News

IT security

• December 06, 2019 06 Dec'19

  Dutch government must facilitate and coordinate a broad eID system

  The Dutch government should push for an electronic ID system for its citizens that works across the public and private sectors, according to a report

• December 06, 2019 06 Dec'19

  Cyber security takes its place alongside UK’s armed services

  Head of armed services says cyber security will take its place alongside the army, navy and air force as a key pillar of the UK’s defence strategy

• December 06, 2019 06 Dec'19

  Great Cannon DDoS operation fires on Hong Kong protesters

  AT&T’s security unit has evidence that China is pressing its Great Cannon DDoS tool into service once again, specifically to target pro-democracy protests in Hong Kong

• December 05, 2019 05 Dec'19

  Two Russians indicted over Dridex and Zeus malware

  The US Department of Justice has indicted two Russian citizens over their alleged role in the distribution of the virulent Bugat, or Dridex, and Zeus banking trojans

• December 05, 2019 05 Dec'19

  Cyber Girls First volunteers encourage girls to think high-tech

  More than 80 schoolgirls spent a day learning about computer hackers and rocket science – Cyber Girls First hopes they will become the next generation of technologists

• December 05, 2019 05 Dec'19

  Black Hat Europe: Mental health websites are leaking user data

  At Black Hat Europe in London, researchers reveal the extent to which confidential data is being leaked to third parties by online mental health websites

• December 05, 2019 05 Dec'19

  Aviatrix VPN vulnerability left user endpoints wide open

  Immersive Labs has disclosed a serious vulnerability in VPN supplier Aviatrix’s enterprise client that could have granted hackers elevated user privileges across enterprise targets

• December 05, 2019 05 Dec'19

  Hackers primed to exploit 5G to Wi-Fi handover flaws

  Warning that attackers will find new vulnerabilities to access voice and data on 5G mobile phones as carriers hand off calls and data to Wi-Fi networks to save bandwidth

• December 04, 2019 04 Dec'19

  RMIT to tackle cyber security challenges

  Australia’s Royal Melbourne Institute of Technology has teamed up with Amazon Web Services to launch a Cloud Innovation Centre to solve cyber security challenges

• December 04, 2019 04 Dec'19

  Black Hat Europe: Red teams and blue teams must evolve in the 2020s

  The red team versus blue team dichotomy is somewhat arbitrary and risks pigeonholing skilled security professionals into certain roles, says Facebook’s Amanda Rousseau

• December 03, 2019 03 Dec'19

  General Election 2019: Which manifesto is best for the UK’s tech sector?

  Computer Weekly breaks down each political party’s technology policies ahead of the upcoming General Election to see how they compare

• December 03, 2019 03 Dec'19

  Survey finds most firms don’t respond to GDPR requests in time

  Most organisations do not respond to requests for GDPR data in the one month allowed, while many return incorrect data. The education sector does best, but the public sector lags behind

• December 03, 2019 03 Dec'19

  Biometrics to enable $2.5tn of mobile payments by 2024

  Juniper Research study predicts that biometric technology will be present on 90% of smartphones in five years’ time

• December 03, 2019 03 Dec'19

  Tenable buys Indegy to integrate IT and OT security

  Acquisition of industrial security specialist Indegy will create a unified, risk-based platform spanning both IT and OT security for Tenable

• December 03, 2019 03 Dec'19

  Chinese web users take more risks than Brits or Americans

  A research paper published by the University of Birmingham seems to show that differences in cultural values have an impact both on risky behaviour online and legal regulation

• December 02, 2019 02 Dec'19

  Top Android apps at risk from StrandHogg vulnerability

  Researchers at Promon say all of the 500 most-downloaded Android apps are at risk from a newly discovered vulnerability

• November 29, 2019 29 Nov'19

  Cyber criminal RAT busted by cops

  Police forces around the UK have arrested nine people as part of an international operation targeting users of a remote access trojan

• November 29, 2019 29 Nov'19

  TfL locks down Oyster accounts to ward off credential stuffing

  Mandatory password reset for all travellers who use Oyster and contactless payment systems follows minor breach incident earlier in 2019

• November 29, 2019 29 Nov'19

  Hack Friday: This Christmas, fight back against cyber criminals

  It’s nearly Christmas, and cyber attacks and fraud attempts in the retail sector are ramping up. Is it time to panic? And is there anything we can do beyond hammering home the message around basic cyber security hygiene?

• November 28, 2019 28 Nov'19

  The Security Interviews: Do cyber weapons need a Geneva Convention?

  On a cold afternoon in Finland, F-Secure’s Mikko Hypponen discusses cyber weapons and nation state threats, and explains why arms limitations treaties might one day expand to include malware and other threats

• November 28, 2019 28 Nov'19

  Australia’s Fenner Dunlop ditches tape backups for cloud

  Australian manufacturer of conveyor belts Fenner Dunlop has freed up its IT staff to focus on future projects by moving tape backups to the cloud

• November 28, 2019 28 Nov'19

  Top APAC security predictions for 2020

  More attacks on critical infrastructure, supply chain vulnerabilities and file-less attacks are some of the security threats that enterprises should keep an eye on next year

• November 27, 2019 27 Nov'19

  Security skills gap will take a decade to fill

  The British education systems cannot move fast enough to address the security skills crisis, and in the absence of government action increased reliance on automation may be the least worst solution

• November 26, 2019 26 Nov'19

  Enterprises muddled over cloud security responsibilities

  A McAfee study suggests that 2020 will be a big year for cloud adoption, but confusion still persists over who is responsible for securing it

• November 26, 2019 26 Nov'19

  Facebook undermined rivals in bid to dominate global messaging

  Facebook used buyouts and bullying tactics towards competitors to grow its business empire, documents leaked to Computer Weekly reveal

• November 25, 2019 25 Nov'19

  General Election 2019: The Conservatives’ technology policies and digital plans

  With the UK gearing up for its third general election in four years, Computer Weekly outlines the Conservative and Unionist Party’s main technology policies and digital plans, as laid out in its manifesto

• November 25, 2019 25 Nov'19

  AI may open dangerous new frontiers in geopolitics

  Truly artificial intelligence has the potential to provoke an international geopolitical crisis, warns F-Secure’s Mikko Hypponen

• November 25, 2019 25 Nov'19

  Uber app exploit posed safety risk to passengers

  A flaw in Uber’s system meant thousands of trips in London were taken with unauthorised drivers at the wheel

• November 25, 2019 25 Nov'19

  Tim Berners-Lee launches nine principles for the web

  Inventor of the worldwide web sets out Contract for the Web to protect its freedom, data privacy and access for all

• November 25, 2019 25 Nov'19

  Conservatives propose national cyber crime force

  Manifesto also says Tories would “empower the police to safely use new technologies like biometrics and artificial intelligence, along with the use of DNA, within a strict legal framework”

• November 22, 2019 22 Nov'19

  Mystery surrounds leak of four billion user records

  Threat researchers uncover four billion user records on a wide-open Elasticsearch server but who left them there is a mystery

• November 22, 2019 22 Nov'19

  IT chiefs recognise the risks of artificial intelligence bias

  Artificial intelligence promises to change the way businesses operate. IT leaders are now taking bias in AI algorithms seriously

• November 22, 2019 22 Nov'19

  Some 29,000 UK web domains suspended for criminal activity

  Domain suspensions for criminal activity over the past year has dropped for the first time since 2014

• November 22, 2019 22 Nov'19

  Druva eyes data protection for IoT workloads

  Cloud data protection software supplier Druva is looking at a comprehensive platform that will protect data generated by IoT workloads

• November 21, 2019 21 Nov'19

  Labour pledges review of NCSC in UK security overhaul

  The UK's National Cyber Security Centre may get expanded powers under a Labour government

• November 21, 2019 21 Nov'19

  British Airways cancels flights due to technical issue

  British Airways customers are suffering delays and cancellations as a result as a technical issue

• November 21, 2019 21 Nov'19

  F-Secure’s Blackfin challenges perceptions of how AIs think

  New research project aims to develop adaptive, autonomous and collaborative AI agents, and challenges the notion that machine intelligence should merely mimic human intelligence

• November 21, 2019 21 Nov'19

  How Nicigas is disrupting Japan’s gas market with IoT

  Japanese energy retailer Nicigas is deploying 850,000 IoT devices to convert traditional gas meters into smart meters to unlock consumption data amid efforts to shake up the utilities industry

• November 20, 2019 20 Nov'19

  Senators raise questions over Facebook’s monitoring of phone users’ locations

  After Facebook publishes a blog post with conflicting statements, two US senators ask for clarification on how the company collects location data from its users

• November 20, 2019 20 Nov'19

  Mimecast blocked 99 billion suspicious emails in third quarter

  Latest threat intelligence report reveals the scale of the threat posed by malicious emails, with the transport, legal and financial sectors hit hardest

• November 20, 2019 20 Nov'19

  Massive increase in fraud attacks on TSB customers during IT meltdown

  There was a massive spike in attempts by fraudsters to steal from TSB customers when the bank’s IT systems failed in 2018

• November 20, 2019 20 Nov'19

  Conservatives slammed over social media trickery

  The Conservative Party has been caught spreading online disinformation during the General Election campaign for a second time

• November 20, 2019 20 Nov'19

  Carbon Black to open Australia datacentre in 2020

  Australia datacentre comes on the heels of VMware’s acquisition of Carbon Black and will serve organisations with data sovereignty requirements

• November 19, 2019 19 Nov'19

  Public sector risks downplayed by senior IT leaders

  Sophos reveals a significant cyber security perception gap between senior IT and security leaders in the public sector and their front-line teams

• November 19, 2019 19 Nov'19

  Macy’s Magecart breach presages Christmas fraud spike

  US retailer Macy’s admits some customer data was accessed by unknown actors during a week-long Magecart attack

• November 19, 2019 19 Nov'19

  Anti-stalkerware coalition calls time on intrusive abusers

  New coalition plans to tackle the scourge of stalkerware as a tool of domestic and other forms of abuse

• November 19, 2019 19 Nov'19

  Businesses failing to wipe data from old endpoints

  Organisations are not taking adequate precautions to sanitise data held on endpoints when refreshing their PC or mobile device estates

• November 19, 2019 19 Nov'19

  Huawei shrugs off latest US reprieve

  Chinese tech giant dismisses the latest extension of the US Temporary General Licence and maintains that the US government is harming its own interests in banning it

• November 19, 2019 19 Nov'19

  Managed services fuelling APAC security market

  Spending on managed security services will account for almost half of Asia-Pacific’s cyber security market by 2023, as global and local providers shore up their offerings in the region

• November 18, 2019 18 Nov'19

  Microsoft increases data protection for enterprises following Dutch MoJ audit

  Last year’s audit by the Dutch Ministry of Justice and Security got the attention of the European Data Protection Supervisor. Now Microsoft has reacted

• November 15, 2019 15 Nov'19

  Notorious hackers claim responsibility for Labour DDoS

  Hackers claiming to represent Lizard Squad say they were behind a distributed denial of service attack on the UK’s Labour Party

• November 14, 2019 14 Nov'19

  Home Office Brexit app contains multiple security flaws

  The Home Office’s Brexit app may be putting EU citizens’ personal data at risk

• November 14, 2019 14 Nov'19

  Cyber criminals tool up for Christmas fraud season

  Organised criminals are trying to cash in on the festive retail boom with both brand new and tried-and-tested techniques

• November 13, 2019 13 Nov'19

  11 new 5G hacks enable user device tracking and monitoring

  Researchers at Purdue University and the University of Iowa publish details of several new 5G mobile network vulnerabilities

• November 13, 2019 13 Nov'19

  Business leaders fibbing to cover up lax security posture

  Nominet study finds evidence that many businesses tout the robustness of their security posture as a selling point even though their security teams lack confidence in themselves

• November 13, 2019 13 Nov'19

  Finnish biometric identity plans for seamless air travel

  Finnair and Finavia explore options for automatic digital identification and authentication of air travellers

• November 13, 2019 13 Nov'19

  Attack on Labour shows need for DDoS defence but should alarm few

  After being hit by two DDoS attacks in the space of 24 hours, many commentators are convinced the UK’s Labour Party is the victim of foreign interference in the General Election campaign. It probably isn’t

• November 13, 2019 13 Nov'19

  Business must engage with consumers to boost AI

  Artificial intelligence is set to become a core part of business, but to get the most from it, enterprises need to engage with consumers to focus personalisation

• November 13, 2019 13 Nov'19

  Cyber risk insurance is more than just insurance

  Insurance companies such as Chubb are offering incident response services and security tools to help companies improve their cyber security posture and better cope with cyber attacks

• November 12, 2019 12 Nov'19

  Nordic SMEs lack the money needed for cyber security

  Businesses and governments in Denmark and Norway are working together to address a cyber security shortfall for SMEs in each country

• November 12, 2019 12 Nov'19

  PCI DSS payment security compliance drops again

  Worldwide, barely one-third of companies are maintaining full compliance with the PCI DSS security standard – and the numbers are falling

• November 12, 2019 12 Nov'19

  ‘Robust’ security foils cyber attack on Labour Party

  Labour claims to have been the victim of a cyber attack, but says it is confident no data leaked

• November 12, 2019 12 Nov'19

  Shared responsibility model key to solving 5G security problem

  Both buyers and sellers need to cooperate to solve the thorny issues around 5G security

• November 12, 2019 12 Nov'19

  IBM drums up quantum computing future

  IBM’s head honcho, Ginni Rometty, welcomes Australia’s Woodside Energy to the quantum computing fold through a partnership to harness the technology to shore up cyber security and plant operations

• November 11, 2019 11 Nov'19

  Australia’s productivity woes pinned on poor employee experience

  Research by Ricoh suggests that the lukewarm view of employee experience among IT leaders is part of the reason for Australia’s declining productivity

• November 08, 2019 08 Nov'19

  Security pros urged to get ahead of incoming BlueKeep exploits

  The BlueKeep RDP vulnerability is beginning to be exploited in the wild, and security teams have no excuse for not trying to get in front of it, says Microsoft

• November 08, 2019 08 Nov'19

  Morrisons in new appeal over data breach fine

  The Supreme Court has heard an appeal from retailer Morrisons as it attempts to overturn prior judgments holding it liable for a 2014 leak of employee data

• November 07, 2019 07 Nov'19

  Amazon Ring video doorbell flaw left users open to attack

  A vulnerability in Amazon’s Ring video doorbells left the internet-of-things devices open to a variety of attacks

• November 07, 2019 07 Nov'19

  Saudis recruited Twitter employees to spy on critics

  Court documents reveal how the Saudi Arabian government targeted Twitter employees as part of a coordinated effort to gather information on known dissidents

• November 06, 2019 06 Nov'19

  Trend Micro insider breach exposes need for data-centric protection

  Simple measures could have saved consumer security product supplier from insider breach

• November 06, 2019 06 Nov'19

  How Facebook’s ‘Switcheroo’ plan concealed scheme to kill popular apps

  Leaked documents reveal how Facebook used and abused app developers, cut off data to competitors, gave privileged access to its friends and used privacy as a cover story

• November 06, 2019 06 Nov'19

  Global security workforce must more than double to meet demand

  There are about 2.8 million cyber security professionals working today, and the world needs four million more

• November 06, 2019 06 Nov'19

  Professional cyber criminals command $75k per annum

  An ill-advised career in cyber crime is potentially almost as well-paying as a job as a threat researcher in the industry, according to Tenable researchers

• November 06, 2019 06 Nov'19

  Lawmakers study leaked Facebook documents made public today

  Computer Weekly publishes cache of leaked documents disclosed to Congress

• November 06, 2019 06 Nov'19

  Huawei: 5G growth will be maintained with or without US tech supply

  Huawei dismisses US tech sabre-rattling and claims it will continue robust business growth in 5G with or without US suppliers

• November 05, 2019 05 Nov'19

  Ransomware authors seeking new ways to avoid being spotted

  Sector analysis from Sophos has revealed some insight into how malware authors are adapting to thwart cyber security controls

• November 05, 2019 05 Nov'19

  ICO launches data security campaign for UK General Election

  Information commissioner Elizabeth Denham launches campaign to remind the public of their rights when personal data is used for political purposes

• November 05, 2019 05 Nov'19

  Gartner: The time is right to make IT a boardroom issue

  In many businesses, IT is regarded as an internal service provider and cost centre. Gartner says now is the best time for CIOs to make IT strategic

• November 04, 2019 04 Nov'19

  Sumo Logic buys into cloud security software market

  Jask’s cloud-native autonomous security operations software will be integrated into Sumo Logic’s intelligence platform

• November 04, 2019 04 Nov'19

  EU patches 20-year-old open source vulnerability

  Ethical hackers taking part in a bug bounty programme on behalf of the European Union have uncovered a 20-year-old vulnerability

• November 01, 2019 01 Nov'19

  General Election sees UK government defer ‘high-risk’ 5G tech supplier review

  Decision on allowing so-called high-risk suppliers access to the UK’s market for 5G infrastructure delayed due to 12 December poll

• November 01, 2019 01 Nov'19

  CIO must focus on easing data access to help data scientists build models more quickly

  Data scientists struggle to get the right data in the right format to build artificial intelligence models, so to benefit from AI, CIOs will need to simplify data access

• November 01, 2019 01 Nov'19

  Banks let customers down with mixed approaches to security

  Treasury Committee report recommends new measures to tackle financial fraud

• October 31, 2019 31 Oct'19

  Facebook agrees to pay £500,000 fine over Cambridge Analytica data law breaches

  Social media giant also promises to change the way its platform is used to protect people’s data

• October 31, 2019 31 Oct'19

  Alibaba Cloud earns security credentials in automotive and healthcare sectors

  Alibaba Cloud’s compliance with Tisax and GxP follows earlier efforts by major public cloud suppliers to win over enterprises with strict data protection and security rules

• October 30, 2019 30 Oct'19

  What will succeed the National Cyber Security Strategy?

  As the National Cyber Security Strategy nears the end of its working life, the government is considering what comes next, and is asking probing questions of its successes and failures

• October 29, 2019 29 Oct'19

  NordVPN enlists ethical hackers, launches bug bounty programme

  Breached consumer VPN supplier details steps it is taking to shore up its cyber security posture after an unknown actor gained access to one of its servers

• October 29, 2019 29 Oct'19

  Fancy Bear resumes Olympic hacks ahead of Tokyo games

  Fancy Bear is back in action and once again targeting anti-doping bodies and sporting organisations, warns Microsoft

• October 28, 2019 28 Oct'19

  Windows 7 upgrade haunts health service tech vision

  Windows 7 issues at the NHS are making headlines, 15 months after the release of the review of how legacy IT was exploited by the WannaCry attack

• October 24, 2019 24 Oct'19

  Know Fraud database became backlog dump

  Reports to Action Fraud handled by City of London Police’s National Fraud Intelligence Bureau were quarantined as security risk, finds HM’s Inspectorate of Constabulary and Fire and Rescue Services

• October 24, 2019 24 Oct'19

  Endpoint security is a procurement issue, says HP, IDC study

  Report warns that buyers are falling at the first hurdle on security by not including it in their endpoint RFPs and tenders

• October 24, 2019 24 Oct'19

  £4,000 bug bounty could have saved BA from record ICO fine

  British Airways and others could have saved themselves millions of pounds’ worth of fines by having ethical hackers check their systems for simple vulnerabilities

• October 23, 2019 23 Oct'19

  Take responsibility for cyber security basics, urges NCSC CEO

  At the launch of its third annual review, NCSC head Ciaran Martin appealed for individuals and businesses to address the fundamentals of cyber security hygiene to help lighten the load

• October 22, 2019 22 Oct'19

  Banks move to contain impact of Samsung biometric flaw

  NatWest and Nationwide have moved to lock down their mobile banking apps after Samsung warned of a biometric security flaw on its Galaxy and Note S10 devices

• October 22, 2019 22 Oct'19

  Brexit: Withdrawal agreement lists EU IT data link beyond transition

  Document lists system-to-system IT and network connectivity that will be required after the UK leaves the European Union

• October 22, 2019 22 Oct'19

  NordVPN blames datacentre provider for server breach

  VPN provider insists no user data was compromised in a March 2018 server breach, and says its datacentre provider failed to inform it of the issue

• October 22, 2019 22 Oct'19

  Malware volumes decline, but risks are higher

  More insidious and targeted strains of malware are going after high-quality targets, rather than a large volume of targets

• October 22, 2019 22 Oct'19

  Attacker hit VPN firm Avast through its VPN

  Avast has published details of how attackers attempted to gain access to its network over a five month period

• October 22, 2019 22 Oct'19

  Over-30s tend to do better at cyber security than younger colleagues

  Attitudes to workplace cyber security differ by age group, but not in the way one might imagine, according to a new study by NTT Security

• October 21, 2019 21 Oct'19

  Equifax lawsuit offers more evidence against passwords

  Equifax’s internal security policies were a mess and directly led to one of the largest recorded data breaches in history, according to a lawsuit, demonstrating fundamental insecurities inherent in the use of passwords