News
Identity and access management products
-
August 23, 2022
23
Aug'22
NCSC shares cyber guidance for large infrastructure builds
Balfour Beatty and McAlpine are among the large construction firms to have input into latest NCSC guidance for ensuring the security of major infrastructure projects
-
August 19, 2022
19
Aug'22
Google employees demand end to collection of abortion data
In the wake of the US Supreme Court rolling back abortion rights, Google employees are calling on the company to stop collecting abortion-related data, so that it can never be shared with police
-
August 19, 2022
19
Aug'22
Cozy Bear targets MS 365 environments with new tactics
Cozy Bear, or APT29, is trying out new tricks as it seeks access to its targets’ Microsoft 365 environments
-
August 19, 2022
19
Aug'22
Inside Singapore’s national digital identity journey
Singapore’s national digital identity system has evolved from providing single sign-on to e-government services to pandemic-related and digital document capabilities in recent years
-
August 18, 2022
18
Aug'22
Growing MFA use spurs ‘pass-the-cookie’ attacks
The exploitation of stolen session cookies by cyber criminals is once again back on the agenda, thanks to the growing popularity of multifactor authentication tools
-
August 11, 2022
11
Aug'22
Cisco averts cyber disaster after successful phishing attack
A potentially serious cyber attack on Cisco’s systems that began after a threat actor successfully exploited an employee’s carelessly secured credentials was thwarted without major damage
-
August 10, 2022
10
Aug'22
UK to surveil convicted migrants with facial recognition
A Home Office scheme to biometrically scan the faces of convicted migrants who have already carried out punishments has come under fire from privacy and human rights groups for being discriminatory
-
August 09, 2022
09
Aug'22
Cyber insurance getting harder to obtain
Organisations looking to shore up their security postures face more and more barriers to obtaining cyber insurance
-
August 04, 2022
04
Aug'22
UK has biggest card fraud problem in Europe
Social Market Foundation calls on the UK to get a grip on its huge problem with bank card fraud in Europe
-
August 04, 2022
04
Aug'22
SBRC to administer NCSC training across Scotland
The Scottish Business Resilience Centre has been awarded a £500,000 contract to extend cyber resilience training across more than 250 at-risk organisations
-
August 02, 2022
02
Aug'22
UK safety tech sector sees strong revenue and employment growth
Safety tech is now one of the fastest-growing sectors in the UK tech industry, with jumps in revenue, investment and employment
-
July 28, 2022
28
Jul'22
NCSC startups scheme turns focus to operational technology, SME security
NCSC for Startups initiative turns its focus to supporting innovation around securing operational technology and addressing the challenges facing small businesses
-
July 27, 2022
27
Jul'22
Cyber security training ‘boring’ and largely ignored
Two-thirds of employees don’t bother to pay attention to cyber security training – and the fault does not lie with them
-
July 26, 2022
26
Jul'22
Visibility and proactive stance needed to secure OT systems
Critical infrastructure operators need to have more visibility into their IT and operational technology environment, and take a more active stance to fend off sophisticated adversaries, expert says
-
July 25, 2022
25
Jul'22
NCSC seeks community input for Cyber Advisor service
The NCSC is proposing to establish a new Cyber Advisor service to train up experts in security guidance, and is inviting interested parties to come forward
-
July 20, 2022
20
Jul'22
(ISC)² expands entry-level cyber programme after UK success
Flush with success from a UK certification programme, reaching 100k in the UK, (ISC)² now wants to provide free security certification to a million people worldwide
-
July 20, 2022
20
Jul'22
How NEC is transforming its business
While NEC is known for its public safety systems, the company has been expanding into new areas including e-government, financial services and customer experience in Asia-Pacific
-
July 20, 2022
20
Jul'22
Russia’s Cozy Bear abusing Dropbox, Google Drive to target victims
Russian APT known as Cozy Bear has become adept at quickly incorporating popular cloud storage services into its attack chain to avoid detection
-
July 14, 2022
14
Jul'22
How hostile government APTs target journalists for cyber intrusions
Proofpoint shares data on multiple campaigns of cyber intrusions against journalists originating from threat actors aligned to the governments of China, Iran, North Korea and Turkey
-
July 14, 2022
14
Jul'22
Government pauses Online Safety Bill’s progress
The government has paused the Online Safety Bill’s journey towards becoming law, amid timetable pressure
-
July 13, 2022
13
Jul'22
Slippery phish wriggles around MFA protections, says Microsoft
Microsoft’s threat researchers share details of a phishing campaign that hit 10,000 organisations, against which standard multifactor authentication provides little defence
-
July 12, 2022
12
Jul'22
Singapore doubles down on OT security
The Cyber Security Agency of Singapore will fund 80 scholarships to groom a talent pool of operational technology security experts, among other efforts to bolster the security of critical infrastructure in the city-state
-
July 11, 2022
11
Jul'22
SMEs lagging on multifactor authentication
Only 46% of small business owners say they have implemented multifactor authentication, and just 13% mandate its use, according to a report
-
July 08, 2022
08
Jul'22
Sweden and GDPR – four years on
Swedish data protection coordinator talks to Computer Weekly four years into the General Data Protection Regulation
-
July 07, 2022
07
Jul'22
Latest Marriott data breach not as serious as others
Questions are again being raised over Marriott’s cyber security practices following yet another incident, but fortunately it seems limited in its scope, and the company is responding appropriately
-
July 06, 2022
06
Jul'22
Plexal seeks new scaleups for next phase of Cyber Runway
Established security startups looking to grow and scale their operations are being invited to join the next phase of Plexal’s Cyber Runway programme
-
July 04, 2022
04
Jul'22
Government rejects Lords police tech inquiry recommendations
The government has largely rejected the findings and recommendations of a House of Lords inquiry into police tech, which called for an overhaul of how police deploy artificial intelligence and algorithmic technologies
-
June 29, 2022
29
Jun'22
Urgent need for new laws to govern biometrics, legal review finds
Independent review says new framework is needed to clear up legal and ethical concerns over the use of biometric data and technologies, which can impact privacy, freedom of expression and other human rights
-
June 22, 2022
22
Jun'22
Uber drivers strike over pay issues and algorithmic transparency
Unionised Uber drivers take industrial action against the company over its failure to pay workers in line with a Supreme Court decision and inflation, as well as the lack of transparency around how it uses their data
-
June 22, 2022
22
Jun'22
How TDCX is building a people-centric business
Every digital tool deployed by the Singapore-based services firm is aimed at augmenting the performance and experience of its employees, says TDCX’s group CIO, Byron Fernandez
-
June 21, 2022
21
Jun'22
Microsoft Office 365 has ability to ‘spy’ on workers
Microsoft faces calls for ‘transparency’ over tools in Office 365 that allow employers to read staff emails and monitor their computer use at work
-
June 16, 2022
16
Jun'22
Dundee security research centre opens with support from SBRC
An £18m hub at Abertay University in Dundee forms the centrepiece of Scotland’s first security research cluster
-
June 16, 2022
16
Jun'22
Office 365 loophole may give ransomware an easy shot at your files
Researchers at Proofpoint have discovered potentially dangerous Microsoft Office 365 functionality that they believe may give ransomware a clear shot at files stored on SharePoint and OneDrive
-
June 15, 2022
15
Jun'22
$2k to access your organisation on the dark web
Dark web brokers will sell access to company networks and systems for an average of $2,000 to $4,000
-
June 13, 2022
13
Jun'22
Qatar bolsters cyber security in preparation for World Cup
With hackers honing their cyber weapons to target the upcoming football World Cup, Qatar is busy developing countermeasures and raising awareness
-
June 10, 2022
10
Jun'22
Researchers find eight CVEs in single building access system
A series of eight vulnerabilities in Carrier LenelS2 building access panels could enable malicious actors to obtain physical access to their targets
-
June 09, 2022
09
Jun'22
Trade body calls for public-private sector collab on digital ID
TechUK has published a report outlining 10 key recommendations it believes are urgently needed to enable the rapid creation of an effectively regulated digital identity marketplace
-
May 24, 2022
24
May'22
Ransomware volumes grew faster than ever in 2021
Verizon’s annual DBIR assessment of the security landscape highlights an unprecedented boom in ransomware volumes, to the surprise of nobody
-
May 19, 2022
19
May'22
Deliveroo accused of ‘soft union busting’ with GMB deal
Smaller grassroots unions have criticised Deliveroo and GMB for making a “hollow” deal that will ultimately undermine workers’ self-organising efforts
-
May 19, 2022
19
May'22
Red teaming will be standard in Dutch governmental organisations by 2025
The Dutch government wants to include the testing of the digital security of systems, processes and people – also known as red teaming – in all of its governmental organisations’ test planning and budgeting by 2025 at the latest
-
May 11, 2022
11
May'22
Nationwide stops thousands more attempted frauds with Strong Customer Authentication
Nationwide Building Society is blocking an additional 2000 attempted online shopping frauds a month through extra checks
-
May 04, 2022
04
May'22
NHS email accounts hijacked for phishing campaign
Microsoft credentials targeted in phishing operation using hijacked NHSMail accounts
-
May 03, 2022
03
May'22
Five TLS comms vulnerabilities hit Aruba, Avaya switching kit
Five new vulnerabilities in the implementation of transport layer security communications leave several popular switches vulnerable to remote code execution
-
April 28, 2022
28
Apr'22
Manufacturer sues JPMorgan after cyber criminals stole $272m
Manufacturer files lawsuit alleging that US bank failed to inform it of suspicious transaction activity
-
April 27, 2022
27
Apr'22
Log4Shell, ProxyLogon, ProxyShell among most exploited bugs of 2021
These 15 CVEs were the most commonly exploited last year, and if you haven’t mitigated against them, now is the time
-
April 25, 2022
25
Apr'22
US mobile network emerges as latest Lapsus$ victim
Lapsus$ extortion gang hit T-Mobile and attempted to perform SIM-swapping attacks and code theft
-
April 22, 2022
22
Apr'22
How Adnovum is leveraging its Swiss roots
Software company Adnovum is leveraging its strengths in identity and access management and its Swiss heritage as it expands into new markets and areas such as zero-trust security
-
April 22, 2022
22
Apr'22
UAE bolsters cyber security
The United Arab Emirates has successfully improved its security posture amid mounting cyber threats
-
April 22, 2022
22
Apr'22
Finance regulator identifies challenger bank financial crime weaknesses
Financial Conduct Authority review finds challenger banks need to do more to prevent their platforms being used to commit financial crime, such as money laundering
-
April 21, 2022
21
Apr'22
Five Eyes in new Russia cyber warning
Latest cross-body alert warns of Russian threat to utilities and other core elements of national infrastructure