022, underscoring the need to shore up the country’s cyber security posture
-
April 03, 2023
03
Apr'23
Three-day Capita outage was result of cyber attack
Public sector outsourcer Capita has confirmed a major outage which began on 31 March was the result of a cyber attack affecting its Office 365 apps
-
April 03, 2023
03
Apr'23
CIO interview: Carter Busse, CIO, Workato
Workato CIO Carter Busse talks up the company’s approach towards automation and its efforts to drive the technology across its business
-
March 31, 2023
31
Mar'23
Mounting Russian disinformation campaign targeting Arab world
Researchers have found evidence of a broad Russian disinformation campaign targeting Arabic-speakers in the Middle East and North Africa
-
March 31, 2023
31
Mar'23
Ukrainians bust cyber criminals who stole over £3m across Europe
Ukrainian police have arrested members of a cyber crime gang who stole and embezzled millions of pounds from victims across Europe
-
March 30, 2023
30
Mar'23
OSC&R supply chain security framework goes live on Github
The OSC&R framework for understanding and evaluating threats to supply chain security has made its debut on Github to allow anybody to contribute to the framework
-
March 30, 2023
30
Mar'23
NCSC issues revised security Board Toolkit for business leaders
National Cyber Security Centre calls on CEOs and senior business leaders to take a more hands-on approach to cyber resilience with the launch of revised board-level tools
-
March 30, 2023
30
Mar'23
NHS Highland rapped over data breach affecting HIV patients
NHS Highland inadvertently exposed the personal data of individuals likely to be accessing HIV services in a lapse of email hygiene
-
March 30, 2023
30
Mar'23
Reactive approach to cyber procurement risks damaging businesses
Too many organisations are following a reactive approach to cyber security, which WithSecure believes is stifling security teams ability to demonstrate value and align with business outcomes
-
March 30, 2023
30
Mar'23
3CX unified comms users hit by supply chain attacks
Ongoing supply chain attacks against customers of UC firm 3CX appear to be linked to North Korean threat actors
-
March 29, 2023
29
Mar'23
UK government publishes AI whitepaper
Artificial intelligence whitepaper outlines UK government’s proposals to regulate the technology, which are based around creating an agile, “pro-innovation” framework
-
March 29, 2023
29
Mar'23
New North Korean APT launders crypto to fund spying programmes
Mandiant has attributed an ongoing campaign of malicious activity to a newly designated APT that is engaged in the acquisition and laundering of cryptocurrency to fund the regime’s espionage activities
-
March 29, 2023
29
Mar'23
How organisations can weaponise data privacy
Organisations should turn data privacy into a competitive advantage and look beyond regulatory compliance to build a privacy programme that aligns with business targets, says Gartner
-
March 29, 2023
29
Mar'23
Generative AI presents opportunities and challenges to UK schools
Generative AI and LLMs hold great potential for use in the classroom, but the privacy and security implications of its use must be carefully considered, says the Department for Education
-
March 28, 2023
28
Mar'23
Microsoft expands AI Copilot project into security realm
New Microsoft service, Security Copilot, will supposedly expand the reach, speed and effectiveness of cyber teams
-
March 28, 2023
28
Mar'23
Apple security updates fix 33 iPhone vulnerabilities
A larger-than-usual update to Apple’s mobile operating system fixes more than 30 distinct vulnerabilities, including two serious issues that may potentially affect device kernels
-
March 28, 2023
28
Mar'23
Inside Group-IB’s cyber security playbook
A focus on threat intelligence, fraud protection and its work with Interpol has enabled Group-IB to compete against bigger rivals in the market
-
March 28, 2023
28
Mar'23
Europol warns cops to prep for malicious AI abuse
In a report looking at how large language models can be used by criminals, Europol’s Innovation Lab calls on law enforcement agencies to prepare themselves for wide-ranging impacts on their work
-
March 28, 2023
28
Mar'23
Ethical hackers urged to respond to Computer Misuse Act reform proposals
The deadline for submissions to the government’s consultation on reform of the Computer Misuse Act is fast approaching, and ethical hackers and security experts need to make their voices heard, says Bugcrowd
-
March 28, 2023
28
Mar'23
Ransomware attacks up 45% in February, LockBit responsible
NCC Group says it observed a surge in ransomware attacks in February, with LockBit, BlackCat and BianLian all highly active
-
March 27, 2023
27
Mar'23
France latest to ban TikTok on government devices
Following bans in the UK and US, France has moved to enact restrictions on TikTok, and other social media apps, on government devices
-
March 27, 2023
27
Mar'23
JP Morgan pilots palm and face-recognition technology in US
JP Morgan is testing out its biometric payment technology in selected retailer stores and at the upcoming Formula 1 Grand Prix in Miami
-
March 24, 2023
24
Mar'23
National Crime Agency sting operation infiltrates cyber crime market
The UK National Crime Agency has tricked thousands of potential cyber criminals into registering with a fake website pretending to offer tools for creating DDoS attacks
-
March 24, 2023
24
Mar'23
Aryaka expands SD-WAN, SASE offer to SMEs
Having deployed its services to large enterprises and Fortune 100 companies for over a decade, software-defined networking technology focuses on small to medium-sized enterprises for secure access and wide area networks
-
March 22, 2023
22
Mar'23
Why Veeam thinks ransomware warranty payouts are unlikely
Veeam Data Platform v12 offers a financial guarantee to customers that can’t restore after ransomware attacks, but the backup supplier is convinced it won’t be making many payouts
-
March 22, 2023
22
Mar'23
Government launches seven-year NHS cyber strategy
The new Cyber Security Strategy for Health and Adult Social Care lays out a plan for promoting cyber resilience in the sector by 2030 to protect services and patients alike
-
March 21, 2023
21
Mar'23
Nordics move towards common cyber defence strategy
Nordic countries agree to work together to improve their cyber defences amid increasing threat
-
March 21, 2023
21
Mar'23
How Mimecast thinks differently about email security
Mimecast CEO Peter Bauer believes the company’s comprehensive approach towards email security has enabled it to remain relevant to customers for two decades
-
March 21, 2023
21
Mar'23
Hitachi Energy emerges as victim of Clop gang’s Fortra attack
The power and energy division of Japanese conglomerate Hitachi has disclosed that it has fallen victim to a Clop cyber attack, but insists customer data is safe
-
March 21, 2023
21
Mar'23
GDS signs £24m worth of contracts for One Login
As the Government Digital Service (GDS) prepares for the official end of Gov.uk Verify, it signs three new contracts for its successor programme, One Login
-
March 21, 2023
21
Mar'23
Ferrari rejects ransom demand after cyber attack
Italian carmaker Ferrari says it will refuse to pay a ransom after an unspecified threat actor broke into its IT systems and stole customer data
-
March 21, 2023
21
Mar'23
Ransomware gangs harass victims to ‘bypass’ backups
Analysis reveals how cyber criminal gangs are turning to extensive, targeted harassment campaigns to force victims to pay up, even if their backups are in good order
-
March 20, 2023
20
Mar'23
NCSC launches cyber check-up tools for SMEs
The NCSC has launched two new security services aimed at SMEs that lack the resources to address cyber issues, and may underestimate their vulnerability to attack