News

IT security

• January 18, 2023 18 Jan'23

  Oracle and CBI: companies cautious, selective in 2023 IT, business investment

  Oracle and the CBI are seeing much the same picture of cautious technology investment of UK businesses in 2023, in the context of long Covid and the energy price inflation crisis

• January 18, 2023 18 Jan'23

  Ukraine cyber teams responded to more than 2,000 attacks in 2022

  The Ukrainian authorities responded to more than 2,000 major cyber incidents during 2022, and are blocking thousands more potential attacks every day

• January 17, 2023 17 Jan'23

  Cloudflare urged to clamp down on pirates, counterfeiters

  A whitepaper produced by brand protection specialist Corsearch calls on Cloudflare to do more to stop online content piracy and sales of counterfeit goods

• January 17, 2023 17 Jan'23

  Crest throws support behind CyberUp CMA reform campaign

  Cyber accreditation association Crest International has lent its support to the CyberUp campaign for reform to the Computer Misuse Act of 1990

• January 17, 2023 17 Jan'23

  Royal Mail promises ‘workarounds’ to restore services after ransomware attack

  Royal Mail CEO Simon Thompson apologises to customers whose businesses are being disrupted by a ransomware attack and promises a ‘workaround’ will be in place in the near future

• January 16, 2023 16 Jan'23

  The Security Interviews: Protecting your digital self

  Our digital self – the virtual presence of who we are online – has a pervasive influence in the real world. People make judgements based on these digital depictions, so what can be done to ensure positive representation?

• January 15, 2023 15 Jan'23

  Thai enterprises spend more on software amid growing digitalisation

  The majority of software spending in Thailand during the first half of 2022 went into applications followed by infrastructure software and development tools, according to IDC

• January 14, 2023 14 Jan'23

  Experts concerned over silence around government obligation to review UK surveillance laws

  The government is required to review the UK’s surveillance law, the Investigatory Powers Act, but experts say they are in the dark about its plans. The National Crime Agency’s operation Venetic has highlighted the need for urgent reforms

• January 13, 2023 13 Jan'23

  Cabinet Office looks to expand public data sharing for digital ID

  Cabinet Office seeks feedback on proposed legislation to enhance data sharing across the public sector, in support of the UK government’s ambition to have a single sign-on identity-check system for all public services

• January 13, 2023 13 Jan'23

  LockBit cartel suspected of Royal Mail cyber attack

  The still-developing cyber incident at Royal Mail may be the work of the infamous LockBit ransomware operation

• January 12, 2023 12 Jan'23

  Companies warned to step up cyber security to become ‘insurable’

  Investing in better IT security to protect against cyber crime will make businesses more resilient against other risks 

• January 12, 2023 12 Jan'23

  UK government completes trials of age estimation technology

  Government-led trials of age estimation and verification technologies for the sale of alcohol in nightlife venues and supermarkets have been completed, with both government and retail lobbyists pushing for legislation that would allow retailers to ...

• January 12, 2023 12 Jan'23

  Chrome vulnerability could have led to widespread data theft

  A dangerous vulnerability in Google Chrome and Chromium-based browsers could have put billions of users’ files at risk of being stolen

• January 12, 2023 12 Jan'23

  Cloudflare completes SASE offer with Magic WAN Connector

  Software-defined wide-area network functionality released by online application acceleration and infrastructure provider Cloudflare to complete single-supplier secure access service edge offering

• January 12, 2023 12 Jan'23

  Guardian confirms Christmas 2022 cyber attack was ransomware

  Guardian Media Group bosses confirm the 20 December cyber attack that left staff locked out of its London office and disrupted several key systems was an untargeted ransomware attack

• January 11, 2023 11 Jan'23

  Royal Mail services hit by major cyber attack

  UK postal service Royal Mail is asking customers not to send any overseas letters or parcels while it deals with the impact of an ongoing cyber attack

• January 11, 2023 11 Jan'23

  Should we be worried about malicious use of AI language models?

  WithSecure research into GPT-3 language models, used by the likes of ChatGPT, surfaces concerning findings about how easy it is to use large language models for malicious purposes. Should security teams be concerned?

• January 11, 2023 11 Jan'23

  Internet shutdowns cost global economy $24bn in 2022

  Deliberate disruption of people’s access to the internet by governments is having a substantial economic impact and contributing to a range of human rights abuses, primarily against protestors

• January 11, 2023 11 Jan'23

  Microsoft fixes EoP zero-day on January Patch Tuesday

  On the first Patch Tuesday of 2023, Microsoft fixed an elevation of privilege vulnerability in Windows Advanced Local Procedure Call, which has been actively exploited in the wild and may be co-opted into ransomware campaigns

• January 11, 2023 11 Jan'23

  NHS data platform costing £480m to supersede Covid-19 data store underway

  NHS England has invited suppliers to tender for a data platform that will supersede the Covid-19 data store controversial for the involvement of data analytics firm Palantir

• January 11, 2023 11 Jan'23

  Davos 2023: Pervasive cyber crime and cyber security gaps pose severe risk to organisations

  Governments and organisations face tough trade-offs as they balance immediate problems caused by economic recession, energy shortages and rising interest rates with longer-term risks, including the impact of global warming

• January 11, 2023 11 Jan'23

  What’s happening with quantum-safe cryptography?

  Chinese researchers claim quantum technology is reaching a point where a quantum device will soon be able to crack RSA 2048 public key encryption

• January 10, 2023 10 Jan'23

  New APT group targets ASEAN governments and militaries

  The Dark Pink advanced persistent threat group used custom malware to exfiltrate data from high-profile targets through spear-phishing emails last year, according to Group-IB

• January 10, 2023 10 Jan'23

  Insurer Beazley introduces catastrophe bond to ease cyber risk

  Insurance company Beazley says that its $45m cyber catastrophe bond will help to protect its balance sheet and enable it to offer more cyber insurance cover

• January 09, 2023 09 Jan'23

  JPMorgan ordered to face lawsuit over cyber attack on Ray-Ban maker

  US banking giant JPMorgan forced to respond to accusations that it failed to inform a business customer about suspicious transactions

• January 08, 2023 08 Jan'23

  Vulnerable organisations to get free Cyber Essentials support

  Charities and legal aid firms are among those to be offered free security checks and certifications from the National Cyber Security Centre

• January 06, 2023 06 Jan'23

  Proposed digital fraud refund rules risk excluding many victims

  Proposals to establish a fraud refund mechanism in the UK risk excluding many victims of digitally enabled fraud, a major bank has warned

• January 06, 2023 06 Jan'23

  Russia’s Turla falls back on old malware C2 domains to avoid detection

  Mandiant says it has observed the Russian APT UNC2410, also known as Turla, re-registering expired or sinkholed domains previously used by financially motivated cyber criminals

• January 06, 2023 06 Jan'23

  Vice Society cyber gang targeted multiple UK schools

  The Vice Society ransomware gang has made a habit of attacking educational institutions, and now appears to have struck multiple schools, colleges and universities in the UK

• January 06, 2023 06 Jan'23

  Meta to appeal £345m fine for Facebook and Instagram privacy breaches

  Social media company Meta is to appeal after the Irish Data Protection Commission fined the company for breaching GDPR

• January 05, 2023 05 Jan'23

  Cyber gang abused free trials to exploit public cloud CPU resources

  A South Africa-based cyber crime gang exploited free trials and introductory offers to run cryptominers via public cloud services, then did a runner without paying

• January 05, 2023 05 Jan'23

  Warning over ransomware attacks spreading via Fortinet kit

  Following the disclosure of a critical vulnerability in October 2022, Fortinet VPN devices were exploited in two known ransomware attacks, with access likely sold on the dark web

• January 05, 2023 05 Jan'23

  Fallout from Guardian cyber attack to last at least a month

  The Guardian newspaper’s offices remained shut into the New Year following a supposed ransomware attack, with disruption likely to last some time

• January 05, 2023 05 Jan'23

  Cashless Denmark has no bank robberies in a year for first time

  Denmark saw no bank robberies in a single year for the first time ever, but online fraud continues to increase

• January 03, 2023 03 Jan'23

  Test of digital ID tech at Surrey nightclub proclaimed success

  The majority of visitors to a Camberley venue who piloted a digital identification app developed by 1account said they found it easy to use and preferred it to standard physical ID

• January 02, 2023 02 Jan'23

  China and India governments among top targets for cyber attackers

  Chinese and Indian governments targeted by hacktivists and ransomware groups out to make statement or expose flaws in their respective security postures

• December 29, 2022 29 Dec'22

  Top 10 technology and ethics stories of 2022

  Here are Computer Weekly’s top 10 technology and ethics stories of 2022

• December 28, 2022 28 Dec'22

  Complaints that NCA failed in duty of candour over EncroChat warrants ‘incredible’, court hears

  NCA lawyers argue that a decision by an NCA intelligence officer to disclose notes of a key meeting after two-and-a-half years boosts her credibility as a witness

• December 27, 2022 27 Dec'22

  Top 10 ASEAN IT stories of 2022

  Despite the challenges over the past year, ASEAN businesses have taken things in stride as they press on with digital transformation, whether it is empowering citizen developers or building cloud-native applications

• December 22, 2022 22 Dec'22

  Top 10 India IT stories of 2022

  We recap the top 10 stories in India, including the digitisation work undertaken by global firms in the country and the progress made by local enterprises in harnessing technology

• December 22, 2022 22 Dec'22

  NCA ‘wrong-footed’ defence lawyers after agreeing to take expert evidence on EncroChat ‘as read’

  The National Crime Agency argued at the Investigatory Powers Tribunal that expert evidence it agreed to ‘take as read’ is limited, flawed and often based on an incorrect interpretation of the law

• December 22, 2022 22 Dec'22

  Mitiga researchers disclose AWS Elastic IP hijacking vulnerability

  Cloud incident response supplier Mitiga has said a new AWS feature has led to a vulnerability that could allow hackers to access and steal Elastic IP addresses and gain control over AWS accounts

• December 22, 2022 22 Dec'22

  Top 10 cyber security stories of 2022

  The war in Ukraine loomed large over the cyber security news agenda, but 2022 also saw growing awareness of open source security, discussion around cyber insurance, and more besides

• December 22, 2022 22 Dec'22

  Top 10 crime, national security and law stories of 2022

  Here are Computer Weekly’s top 10 crime, national security and law stories of 2022

• December 22, 2022 22 Dec'22

  Top 10 cyber crime stories of 2022

  Cyber crime continued to hit the headlines in 2022, with impactful cyber attacks abounding, digitally enabled fraud ever more widespread and plenty of ransomware incidents

• December 21, 2022 21 Dec'22

  Top 10 ANZ IT stories of 2022

  We recap the top 10 stories in Australia and New Zealand, including the opportunities and challenges that organisations in the region have faced over the past year

• December 20, 2022 20 Dec'22

  Top 10 software development stories of 2022

  We look at how software development has adapted to the changing economic climate over the past 12 months

• December 16, 2022 16 Dec'22

  Shiseido data breach victims plan legal action over fake companies

  Employees and former employees of cosmetics firm Shiseido whose data was stolen in a recent breach are planning group legal action after their information was used to establish fraudulent companies in their names

• December 16, 2022 16 Dec'22

  Defence lawyers claim NCA witness gave unreliable evidence on EncroChat hacking operation

  National Crime Agency argues that the lawfulness of surveillance warrants issued to hack the EncroChat phone network should only be considered in the light of facts and assessments known at the time

• December 16, 2022 16 Dec'22

  UK unis implement new IP traffic policies to combat ransomware

  Jisc will introduce new measures to protect UK universities and research institutions from ransomware attacks that exploit the Remote Desktop Protocol remote-access feature