News

Identity and access management products

• November 25, 2021 25 Nov'21

  UK consumers warned of increase in credit card application fraud

  There has been a sharp rise in fraudsters using stolen personal details to open credit card accounts

• November 24, 2021 24 Nov'21

  Police tech introduced with little scrutiny or training

  A Lords inquiry into the adoption of advanced algorithmic technologies by police in England and Wales has been told that new tools are being introduced without proper training and with little scrutiny of their impacts

• November 22, 2021 22 Nov'21

  Black Friday cyber warning for 4,000 card-skimming victims

  NCSC warns thousands of small retailers that their websites are being exploited to steal customer data

• November 19, 2021 19 Nov'21

  Why is Emotet back, and should we be worried about it?

  The sudden reappearance of Emotet this week has security teams on high alert, but do we need to be worried about its return, and what should we be doing about it?

• November 17, 2021 17 Nov'21

  Security startups line up on Cyber Runway

  Some 108 cyber security startups representing the UK’s most cutting-edge innovators are to join Plexal’s Cyber Runway accelerator

• November 15, 2021 15 Nov'21

  UK government proposes new rules for digital supply chain security

  Proposals could see IT service providers legally required to adhere to the NCSC’s Cyber Assessment Framework, among other things

• November 12, 2021 12 Nov'21

  New law needed to rein in AI-powered workplace surveillance

  MPs and peers call for new legislation to regulate the growing use of artificial intelligence in the workplace, which is being used to surveil workers’ performance and behaviour

• November 12, 2021 12 Nov'21

  Oversight of biometrics and surveillance should not go to ICO

  Biometrics and surveillance camera commissioner Fraser Sampson has panned the UK government’s proposed plan to absorb the functions of those roles under the remit of the information commissioner

• November 11, 2021 11 Nov'21

  HPE’s Aruba networking unit hit by cyber attack

  Undisclosed threat actor compromised data buckets used to run the Aruba Central cloud environment using a stolen access key

• November 11, 2021 11 Nov'21

  Finance ombudsman overturns more than three-quarters of bank decisions on APP fraud

  The financial services ombudsman is siding with customers in over 75% of complaints against banks that refuse to repay losses to authorised push payment fraud

• November 11, 2021 11 Nov'21

  Bank of England loses 161 computing devices in three years

  Bank cannot account for phones, laptops and tablets that have gone missing over the past three years

• November 09, 2021 09 Nov'21

  Yoti develops age estimation algorithm for under-13s

  Age estimation technology developed by Yoti is being pitched as a way of helping social media platforms and other online businesses protect younger internet users from harm

• November 08, 2021 08 Nov'21

  How cosmetics retailer Lush made over its approach to authentication

  Evolving approaches to IT at cosmetics retailer Lush meant the organisation’s previous approach to authentication was no longer up to scratch. Find out how it overcame this hurdle

• November 04, 2021 04 Nov'21

  The Netherlands works on resilience with large-scale national cyber exercise

  For the Netherlands, the biggest challenge in a large-scale cyber crisis is to maintain speed while exercising due care

• November 03, 2021 03 Nov'21

  Facebook self-imposes facial recognition moratorium

  Facebook and Meta have committed to halting their use of facial recognition technology and deleting the biometric data of more than a billion people by the end of 2021, but will retain the underlying algorithms and software for potential use in ...

• October 29, 2021 29 Oct'21

  GDS secures up to £400m funding for One Login digital identity project

  HM Treasury agrees to spending review bid from Cabinet Office to create the new single sign-on system for government over the next three years

• October 27, 2021 27 Oct'21

  Government commits millions to security investment

  Spending Review adds more than £750m of funding to improve cyber security resilience across government

• October 26, 2021 26 Oct'21

  Cyber experts on how to nobble a Nobelium attack

  A recent spate of attempted Nobelium cyber attacks were mostly unsuccessful, but serve as a reminder to pay attention to some more fundamental aspects of security

• October 25, 2021 25 Oct'21

  Attempted hack causes Tesco website outage

  Retailer’s website and app back after attempted hack caused problems over the weekend

• October 21, 2021 21 Oct'21

  APAC organisations warm to zero trust

  Two-thirds of APAC organisations have a zero-trust strategy even as they grapple with the lack of skills and other organisational challenges, study finds

• October 20, 2021 20 Oct'21

  US intelligence agencies issue advisory on BlackMatter gang

  Joint advisory on ransomware gang warns about potential of further attacks on critical infrastructure providers

• October 14, 2021 14 Oct'21

  NHS Digital enhances in-house cyber awareness drive

  Keep IT Confidential campaign aims to help NHS staff understand more about security threats and learn how to reduce risk

• October 14, 2021 14 Oct'21

  Generation Novel hybrid workers bring new demands and risks

  Aruba survey warns business leaders that they must strike a balance between flexibility and security to address risky behaviours and evolving expectations of today’s tech-savvy workforce

• October 13, 2021 13 Oct'21

  FCA warns over future hybrid working security risks

  Earlier this week, the Financial Conduct Authority issued fresh guidance to regulated organisations on keeping hybrid workers safe and secure

• October 12, 2021 12 Oct'21

  Ban UK police use of facial-recognition, House of Lords told

  Experts giving evidence to the House of Lords have said that UK police use of facial-recognition technology is disproportionate and ineffective, and further questioned the utility of algorithmic crime ‘prediction’ tools

• October 11, 2021 11 Oct'21

  Sensitive documents to stay with whistleblower after deadline for agreement for their return passes

  A deadllne to agree the safe return of the sensitive banking details of former and current NatWest Group customers has passed without agreement

• October 08, 2021 08 Oct'21

  Craft beer specialist Brewdog fixes serious app vulnerability

  Vulnerability in brewer’s mobile app could have resulted in serious consequences for its shareholders and customers

• October 08, 2021 08 Oct'21

  NatWest admits to weaknesses in anti-money laundering systems

  Bank pleads guilty to failures concerning the laundering of hundreds of millions of pounds, but says it has since improved its anti-money laundering systems

• October 07, 2021 07 Oct'21

  Uber faces legal action over ‘racist’ facial verification system

  Two UK-based unions are taking Uber to court, claiming their members have been unfairly dismissed as a result of misidentification by the company’s facial verification system

• October 06, 2021 06 Oct'21

  Gaming service Twitch hacked, data leaked

  Users of livestreaming platform Twitch may be at risk after a 125GB torrent of data was leaked

• October 06, 2021 06 Oct'21

  Auto-enrolment begins for Google multi-factor authentication

  Google has started to turn on multi-factor authentication on consumer accounts by default, and aims to auto-enrol 150 million users by the end of 2021

• October 06, 2021 06 Oct'21

  Israeli Orca to invest in UK cyber scene

  Tel Aviv-headquartered Orca Security wants to set up a new R&D centre in the UK

• October 04, 2021 04 Oct'21

  One Identity buys OneLogin for access management expertise

  Acquisition of OneLogin adds access management solutions to One Identity’s Unified Identity Security platform

• September 30, 2021 30 Sep'21

  UK consumers would collectively pay over £1bn a year for control of their data

  UK consumers are willing to pay a small fee per month to have control of the data they share with Google and Facebook

• September 29, 2021 29 Sep'21

  Dedicated number for victims of fraud launched amid national security threat

  Consumers that suspect they are being targeted by fraudsters can call 159 to be directly linked to their bank, as part of a 12-month pilot

• September 29, 2021 29 Sep'21

  UK consumer trust in banks, retailers and telcos declines as scams increase

  Consumers are blaming banks, retailers and social media for the huge increase in online scams, survey shows

• September 28, 2021 28 Sep'21

  How one red team exercise averted a new SolarWinds-style attack

  Palo Alto Networks shares details of how its red teamers found and sealed a customer vulnerability that could have led to another SolarWinds-style supply chain attack

• September 27, 2021 27 Sep'21

  Uber drivers strike over pay issues and unfair dismissal claims

  Unionised Uber drivers take industrial action in response to ongoing disputes over pay and claims that drivers are being unfairly dismissed as a result of the company’s technologies

• September 23, 2021 23 Sep'21

  Authorised push payment fraud sees huge increase as criminals switch tactics

  Criminals tricking people into making payments through channels such as fake emails and websites have stolen more money than payment card fraudsters

• September 22, 2021 22 Sep'21

  UK government turns to Tim Berners-Lee startup for digital identity plan

  As part of its new digital identity project, the Government Digital Service is using the Solid platform created by web inventor Berners-Lee, which helps users to manage their personal data better

• September 21, 2021 21 Sep'21

  Investigation launched after MoD email blunder

  Exposure of PII on Afghan interpreters who worked with the UK may put hundreds at risk of Taliban reprisals

• September 16, 2021 16 Sep'21

  Dutch education administrators underestimate threat of cyber crime

  Research shows educational establishments in the Netherlands are becoming favoured targets of cyber criminals and administrators are underestimating the risks

• September 16, 2021 16 Sep'21

  European president outlines tech vision to drive Europe

  President of the European Commission has set out plans for a stronger European economy, with less reliance on US and Chinese tech giants

• September 13, 2021 13 Sep'21

  UK government’s new digital identity system to cost up to £400m

  Cabinet Office is seeking £300m-£400m in funding to build its replacement for the failed Gov.uk Verify system, which itself cost over £220m

• September 07, 2021 07 Sep'21

  OT security in APAC remains work in progress

  Two operational technology security experts shed light on the state of OT security in the region, and what’s being done to address skills, competency and organisational challenges

• September 07, 2021 07 Sep'21

  ICO in bid to end cookie pop-ups

  Outgoing information commissioner Elizabeth Denham will call on her equivalents across the G7 group of countries to collaborate on an overhaul of cookie consent pop-ups

• September 06, 2021 06 Sep'21

  How NZ schools are tapping managed network services

  Using managed network services has freed up time and resources for New Zealand school teachers and alleviated the pressure and challenges of maintaining technology infrastructure

• September 02, 2021 02 Sep'21

  How high can the contactless card limit go without two-factor authentication?

  The spending limit for contactless cards has reached an eyebrow-raising triple-digit figure – £100 – raising questions about the need for user authentication

• August 18, 2021 18 Aug'21

  MoD seeks security tech to harden military systems

  The Defence and Security Accelerator has launched a programme to root out technology that will reduce the military’s exposure to cyber attacks

• August 17, 2021 17 Aug'21

  Security Think Tank: Building privacy-preserving apps and platforms

  ISACA’s Gaurav Deep Singh Johar explores how to embed privacy practices into digital platform architecture

• August 13, 2021 13 Aug'21

  Cyber Runway programme supports new security businesses

  The Cyber Runway programme is a government-backed scheme to support entrepreneurs, startups and scaleups in launching and growing new security businesses

• August 13, 2021 13 Aug'21

  Hospitals see cyber security investment as a low priority

  Almost half of hospitals have experienced an IT shutdown as a result of a cyber attack in the past six months, but just over one in 10 hospital executives see cyber security investment as a high priority

• August 11, 2021 11 Aug'21

  Hacker makes off with $600m in world’s largest crypto-heist

  Despite bagging $600m worth of cryptocurrency in what has been described as the biggest decentralised finance hack, the hacker has already started returning the funds

• August 11, 2021 11 Aug'21

  The Netherlands still lacks digital resilience, says report

  Report by National Coordinator for Counterterrorism and Security says the Netherlands’ digital resilience has improved, but is still insufficient

• August 10, 2021 10 Aug'21

  Third of finance firms accelerate use of artificial intelligence to detect money laundering

  Financial services firms are stepping up their use of artificial intelligence and machine learning technology to fight increasing money laundering activity

• August 10, 2021 10 Aug'21

  Dutch lead the way in protecting themselves against internet risks

  Dutch citizens come top in a study on awareness of internet risks in Europe, which showed major differences across the continent

• August 10, 2021 10 Aug'21

  Researchers uncover database with 126 million unsecured records

  Business-to-business marketing firm OneMoreLead was storing tens of millions of records in an unsecured database, exposing at least 63 million people to fraud, identify theft and phishing campaigns

• August 06, 2021 06 Aug'21

  Apple unveils plans to scan US iPhones for child sex abuse images

  Apple will introduce child sexual abuse material detection for US users later this year, but some experts are worried that the technology could be repurposed to scan phones for other kinds of content

• August 05, 2021 05 Aug'21

  11 areas will trial digital identity scheme for residential property sector

  MyIdentity scheme will allow estate agents, conveyancers, solicitors and mortgage providers across 11 locations to trial the use of digital identity to speed up and make home buying more secure

• August 05, 2021 05 Aug'21

  Nine security flaws found in critical hospital infrastructure

  The ‘PwnedPiper’ vulnerabilities identified in systems used by 80% of US hospitals could be used to launch ransomware attacks

• August 05, 2021 05 Aug'21

  Cloud misconfiguration a growing cause of security incidents

  Rapid cloud adoption during the pandemic has increased the attack surface and heightened the risk of misconfiguring services, leaving organisations more vulnerable to cyber attacks

• August 04, 2021 04 Aug'21

  Six Isle of Wight schools hit by ransomware attack

  Authorities are still working to manage the fallout from the attack, which has already forced at least one school to delay the start of the new term in September

• August 04, 2021 04 Aug'21

  Initial access brokers unaffected by ransomware content bans

  Banning ransomware content from cyber crime forums has done little to prevent initial access brokers from advertising their services, with the number of access listings increasing in the second quarter of 2021

• August 04, 2021 04 Aug'21

  Fred IT replaces paper prescriptions with QR codes

  Fred IT’s eRX Script Exchange is now used by 21,000 doctors and 95% of Australian pharmacies, delivering more than 11 million digital prescriptions by July 2021

• August 03, 2021 03 Aug'21

  UK MoD turns to hackers to help secure digital assets

  Hackers given direct access to internal Ministry of Defence systems to identify and report security vulnerabilities

• August 02, 2021 02 Aug'21

  Government publishes second version of digital identity trust framework

  The second iteration of the framework, still in alpha version, sets out how organisations can become certified digital identity service providers

• July 29, 2021 29 Jul'21

  Technical hiccups force Babuk ransomware gang to change tactics

  The Babuk ransomware operation backed away from encrypting its victims’ files, and technical difficulties may be to blame, reports McAfee

• July 19, 2021 19 Jul'21

  Government launches consultation on plans for UK digital identity market

  DCMS wants stakeholders to offer their views on proposals for a new governance regime and expanding access to government-held datasets for identity verification

• July 15, 2021 15 Jul'21

  Privacy Shield: US surveillance law reforms essential for EU-US data, says EU parliamentary study

  EU Committee on Civil Liberties, Justice and Home Affairs study calls for major reforms of US spying laws to enable an EU-US data-sharing agreement to replace Privacy Shield

• July 15, 2021 15 Jul'21

  Singapore to invest S$50m in ‘digital trust’ capabilities

  The Singapore government is pumping in S$50m to bolster research in technologies that will foster digital trust in areas such as privacy protection and identity management

• July 12, 2021 12 Jul'21

  NSW department of education hit by cyber attack

  Australia’s New South Wales department of education takes some systems offline as a precautionary measure in response to a cyber attack last Thursday

• July 06, 2021 06 Jul'21

  Klarna under investigation by Swedish finance watchdog

  Swedish fintech is being investigated by financial services regulator after customer information was visible to others

• July 01, 2021 01 Jul'21

  NCSC joins US authorities to expose Russian brute force campaign

  A joint attribution by the British and American authorities accuses Russia’s GRU intelligence services of conducting a campaign of brute force attacks on enterprise and cloud environments

• July 01, 2021 01 Jul'21

  Nominations open for 2021 Security Serious Unsung Heroes Awards

  Nominations are now open for this year’s edition of the Unsung Heroes Awards for cyber professionals and educators

• June 22, 2021 22 Jun'21

  Innova and RISE drive node development in Sweden

  Swedish cyber security project, National Node, opens its doors to the country’s security firms

• June 18, 2021 18 Jun'21

  Lorca Ignite programme targets breakout cyber talent

  Six of the most successful companies to have come through Lorca’s existing accelerators are being inducted into an intensive programme

• June 18, 2021 18 Jun'21

  Carnival Cruises hit by fourth cyber incident in a year

  Latest data breach at Covid-hit cruise line comes hot on the heels of two recent ransomware attacks and a spring 2020 breach

• June 17, 2021 17 Jun'21

  Cyber crooks target Amazon Prime users ahead of retail bonanza

  A surge in malicious domain registrations ahead of Amazon Prime Day indicates cyber criminals have set their sights on exploiting vulnerable shoppers

• June 15, 2021 15 Jun'21

  Scottish government awards digital identity platform contract to Scott Logic

  Supplier is working on a two-year project to create a digital identity service through a suite of common platforms that will be adopted across Scottish government

• June 11, 2021 11 Jun'21

  CMA secures commitments from Google on future of cookies

  The Competition and Markets Authority is opening a consultation on commitments offered to it by Google to ensure its Privacy Sandbox proposals do not harm digital advertising markets

• June 10, 2021 10 Jun'21

  Australian organisations face heightened cyber attacks

  Nearly three in four Australian organisations experienced cyber attacks that largely resulted from a growing remote workforce in 2020

• June 09, 2021 09 Jun'21

  RSA spins out fraud and risk unit as Outseer

  RSA Security is transitioning its fraud and risk intelligence work into a new business to be called Outseer

• June 08, 2021 08 Jun'21

  NHS Digital delays data collection plans until September

  NHS Digital has postponed its proposed collection of GP data for two months, to allow more time for the public to understand the process and opt out if wanted

• June 04, 2021 04 Jun'21

  HSBC offers all businesses scam awareness app

  HSBC is sharing information on the latest scams and how to defend against them thorough its latest app, available to all businesses

• June 03, 2021 03 Jun'21

  Reports raise alarm over Huawei access to Dutch networks

  Espionage accusations raise security questions for Netherlands organisations using Chinese supplier’s equipment and services

• June 03, 2021 03 Jun'21

  Norway’s auditor general lifts lid on energy industry’s cyber security risks

  Auditor General’s Office questions the security posture of Norway’s energy industry

• June 03, 2021 03 Jun'21

  FireEye sold to private equity, Mandiant regains independence

  FireEye has agreed to sell its products business and name to a private equity consortium, while Mandiant will spin out as an independent threat intel business

• May 25, 2021 25 May'21

  GCHQ bulk interception programme breached privacy rights, Strasbourg court rules

  European Court of Human Rights finds that the UK’s bulk surveillance programme breached citizens’ privacy rights

• May 25, 2021 25 May'21

  CyberSprinters game gives kids a head start, says NCSC

  An online game for primary schools, clubs and youth organisations will teach children aged seven to 11 the fundamentals of staying safe online

• May 24, 2021 24 May'21

  Dutch researchers build security software to mimic human immune system

  Software could help IT systems develop immunity to some cyber attacks in a similar way to how the body fights infection

• May 24, 2021 24 May'21

  Why the security stack needs to move to the edge

  Akamai’s chief technology officer Robert Blumofe makes the case for a decentralised security model to address cyber threats that are emanating from the network edge

• May 14, 2021 14 May'21

  Okta and Auth0 to expand APAC coverage

  Okta’s acquisition of rival Auth0 will enable both companies to expand their footprint in the Asia-Pacific region as demand for identity management services soars amid the pandemic

• May 11, 2021 11 May'21

  Collaboration key to success of UK’s Cyber Security Council

  The founders of the UK’s Cyber Security Council have been setting out their plans to professionalise the cyber sector at the NCSC’s CyberUK 2021 event

• May 07, 2021 07 May'21

  Ransomware, supply chain attacks show no sign of abating

  Security experts at Black Hat Asia 2021 discuss the state of ransomware and supply chain attacks, two of the most common attack vectors that offer high returns for threat actors

• May 06, 2021 06 May'21

  Google to introduce mandatory MFA for users

  In future, holders of Google accounts will have no option but to use multifactor authentication if they want to use the firm’s services

• May 06, 2021 06 May'21

  HSBC blocks £249m in UK fraud with voice biometrics

  HSBC voice recognition technology has reduced telephone banking fraud as demand for the channel increases

• May 04, 2021 04 May'21

  Half of organisations breached via a third party in 12 months

  New report highlights the risks of outsourcing key business processes without paying due care and attention to your service provider’s security

• April 28, 2021 28 Apr'21

  Recruiters can’t afford to hold out for cyber ‘unicorns’

  The perfect security candidate is hard to find, so hiring policy needs to be more pragmatic

• April 28, 2021 28 Apr'21

  Office 365 compromise likely led to Merseyrail ransomware attack

  Compromise of Merseyrail employee data seems to have begun after a key email account was hacked

• April 28, 2021 28 Apr'21

  NHS App to serve as vaccine passport for foreign holidays

  Existing NHS App will have vaccine passport functionality added to it, transport secretary confirms