News

IT security

• November 07, 2023 07 Nov'23

  Unesco unveils seven-point anti-disinformation plan

  United Nations body outlines seven proposals for civil society, governments, regulators and tech platforms to adopt to combat the source of disinformation

• November 07, 2023 07 Nov'23

  AI Safety Summit review

  Computer Weekly takes stock of the UK government’s AI Safety Summit and the differing perspectives around its success

• November 06, 2023 06 Nov'23

  Shadow IT use at Okta behind series of damaging breaches

  Okta now believes the initial access vector in a series of damaging breaches was one of its own employees who used a corporate device to sign into their personal Google account

• November 06, 2023 06 Nov'23

  How Trellix’s CISO keeps threat actors at bay

  Trellix’s chief information security officer, Harold Rivas, outlines how the company mitigates security threats through containment and by helping security analysts to respond faster to cyber incidents

• November 02, 2023 02 Nov'23

  Admins told to take action over F5 Big-IP platform flaws

  Two vulnerabilities in the widely used F5 Networks Big-IP platform are now being exploited in the wild

• November 02, 2023 02 Nov'23

  UK workers exhibit poor security behaviours, report reveals

  Report by KnowBe4 has found that four in five UK workers do not make security-conscious choices, whether in-office, remote or hybrid working

• November 02, 2023 02 Nov'23

  How the UK crime agency repurposed Amazon cloud platform to analyse EncroChat cryptophone data

  UK crime agency repurposed AWS-based analytics platform to triage EncroChat data and identify threats to life in messages sent on encrypted phone network

• November 02, 2023 02 Nov'23

  EU digital ID reforms should be ‘actively resisted’, say experts

  Over 300 cyber security experts have called for the EU to rethink its proposals for eIDAS digital identity reforms, saying some of the provisions risk damaging user privacy and security

• November 01, 2023 01 Nov'23

  Lloyds bank kicks off Hyderabad operation

  Lloyds Banking Group has opened its latest tech operation in Hyderabad, with plans to recruit around 600 IT experts

• November 01, 2023 01 Nov'23

  Darktrace CEO Poppy Gustafsson on her AI Safety Summit goals

  As the AI Safety Summit at Bletchley Park takes place, Computer Weekly caught up with Darktrace CEO Poppy Gustafsson to find out what one of the UK’s most prominent AI advocates wants from proceedings

• October 31, 2023 31 Oct'23

  British Library falls victim to cyber attack

  The British Library is experiencing a major IT outage following a cyber incident of an undisclosed nature

• October 31, 2023 31 Oct'23

  Biden’s AI plans focus on US workers’ protection

  The US president has issued an Executive Order that sets out his administration’s strategy for AI safety and security

• October 31, 2023 31 Oct'23

  SEC sues SolarWinds, alleging serious security failures

  SolarWinds and its CISO have been charged with fraud and internal control failures by the US authorities amid allegations of a series of cyber security failings leading up to the 2020 Sunburst attacks

• October 30, 2023 30 Oct'23

  Frontier AI Taskforce starts recruitment drive

  The second progress report from the Frontier AI Taskforce reveals new hires plus vacancy posts for software and research engineers

• October 30, 2023 30 Oct'23

  FDM Group partners with ISACA to boost cyber training programme

  The FDM Group has announced a partnership with ISACA to help develop and boost their cyber training programmes and credentials

• October 27, 2023 27 Oct'23

  Tech firms cite risk to end-to-end encryption as Online Safety Bill gets royal assent

  Tech firms continue to be concerned that the Online Safety Bill could undermine end-to-end encryption despite government reassurances

• October 27, 2023 27 Oct'23

  Domestic abuse charities surface fresh worries over NHS data sharing

  With new NHS data access options coming into effect at the end of October, a group of campaigners including womens' charities and the BMA have warned that the revived GP-patient data sharing scheme risks putting vulnerable people at risk

• October 27, 2023 27 Oct'23

  Microsoft warns over growing threat from Octo Tempest gang

  The English-speaking Octo Tempest extortion gang – which became an ALPHV/BlackCat affiliate recently – presents one of the most significant and rapidly growing threats to large organisations at this time, says Microsoft

• October 27, 2023 27 Oct'23

  How Elastic manages cyber security threats

  Mandy Andress, CISO at Elastic, highlights the company’s approach to tackling evolving cyber threats through the use of AI tools and enhanced security measures while strengthening the capabilities of its security offerings

• October 27, 2023 27 Oct'23

  Google launches bug bounties for generative AI attack scenarios

  Google expands its bug bounty programme to encompass generative AI and takes steps to grow its commitment to supply chain security as it relates to the emerging technology

• October 27, 2023 27 Oct'23

  Germany: European Court opinion kicks questions over EncroChat back to national courts

  Germany lawfully obtained data on German EncroChat users from France, but whether the evidence is legally admissible is a matter for national courts

• October 26, 2023 26 Oct'23

  ChatGPT, Bard, lack effective defences against fraudsters, Which? warns

  Consumer advocacy Which? warns that popular generative AI tools are vulnerable to loopholes that render existing protections against malicious usage easily bypassed

• October 26, 2023 26 Oct'23

  Sunak sets scene for upcoming AI Safety Summit

  Prime minister Rishi Sunak has outlined how the UK will approach making AI safe, but experts say there is still too big a focus on catastrophic but speculative risks over real harms the technology is already causing

• October 26, 2023 26 Oct'23

  Boardrooms losing control in generative AI takeover, says Kaspersky

  C-suite executives are increasingly fretful about what they perceive as a ‘silent infiltration’ of generative AI tools across their organisations

• October 26, 2023 26 Oct'23

  Exploitation of Citrix NetScaler vulns reaching dangerous levels

  Observed activity exploiting two new Citrix NetScaler vulnerabilities disclosed earlier this month is ramping up, and users may be running out of time to patch lest they be attacked

• October 25, 2023 25 Oct'23

  UK Finance paints mixed picture of fraud as losses top £500m

  UK losses to fraud in the first six months of the year topped £500m, but a slight decline in overall crime rates was observed, according to UK Finance’s latest data

• October 25, 2023 25 Oct'23

  Demystifying the top five OT security myths

  Goh Eng Choon, president of ST Engineering’s cyber business, outlines the common myths around OT security in a bid to raise awareness of the security challenges confronting OT systems

• October 25, 2023 25 Oct'23

  1Password caught up in Okta support breach

  After breaches at BeyondTrust and Cloudflare, 1Password, a third customer of Okta operating in the same space, has revealed that it too was impacted in a breach of the IAM house’s support systems

• October 24, 2023 24 Oct'23

  Cisco hackers likely taking steps to avoid identification

  Cisco confirms that a drop in detections of devices compromised by two zero-days was likely the result of reactive measures taken by the threat actors to avoid discovery

• October 24, 2023 24 Oct'23

  Research team tricks AI chatbots into writing usable malicious code

  Researchers at the University of Sheffield have demonstrated that so-called Text-to-SQL systems can be tricked into writing malicious code for use in cyber attacks

• October 24, 2023 24 Oct'23

  Kaspersky opens up over spyware campaign targeting its staffers

  Kaspersky has shared more details of the TriangleDB spyware that was used against its own workforce by an unknown APT group

• October 24, 2023 24 Oct'23

  Customers speak out over Okta’s response to latest breach

  Customers of identity specialist Okta have been attacked via a compromise of its systems, and are claiming Okta’s response leaves something to be desired

• October 24, 2023 24 Oct'23

  Suzy Lamplugh Trust treads path to improved cyber resilience

  Personal safety charity enlists the support of the London Cyber Resilience Centre to improve staff awareness and strengthen its overall cyber resilience

• October 24, 2023 24 Oct'23

  NetApp ‘unified storage’ adds new ASA block storage at Insight

  Las Vegas event sees NetApp continue its evolution to hybrid cloud and data management player announce ASA C-series and Keystone and Kubernetes storage enhancements

• October 23, 2023 23 Oct'23

  Cisco pushes update to stop exploitation of two IOS XE zero-days

  Cisco releases updates to thwart exploitation of two flaws affecting users of its IOS XE software

• October 23, 2023 23 Oct'23

  How Ensign is leading the charge in cyber security

  Lee Fook Sun, chairman of Ensign InfoSecurity, traces the company’s journey and how it is leading the charge in cyber security by doing things differently, investing in R&D and engaging with the wider ecosystem

• October 20, 2023 20 Oct'23

  Computer Weekly contributor named Godfather of UK Security

  Advent IM founder Mike Gillespie was among those honoured at the eighth annual Security Serious Unsung Heroes Awards

• October 20, 2023 20 Oct'23

  Five Eyes chiefs warn of Chinese spying campaign to steal high-tech secrets

  Intelligence chiefs warn high-tech companies and universities they may be the target of attempts by the Chinese Communist Party to steal technology secrets

• October 20, 2023 20 Oct'23

  RagnarLocker cyber gang that pioneered double extortion busted

  Europol and the FBI have taken down the RagnarLocker ransomware crew, a long-standing gang that helped pioneer some now common tactics, taking its dark web negotiation and data leak sites offline

• October 19, 2023 19 Oct'23

  Nuclear regulator raps EDF over cyber compliance

  The Office for Nuclear Regulation says EDF has come up short on needed measures to improve cyber security standards at several critical UK nuclear facilities

• October 19, 2023 19 Oct'23

  Fears grow over extent of Cisco IOS XE zero-day

  Researchers have identified spiking numbers of victims of a recently disclosed Cisco zero-day, as users of the networking supplier’s IOS XE software are urged to take defensive measures

• October 19, 2023 19 Oct'23

  Sellafield local authority unsure if data was stolen six years on from North Korea ransomware attack

  Senior managers at an ‘Achilles heel’ local authority for Europe’s biggest nuclear site ‘still don’t know what was lost’ in a 2017 cyber attack, according to a council source

• October 19, 2023 19 Oct'23

  Loughborough Uni to create five cyber AI research posts

  Supported by Darktrace, Loughborough University is to recruit five doctoral researchers focusing on cross-disciplinary research in AI and cyber security

• October 18, 2023 18 Oct'23

  What are the cyber risks from the latest Middle Eastern conflict?

  The outbreak of war between Hamas and Israel in October 2023 has seen a wide variety of accompanying cyber attacks from hacktivists and other groups. We look at the risks to organisations

• October 18, 2023 18 Oct'23

  Networking and security teams converging

  Study finds more than 80% of IT leaders are consolidating security and networking teams or have a management directive to improve collaboration, with 75% believing using one platform for both purposes would provide benefits across the board

• October 17, 2023 17 Oct'23

  Five Eyes issues five tips on thwarting nation state threats

  Intelligence chiefs from the UK, Australia, Canada, New Zealand and the US have published guidance on building resilience against nation state cyber threats

• October 17, 2023 17 Oct'23

  Hacktivist attacks against Israeli websites mirror attacks following Russian invasion of Ukraine

  Hacktivists supporting Gaza and Palestine have launched hundreds of website defacement attacks against Israeli websites, mirroring the pattern of attacks that occurred after Russia’s invasion of Ukraine

• October 17, 2023 17 Oct'23

  Alert sounded over dangerous Cisco IOS XE zero-day

  Cisco warns customers using its IOS XE software of a newly discovered vulnerability that could enable a threat actor to take over their systems

• October 17, 2023 17 Oct'23

  What it takes to succeed in DevSecOps

  Providing engineering leadership and balancing between speed and security are some areas that organisations will need to focus on in their DevSecOps journey

• October 13, 2023 13 Oct'23

  US SEC launches probe into mass MOVEit breach

  Progress Software is facing an investigation from the SEC for the breach of its MOVEit tool, as well as dozens of legal battles resulting from the exfiltration of personal data from the roughly 2,000 organisations affected