News
IT security
-
November 22, 2022
22
Nov'22
C-suite mystified by cyber security jargon
Malware, supply chain attack, zero-day, IoC, TTP and Mitre ATT&CK are just some of the everyday terms that security pros use that risk making the world of cyber incomprehensible to outsiders
-
November 21, 2022
21
Nov'22
Bug Bounty Calculator helps organisations fine-tune their payouts
Newly launched comparison tool will supposedly help operators of vulnerability disclosure or bug bounty programmes to ensure their payments match market rates and expectations, and attract the right sort of attention
-
November 21, 2022
21
Nov'22
NHS federated data platform must avoid repeating Care.data mistakes, says national data guardian
UK’s national data guardian agrees with the ambitions of the platform, but warns that the programme must avoid ‘common pitfalls around trust and transparency’
-
November 21, 2022
21
Nov'22
NHS trust that deleted up to 90,000 emails cleared of deliberately concealing evidence
A tribunal found in a high-profile case brought by whistleblower Chris Day that an NHS trust had not deliberately concealed evidence when a director deleted up to 90,000 emails before he was due to testify
-
November 18, 2022
18
Nov'22
Is Elon Musk’s Twitter safe, and should you stop using it?
With a litany of security and compliance issues exposed and in many cases caused by Elon Musk’s takeover of social media platform Twitter, some may be asking if it’s still safe or appropriate to use
-
November 18, 2022
18
Nov'22
New gold standard to protect good faith hackers
HackerOne’s new Gold Standard Safe Harbour statement will supposedly act as a guarantee for good faith hacking
-
November 18, 2022
18
Nov'22
CyberPeace Institute helps NGOs improve their security resilience
Adrien Ogée of the CyberPeace Institute talks about his work supporting NGOs and humanitarian organisations, and how the security community at large can help protect the world’s most vulnerable people
-
November 18, 2022
18
Nov'22
Enterprises embrace SD-WAN but miss benefits of integrated approach to security
Research from managed network and security services provider finds virtually all enterprises have deployed software-defined wide area networks or plan to do so within the next 24 months, but nearly half reported they either don’t have security ...
-
November 17, 2022
17
Nov'22
Another Log4Shell warning after Iranian attack on US government
The breach of a US federal body by an Iranian threat actor exploiting the Adobe Log4j Log4Shell vulnerability has prompted a fresh flurry of patching
-
November 17, 2022
17
Nov'22
Scottish government to pilot digital identity platform in early 2023
Pilot of Scotland’s digital identity platform will be run in partnership with Disclosure Scotland, using secure sign-on and identity verification
-
November 17, 2022
17
Nov'22
HMRC will begin migration from Government Gateway to One Login in summer 2023
One Login for Government programme has the objective of simplifying access to central government, says HMRC chief technology and design officer
-
November 16, 2022
16
Nov'22
Global network fragmentation a source of increasing risk
Risk consultancy’s report says the weaponisation of cyber space and geopolitical clashes herald a breakdown of global networks into distinct regional or national architectures
-
November 15, 2022
15
Nov'22
APP fraud volumes expected to double by 2026, says report
Losses to authorised push payment fraud in the UK are expected to climb to over $1.5bn in the next four years. Meanwhile, the NAO accuses the Home Office of lagging on progress to tackle the issue
-
November 15, 2022
15
Nov'22
Inside Singapore’s public sector IT strategy
Adopting a platform approach with products that can scale across the board and building a strong engineering bench are some of the key aspects in Singapore’s public sector IT strategy
-
November 14, 2022
14
Nov'22
How Google and Mandiant are forging synergies in cyber security
Google’s AI smarts and Mandiant’s intelligence on new and emerging threats could lay the foundation of proactive security
-
November 13, 2022
13
Nov'22
Online scam victims lose an average of £1,000 each
New data from the National Fraud Intelligence Bureau shows victims of online fraud lose an average of £1,000 per person
-
November 11, 2022
11
Nov'22
Volume of self-reported breaches to ICO jumps 30%
The number of self-reported breaches to the UK’s Information Commissioner’s Office soared by nearly 30% in the 12 months to 30 June 2022
-
November 11, 2022
11
Nov'22
MoD recruits Immersive Labs to bolster cyber resilience
UK’s Ministry of Defence will run cyber drills and address its security talent gap with Immersive Labs’ CyberPro, Cyber Crisis Simulator and Application Security products
-
November 10, 2022
10
Nov'22
Cyber criminals have World Cup Qatar 2022 in their sights
Volumes of malicious cyber activity around the upcoming FIFA World Cup are already starting to tick upwards and are likely to continue to do so
-
November 09, 2022
09
Nov'22
Optus earmarks A$140m to cover cost of data breach
Optus sets aside A$140m as an exceptional expense for a customer remediation programme following a massive data breach that affected 10 million customers
-
November 09, 2022
09
Nov'22
UK’s National Cyber Advisory Board convenes for first time
Government convenes National Cyber Advisory Board to further its goals of making the UK one of the safest places to live and work online
-
November 09, 2022
09
Nov'22
Microsoft serves smorgasbord of six zero-days
November’s Patch Tuesday fixes significantly fewer vulnerabilities of late, but includes six actively-exploited zero-days, three of them of critical severity
-
November 09, 2022
09
Nov'22
Why Sophos is bullish on managed security services
Sophos has grown its managed detection and response business to more than $100m over the last three years as more organisations grapple with the increasingly complex cyber security landscape
-
November 08, 2022
08
Nov'22
NortonLifeLock, Avast debut new ‘Gen’ identity
The combined NortonLifeLock and Avast consumer cyber business, Gen, says it will serve over 500 million customers worldwide
-
November 07, 2022
07
Nov'22
Public sector IT projects need ethical data practices from start
Data ethics needs to be integrated into public sector IT projects from the very start, and considered throughout every stage of the process, to be effective
-
November 07, 2022
07
Nov'22
Department for Education escapes £10m fine over data misuse
Department entrusted data on 28 million children to a company called Trustopia, which turned out to be anything but trustworthy, but has escaped a £10m fine under new rules
-
November 07, 2022
07
Nov'22
Keeping personally identifiable data personal
As it celebrates its 100th birthday, the BBC has begun a pilot looking into its role in enabling the general public to store their personal data
-
November 04, 2022
04
Nov'22
Elon Musk begins mass Twitter layoffs via email
New Twitter owner Elon Musk has begun the process of cutting the company’s workforce in half, but is already facing a legal backlash for allegedly violating US labour laws
-
November 04, 2022
04
Nov'22
Microsoft: Nation-state cyber attacks became increasingly destructive in 2022
The willingness of nation-state actors to conduct destructive cyber attacks is a source of grave concern, as Microsoft’s latest annual Digital Defence Report lays bare
-
November 03, 2022
03
Nov'22
Microsoft pledges $100m in new IT support for Ukraine
Microsoft will continue to offer free-of-charge technology support to Ukraine for the foreseeable future
-
November 03, 2022
03
Nov'22
The Security Interviews: Building trust online
Consumer reviews website Trustpilot has built and scaled its IT security team and is now turning to agile methods and DevSecOps to further enhance its cyber capabilities
-
November 03, 2022
03
Nov'22
Automated threats biggest source of cyber risk for retailers
Threat actors targeting retailers during the coming holiday season are increasingly turning to automated forms of cyber attack, according to a report
-
November 03, 2022
03
Nov'22
Global coalition reaffirms commitment to fight ransomware
Representatives of 36 countries, as well as the EU, attended the second International Counter Ransomware Initiative Summit in Washington DC
-
November 02, 2022
02
Nov'22
Dropbox code compromised in phishing attack
Cloud storage service says malicious actors successfully accessed some of its code within GitHub, but insists customer data is secure
-
November 02, 2022
02
Nov'22
UK spent £6.4m on secret cyber package for Ukraine
Westminster has revealed for the first time the existence of a previously top-secret security programme that has been helping Ukraine fend off Russian cyber attacks
-
November 02, 2022
02
Nov'22
OpenSSL vulnerabilities ‘not as bad as feared’
As previously trailed, OpenSSL patched two buffer overflow vulnerabilities, neither of them as impactful as had been feared
-
November 01, 2022
01
Nov'22
A third of UK cyber leaders want to quit, report says
Nearly a third of UK security leaders are considering leaving their current role, and more than half are struggling to keep on top of their workload
-
November 01, 2022
01
Nov'22
NCSC looks back on year of ‘profound change’ for cyber
The NCSC ramped up its support for UK plc in the past 12 months, but it was events beyond the UK’s borders that proved the most impactful
-
November 01, 2022
01
Nov'22
How Elastic is going beyond enterprise search
Elastic has been doubling down on the security and observability capabilities of its open-source platform, going beyond its roots in enterprise search
-
October 31, 2022
31
Oct'22
Prepare today for potentially high-impact OpenSSL bug
OpenSSL trailed a critical vulnerability patch last week, which will be only the second such flaw ever found in the open source encryption project. Unfortunately, the first was Heartbleed
-
October 31, 2022
31
Oct'22
Cyber crime officer says French legal challenges to EncroChat are ‘hype’
Matthieu Audibert, officer of the French Gendarmerie’s cyber space command, gets into a spat with defence lawyers on Twitter over the lawfulness of evidence from the hacked phone network EncroChat
-
October 27, 2022
27
Oct'22
Government ups cyber support for elderly, vulnerable web users
DCMS announces a funding boost to help the elderly, disabled and other vulnerable groups stay safe online and avoid being misled by disinformation
-
October 27, 2022
27
Oct'22
NCSC’s Levy steps down after 20-year intelligence career
NCSC technical director Ian Levy bids farewell, telling his successor: ‘Don’t panic’
-
October 27, 2022
27
Oct'22
NHS to get new national CISO
The Department for Health and Social Care is seeking a new national CISO, who will be tasked with providing strategic cyber leadership, direction and expertise across DHSC and the wider NHS
-
October 27, 2022
27
Oct'22
LinkedIn adds new features to safeguard user privacy, security
Social media platform is adding a number of features and systems designed to protect legitimate users from inauthentic profiles and activity
-
October 27, 2022
27
Oct'22
Medibank breach casts spotlight on data security
Health insurer Medibank Private recently suffered a major data breach involving the personal and health information of millions of customers, once again casting the spotlight on data security in Australia
-
October 27, 2022
27
Oct'22
Santander calls for cooperation to tackle APP fraud
New report puts forward key recommendations that the banking sector, government and other industries could take to tackle authorised push payment fraud
-
October 26, 2022
26
Oct'22
ICO warns against using biometrics for ‘emotional analysis’
ICO warning highlights risk of ‘systemic bias’ and discrimination associated with organisations using biometric data and technologies for emotion analysis
-
October 26, 2022
26
Oct'22
Cuba ransomware cartel spoofs Ukraine armed forces
Ukrainian cyber experts issue a warning over the activities of the Cuba ransomware cartel
-
October 26, 2022
26
Oct'22
Australia budget closes in on digital divide, cyber resilience
Australia’s latest budget is geared towards providing better broadband connectivity in regional and rural areas, shoring up the cyber security posture of its businesses and plugging tech talent shortages, among other areas