News
IT supplier relationship management
-
November 06, 2023
06
Nov'23
Shadow IT use at Okta behind series of damaging breaches
Okta now believes the initial access vector in a series of damaging breaches was one of its own employees who used a corporate device to sign into their personal Google account
-
October 31, 2023
31
Oct'23
SEC sues SolarWinds, alleging serious security failures
SolarWinds and its CISO have been charged with fraud and internal control failures by the US authorities amid allegations of a series of cyber security failings leading up to the 2020 Sunburst attacks
-
October 30, 2023
30
Oct'23
UK government AI Summit already branded ‘missed opportunity’
The dominance of big tech firms, a focus on speculative risks over real-world harms, and the exclusion of affected workers, mean the AI Safety Summit is a wasted opportunity, say civil society groups
-
October 27, 2023
27
Oct'23
Google launches bug bounties for generative AI attack scenarios
Google expands its bug bounty programme to encompass generative AI and takes steps to grow its commitment to supply chain security as it relates to the emerging technology
-
October 26, 2023
26
Oct'23
Exploitation of Citrix NetScaler vulns reaching dangerous levels
Observed activity exploiting two new Citrix NetScaler vulnerabilities disclosed earlier this month is ramping up, and users may be running out of time to patch lest they be attacked
-
October 25, 2023
25
Oct'23
Copilots, AI and Azure drive Microsoft revenue growth
AI dominated the Microsoft’s latest quarterly earnings. Copilot trials are being run by 40% of the Fortune 100
-
October 25, 2023
25
Oct'23
1Password caught up in Okta support breach
After breaches at BeyondTrust and Cloudflare, 1Password, a third customer of Okta operating in the same space, has revealed that it too was impacted in a breach of the IAM house’s support systems
-
October 24, 2023
24
Oct'23
Cisco hackers likely taking steps to avoid identification
Cisco confirms that a drop in detections of devices compromised by two zero-days was likely the result of reactive measures taken by the threat actors to avoid discovery
-
October 24, 2023
24
Oct'23
Customers speak out over Okta’s response to latest breach
Customers of identity specialist Okta have been attacked via a compromise of its systems, and are claiming Okta’s response leaves something to be desired
-
October 23, 2023
23
Oct'23
Dell updates PowerStore, PowerMax and PowerFlex storage
Dell storage upgrades include improved AIOps, lower energy usage, real-time HA failover, seamless hardware replacement, and enhancements to take advantage of DPU acceleration
-
October 23, 2023
23
Oct'23
Cisco pushes update to stop exploitation of two IOS XE zero-days
Cisco releases updates to thwart exploitation of two flaws affecting users of its IOS XE software
-
October 19, 2023
19
Oct'23
Fears grow over extent of Cisco IOS XE zero-day
Researchers have identified spiking numbers of victims of a recently disclosed Cisco zero-day, as users of the networking supplier’s IOS XE software are urged to take defensive measures
-
October 19, 2023
19
Oct'23
Scality gets a jump with VMware Cloud Director integration
S3-compliant object storage specialist will use new OSIS integration with VMware’s cloud management tool to target service providers that want to deliver regional cloud offers
-
October 18, 2023
18
Oct'23
Former Post Office executive admits he wouldn’t sign unfair contract he pushed on subpostmasters
Former contract manager said contract that subpostmasters had to sign with Post Office “put them on the hook” for everything
-
October 17, 2023
17
Oct'23
Five Eyes issues five tips on thwarting nation state threats
Intelligence chiefs from the UK, Australia, Canada, New Zealand and the US have published guidance on building resilience against nation state cyber threats
-
October 13, 2023
13
Oct'23
US SEC launches probe into mass MOVEit breach
Progress Software is facing an investigation from the SEC for the breach of its MOVEit tool, as well as dozens of legal battles resulting from the exfiltration of personal data from the roughly 2,000 organisations affected
-
October 13, 2023
13
Oct'23
‘Angry’ lawyer warned against Post Office computer investigation in 2010 email
Angered by his exclusion from an important discussion, former Royal Mail lawyer told colleagues of the risks to the Post Office if, as planned, they publicly investigate allegations against its computer system
-
October 12, 2023
12
Oct'23
Scottish biometrics watchdog outlines police cloud concerns
Police Scotland’s response to the biometrics commissioner’s formal information notice ‘did not ameliorate’ his concerns about the sovereignty and security of the sensitive biometric information being uploaded to cloud infrastructure that is subject ...
-
October 11, 2023
11
Oct'23
Public sector buyers of AI tech must interrogate its suitability
The Ada Lovelace Institute has published a review on public sector use of artificial intelligence foundation models, looking at the risks and opportunities associated with the technology, and how these can be dealt with from the early stages of ...
-
October 10, 2023
10
Oct'23
Canalys sees glimmer of hope in PC sector
The PC industry experienced another quarter of decline, but the outlook is more promising
-
October 05, 2023
05
Oct'23
Microsoft: Nation-state cyber espionage on rise in 2023
Microsoft’s latest Digital Defence Report outlines how nation-state cyber activity has largely moved from destructive attacks to espionage and intelligence gathering
-
October 04, 2023
04
Oct'23
ICO issues guidance on workplace surveillance
Guidance on employee monitoring covers how employers can conduct their digital surveillance lawfully, transparently and fairly, and warns against businesses intruding on their workers’ private lives
-
October 03, 2023
03
Oct'23
Cyber experts urge EU to rethink vulnerability disclosure plans
The European Union’s proposed cyber security vulnerability disclosure measures are well-intentioned but ultimately counterproductive, as making unmitigated vulnerabilities public knowledge increases the risk of their exploitation by various actors, ...
-
October 03, 2023
03
Oct'23
Amnesia hides names of individuals behind Post Office’s ‘head on a spike’ strategy
Former Post Office lawyer deflects individual responsibility for a strategy that crushed subpostmasters, blaming the organisation as a whole
-
October 03, 2023
03
Oct'23
Public sector needs systemic reform of capacity to innovate
Improving the public sector’s capacity to innovate requires a culture of innovation underpinned by people, skills and new ways of working with the private sector
-
September 29, 2023
29
Sep'23
First subpostmaster Horizon conviction overturned in Scotland
Scotland has seen its first Post Office Horizon conviction overturned, taking the UK total to 92
-
September 29, 2023
29
Sep'23
Government ‘breached privacy’ of Horizon victims with compensation offer, says lawyer
The government breached the privacy of victims of the Post Office Horizon scandal through making a compensation offer public
-
September 29, 2023
29
Sep'23
Scottish watchdog urges wider biometric oversight
Scotland’s biometrics watchdog urges Scottish Parliament to extend oversight of biometric information to include the entire criminal justice system, not just police
-
September 28, 2023
28
Sep'23
Businesses disconnected from realities of API security
Business leaders feel confident they’ve got a handle on API security, but at the same time, incidents are through the roof, according to a report
-
September 27, 2023
27
Sep'23
Five more subpostmasters have IT system-related convictions overturned
Over 90 former subpostmasters have so far seen wrongful convictions overturned since it was proved that software errors were to blame for accounting shortfalls
-
September 27, 2023
27
Sep'23
City of Las Vegas masters cyber incident response with Darktrace
The high-rolling city of Las Vegas experiences unique cyber security challenges rarely seen elsewhere. CIO Mike Sherwood reveals how he turned to Darktrace to help address incidents quicker and with confidence
-
September 22, 2023
22
Sep'23
UK-US data bridge to open to traffic on 12 October
Government forges ahead with the implementation of the UK-US data bridge, which will come into effect for real just under three weeks from now
-
September 22, 2023
22
Sep'23
Cyber experts set out plan to secure future US elections
A group of experts are setting out to enhance election cyber security in the United States, and restore public faith in a process tainted by interference and misinformation in the past
-
September 19, 2023
19
Sep'23
New revelations from the Snowden archive surface
A decade after Snowden exposed NSA’s mass surveillance in cooperation with the British GCHQ, only about 1% of the documents have been published – but three major facts can finally be revealed thanks to a doctoral thesis in applied cryptography by ...
-
September 19, 2023
19
Sep'23
Post Office employee changed story for witness statement used to destroy subpostmaster
Post Office inquiry hears how an auditor changed her story about a subpostmaster to help win court battle
-
September 18, 2023
18
Sep'23
Government offers £600,000 to subpostmasters with overturned convictions
Subpostmasters wrongfully convicted of financial crimes based on evidence from faulty Horizon software will be offered £600,000 compensation by government
-
September 15, 2023
15
Sep'23
Las Vegas mainstay Caesars Palace likely paid off ransomware crew
Caesars Entertainment, owner of the lavish Roman Empire-themed Caesars Palace casino in Las Vegas, has revealed it also suffered a ransomware attack, and appears to have paid off its hackers
-
September 15, 2023
15
Sep'23
Manchester police data breach a classic supply chain incident
The developing data breach at Greater Manchester Police follows a cyber attack on the systems of a key supplier of ID services to the force
-
September 14, 2023
14
Sep'23
Data on over 3,000 Airbus suppliers leaked after breach
An emergent threat actor has leaked details of multiple sensitive Airbus suppliers after claiming to have accessed the firm’s systems having hacked customer Turkish Airlines
-
September 14, 2023
14
Sep'23
As vehicle safety regulations loom, carmakers fret over cyber risks
Global, UN-backed car safety and security regulations come into force next year, and automotive bosses say they are not only unprepared, but “swamped” by a tide of compliance and security risks
-
September 13, 2023
13
Sep'23
GitHub fixes race condition that could have led to ‘repojacking’
A subtle flaw in how GitHub handled repository creation and user renaming could have had serious consequences for the open source community, but has now been fixed. Learn more about how it worked
-
September 13, 2023
13
Sep'23
Patch Tuesday: Microsoft fixes zero-days in Word and Streaming Service
September 2023 brings a light Patch Tuesday, with two zero-days and five critical vulnerabilities listed in the latest release
-
September 12, 2023
12
Sep'23
IT spending in Australia to grow 7.8% in 2024
The growth will be led by investments in cyber security, cloud, analytics and application modernisation as Australian CIOs look to improve cost and operational efficiencies
-
September 11, 2023
11
Sep'23
Salesforce and Zoom embrace ethical hackers. You should, too
Software companies Salesforce and Zoom discuss their successful bug bounty programmes, what they learned at a recent in-person hackathon in which they participated, and why others shouldn’t be scared of hackers
-
September 08, 2023
08
Sep'23
HGS to provide contact centre support for One Login
The partnership between the Government Digital Service and Hinduja Global Solutions will see the supplier provide contact centre services for the digital identity platform
-
September 06, 2023
06
Sep'23
Okta customers targeted in new wave of social engineering attacks
Authentication specialist Okta has warned customers to be on alert for a campaign of social engineering attacks exploiting highly privileged users
-
September 05, 2023
05
Sep'23
Ryder Cup testbed to feature tech firsts in Rome
This year’s Ryder Cup will test out technology to improve how fans digitally consume the event while reducing the workload on IT teams
-
September 04, 2023
04
Sep'23
LockBit ransomware gang allegedly leaks MoD data after hit on supplier
The UK government appears to have become entangled in a LockBit ransomware attack after data was leaked from a third-party supplier online
-
September 01, 2023
01
Sep'23
Police Scotland five-year digital strategy approved
Police Scotland’s new strategy outlines how the force will approach and invest in its digital transformation over the next five years, but notes its ability to achieve its ambitions is subject to the availability of funding
-
September 01, 2023
01
Sep'23
Threat actors exploiting unpatched Juniper Networks devices
A series of vulnerabilities in Juniper Networks firewalls and switches appear to be being exploited in the wild to enable remote code execution, with thousands of devices thought to be exposed