News
Identity and access management products
-
December 01, 2023
01
Dec'23
Human augmentation tech requires dual use oversight
Researchers investigating human augmentation technologies must acknowledge the potential military applications of their work, and military bodies cannot be allowed to dismiss ethical concerns in their pursuit of national security interests, says NGO...
-
December 01, 2023
01
Dec'23
The Security Interviews: Mark McClain, SailPoint Technologies
SailPoint founder and CEO Mark McClain reflects on how the concept of identity has evolved over the past 20 years, and points to rapid evolution still to come
-
November 29, 2023
29
Nov'23
Scope of Okta helpdesk breach widens to impact all users
Okta has widened the scope of the October breach of its systems to include every customer that has used its helpdesk service, after new information came to light
-
November 24, 2023
24
Nov'23
UK police plan national roll-out of facial-recognition phone app
UK police chiefs plan to expand use of facial-recognition technology through a nationwide roll-out of mobile-based tools and increases in retrospective facial-recognition, but oversight problems persist
-
November 23, 2023
23
Nov'23
Australia ups ante on cyber security
Australia’s new cyber security strategy will focus on building threat blocking capabilities, protecting critical infrastructure and improving the cyber workforce, among other priorities
-
November 22, 2023
22
Nov'23
An inside look at a Scattered Spider cyber attack
Threat researchers at ReliaQuest share the inside track on a Scattered Spider cyber attack they investigated
-
November 21, 2023
21
Nov'23
Canada’s Mounties among government employees hit by LockBit
A LockBit attack on a specialist supplier of relocation services has engulfed multiple government agencies in Canada
-
November 16, 2023
16
Nov'23
Outgoing police tech watchdog warns of declining oversight
The outgoing biometrics and surveillance camera commissioner for England and Wales discusses police deployment of powerful new surveillance technologies, and the declining state of oversight in this area
-
November 06, 2023
06
Nov'23
Shadow IT use at Okta behind series of damaging breaches
Okta now believes the initial access vector in a series of damaging breaches was one of its own employees who used a corporate device to sign into their personal Google account
-
November 02, 2023
02
Nov'23
EU digital ID reforms should be ‘actively resisted’, say experts
Over 300 cyber security experts have called for the EU to rethink its proposals for eIDAS digital identity reforms, saying some of the provisions risk damaging user privacy and security
-
October 27, 2023
27
Oct'23
Microsoft warns over growing threat from Octo Tempest gang
The English-speaking Octo Tempest extortion gang – which became an ALPHV/BlackCat affiliate recently – presents one of the most significant and rapidly growing threats to large organisations at this time, says Microsoft
-
October 25, 2023
25
Oct'23
Demystifying the top five OT security myths
Goh Eng Choon, president of ST Engineering’s cyber business, outlines the common myths around OT security in a bid to raise awareness of the security challenges confronting OT systems
-
October 25, 2023
25
Oct'23
1Password caught up in Okta support breach
After breaches at BeyondTrust and Cloudflare, 1Password, a third customer of Okta operating in the same space, has revealed that it too was impacted in a breach of the IAM house’s support systems
-
October 19, 2023
19
Oct'23
Loughborough Uni to create five cyber AI research posts
Supported by Darktrace, Loughborough University is to recruit five doctoral researchers focusing on cross-disciplinary research in AI and cyber security
-
October 10, 2023
10
Oct'23
MGM faces £100m loss from cyber attack on its casinos
MGM Resorts has provided further details on the fallout of the hack targeting its casinos in early September, confirming that a range of personal information has been stolen and that it will likely cost the firm around $100m
-
October 05, 2023
05
Oct'23
Policing minister wants to use UK passport data in facial recognition
The policing minister’s plans to integrate the UK’s passport database with police facial-recognition systems have been met with criticism from campaigners, academics, and the biometrics commissioner for England and Wales
-
October 04, 2023
04
Oct'23
Lloyds Bank launches digital identity app
Lloyds Bank has launched a digital identity app with tech startup Yoti, after it invested £10m in the firm
-
September 28, 2023
28
Sep'23
Strasbourg court condemns Turkey for jailing teacher for using ByLock encrypted messaging app
The case is expected to have implications for the use of digital evidence in prosecutions against users of other encrypted phone apps
-
September 28, 2023
28
Sep'23
Security and risk management spending to grow 14% next year
Growth in public cloud services will stand out over the next 12 months, as Gartner projects an overall 14% increase in cyber spending in 2024
-
September 26, 2023
26
Sep'23
Cover-ups still the norm in the wake of a cyber incident
Almost half of organisations that have experienced a cyber incident did not report it to the appropriate authorities, according to a report
-
September 19, 2023
19
Sep'23
Okta confirms link to cyber attacks on Las Vegas casinos
Okta CISO David Bradbury confirms widespread speculation about the high-profile cyber attacks on two Las Vegas casino operators, revealing that the threat actors responsible had indeed abused its services as they earlier claimed
-
September 19, 2023
19
Sep'23
38TB Microsoft data leak highlights risks of oversharing
An accidentally disclosed SAS token with excessive privileges enabled researchers to access nearly 40TB of Microsoft’s data, highlighting the risks of privilege mismanagement and oversharing
-
September 15, 2023
15
Sep'23
Las Vegas mainstay Caesars Palace likely paid off ransomware crew
Caesars Entertainment, owner of the lavish Roman Empire-themed Caesars Palace casino in Las Vegas, has revealed it also suffered a ransomware attack, and appears to have paid off its hackers
-
September 15, 2023
15
Sep'23
Manchester police data breach a classic supply chain incident
The developing data breach at Greater Manchester Police follows a cyber attack on the systems of a key supplier of ID services to the force
-
September 13, 2023
13
Sep'23
Storm-0324 gathers over Microsoft Teams
An initial access broker associated with several different ransomware operations is now conducting Microsoft Teams phishing attacks
-
September 13, 2023
13
Sep'23
How DocuSign is extending its capabilities beyond e-signatures
DocuSign is harnessing large language models to help individuals make sense of agreements and employing AI-based biometrics to verify the identity of signers, as part of its broader efforts to expand its capabilities beyond electronic signatures
-
September 08, 2023
08
Sep'23
Sensitive NatWest customer files set to be returned after High Court agreement
Sensitive NatWest customer files set to be secured by bank after years in the home of a data breach whistleblower
-
September 08, 2023
08
Sep'23
HGS to provide contact centre support for One Login
The partnership between the Government Digital Service and Hinduja Global Solutions will see the supplier provide contact centre services for the digital identity platform
-
September 07, 2023
07
Sep'23
Finnish government to bolster spending on cyber-AI defences
Finland’s government will increase spending on cyber security amid heightened threats from artificial intelligence-based attacks
-
September 06, 2023
06
Sep'23
Meet the professional BEC op that targeted Microsoft 365 users for years
The so-called W3LL cyber crime operation ran a phishing empire that has played a large role in compromising Microsoft 365 accounts for years. Its activities are now coming to light thanks to Group-IB researchers
-
September 06, 2023
06
Sep'23
Okta customers targeted in new wave of social engineering attacks
Authentication specialist Okta has warned customers to be on alert for a campaign of social engineering attacks exploiting highly privileged users
-
September 05, 2023
05
Sep'23
Researchers find flaw in Mend.io security platform
WithSecure’s research team uncovered an authentication flaw in an application security platform developed by Mend.io, which has now been fixed
-
August 31, 2023
31
Aug'23
Home Office and MoD seeking new facial-recognition tech
The UK’s Defence and Security Accelerator is running a ‘market exploration’ exercise on behalf of the Home Office to identify new facial-recognition capabilities for security and policing bodies in the UK
-
August 31, 2023
31
Aug'23
Post Office to provide in-person identity checks for One Login
Partnership between the Government Digital Service and the Post Office will see postmasters and staff provide face-to-face identity checks for those unable to use the One Login app or website
-
August 24, 2023
24
Aug'23
Google bets on AI-backed cyber controls for Workspace users
Zero-trust and digital sovereignty controls are the focus of a series of enhancements being made for Google Workspace users
-
August 18, 2023
18
Aug'23
NatWest customer calls bank’s handling of breach of his data ‘disgusting’
A second NatWest customer has contacted Computer Weekly after finding out from a whistleblower that his sensitive personal data has been in her home for 14 years
-
August 16, 2023
16
Aug'23
CyberArk eyes growth beyond PAM
CyberArk is seeing exponential growth in the broader identity security market as the company expands its capabilities beyond privileged access management
-
August 14, 2023
14
Aug'23
NatWest offers compensation to customer affected by data breach exposed by whistleblower
NatWest bank has offered compensation to a former customer affected by a data breach alongside around 1,600 other former and current customers
-
August 08, 2023
08
Aug'23
MPs warn about growing prevalence of tech-enabled domestic abuse
The UK government must take action to prevent perpetrators from being able to use connected or smart technologies to conduct their domestic abuse, a select committee has warned
-
August 08, 2023
08
Aug'23
Workplace monitoring needs worker consent, says select committee
Employers looking to monitor their employees through connected devices should only to so with the consent of those affected due to negative impacts such surveillance can have on work intensification and mental health
-
August 03, 2023
03
Aug'23
Cozy Bear hijacks SME Microsoft 365 tenants in latest campaign
Microsoft shares intelligence on a newly observed Cozy Bear campaign that saw the APT take over genuine Microsoft 365 tenants and subvert them to try to phish its victims
-
July 28, 2023
28
Jul'23
How Indian organisations are keeping pace with cyber security
Indian organisations are shoring up their defences to improve their cyber resilience amid intensifying cyber threats targeted at key sectors such as healthcare and logistics
-
July 24, 2023
24
Jul'23
CIO interview: Sean Green, University of East Anglia
In his role as director of digital and data at the University of East Anglia, Sean Green provides high-performance computing to researchers and manages the diverse needs of a campus with the characteristics of a small town, all while finding the ...
-
July 20, 2023
20
Jul'23
Online Safety Bill screening measures amount to ‘prior restraint’
The Open Rights Group is calling on Parliament to reform the Online Safety Bill, on the basis that its content-screening measures would amount to “prior restraint” on freedom of expression
-
July 17, 2023
17
Jul'23
Police Scotland use cloud for biometric data despite clear risks
Police Scotland confirms it has stored significant volumes of biometric data on a cloud-based digital evidence sharing system despite major ongoing data protection concerns, bringing into question the effectiveness of the current regulatory approach...
-
July 13, 2023
13
Jul'23
Civil society groups call on EU to put human rights at centre of AI Act
Dozens of civil society groups are calling on EU institutions to prioritise people and human rights in AI legislation as secretive negotiations begin
-
July 12, 2023
12
Jul'23
Whistleblower contacts NatWest customers affected by a decade-old data breach
Former worker says contacting the people affected by the data breach is her last resort after the bank and regulators appear satisfied that the sensitive data file is safe stored under her bed
-
July 07, 2023
07
Jul'23
Suspicious email reported every five seconds in UK
National Cyber Security Centre report reveals a suspicious email was reported by UK citizens and organisations every five seconds last year
-
July 06, 2023
06
Jul'23
Biometrics watchdog calls for public space surveillance review
The biometrics and surveillance camera commissioner is calling for a review of public space surveillance to gain a clearer picture about the proliferation of Chinese surveillance technology across the public sector, but warns against applying double...
-
June 30, 2023
30
Jun'23
AI can never be given control over combat decisions, Lords told
Artificial intelligence is technically incapable of distinguishing between the complex contextual factors of combat situations, and will likely never be able to, according to legal and software experts