News

Identity and access management products

May 24, 2023 24 May'23
Kuwait bank introduces biometric payments card

Middle East bank launches payment cards with fingerprint sensor technology embedded
May 24, 2023 24 May'23
Two-thirds of all 2022 breaches resulted from spear phishing

Research by Barracuda Networks has found that, despite the low volume of spear-phishing attempts, the attacks are highly successful and have major consequences
May 17, 2023 17 May'23
Home Office pushes for more police facial-recognition deployments

An independent report commissioned by the biometrics commissioner of England and Wales reveals that the UK policing minister is pushing for wider adoption of facial-recognition technology by police, and further criticises the government’s proposed ...
May 17, 2023 17 May'23
Pentera ups ante in penetration testing

The Israeli startup, which expanded to the APAC region last year, scans for vulnerabilities and emulates cyber attacks through its automated security validation platform

May 15, 2023 15 May'23
MS macro-blocking has forced cyber criminals to innovate

One year after Microsoft started blocking VBA and XL4 macros by default, the cyber criminal ecosystem has all but stopped exploiting macros in their attacks. They’re instead innovating at an unprecedented rate
May 11, 2023 11 May'23
Fujitsu staff had ‘unrestricted and unauditable’ remote access to Post Office branch systems

Fujitsu engineers could make changes to Post Office branch accounts without anyone knowing
May 10, 2023 10 May'23
How datacentre operators can fend off cyber attacks

Applying zero-trust principles in the form of strong authentication controls and network segmentation can help datacentre operators to mitigate cyber threats
May 05, 2023 05 May'23
Santander reports increase in scams and admits fraud head was impersonated

Santander has reported an increase in impersonation scams, and admitted its own head of fraud was impersonated by a fraudster
May 04, 2023 04 May'23
Google debuts passwordless login options for users

Launch of Google’s passkey service hailed as a great leap forward for passwordless technology
May 03, 2023 03 May'23
Cyber Action Plan for Wales launched

The devolved Welsh government has set out four priorities in an action plan designed to foster cyber resilience, talent and innovation across the country

April 27, 2023 27 Apr'23
Google Cloud seals bug that could have led to data breaches

The Asset Key Thief vulnerability gave rise to multiple potential attack scenarios that could have impacted thousands of Google Cloud users, but has now been safely fixed
April 19, 2023 19 Apr'23
Global finance firms take part in NATO cyber attack simulation

Global financial services organisations take part in NATO annual event which simulates cyber attacks on critical infrastructure
April 19, 2023 19 Apr'23
How organisations can succeed with zero trust

By starting small, taking a long-term view and prioritising the most critical assets in their zero-trust implementations, organisations will be able to reap returns from their investments in the security paradigm
April 18, 2023 18 Apr'23
Focus on these three risky behaviours to boost cloud security

Some 80% of cloud security alerts are triggered by just 5% of security rules. Security teams can substantially improve their resilience by zeroing in on a small set of risky behaviours, according to a report
April 13, 2023 13 Apr'23
Three charged over banking fraud for hire website

UK authorities have charged three men in connection with the operation of a website that sold social engineering tools to cyber fraudsters
April 12, 2023 12 Apr'23
UK police double down on ‘improved’ facial recognition

The Met and South Wales Police have doubled down on their use of facial recognition technology after research found improved accuracy in their algorithms when using certain settings, but civil society groups maintain that the tech will still be used...
April 12, 2023 12 Apr'23
Okta integrates with Singapore’s national digital ID system

The integration with Singpass will let Okta customers authenticate consumers using Singapore’s national digital ID system and is expected to expand the company’s reach in regulated industries
April 06, 2023 06 Apr'23
Prioritise automated hardening over traditional cyber controls, says report

A report from strategic risk specialist Marsh McLennan advises security buyers to funnel their budgets towards automated cyber security hardening techniques, saying they have a much better chance of reducing risk in a meaningful way
April 05, 2023 05 Apr'23
Scottish police tech piloted despite major data protection issues

Scottish policing bodies are pressing ahead with a data sharing pilot despite data protection issues around the use of US cloud providers, placing sensitive personal data of tens of thousands of people at risk
March 30, 2023 30 Mar'23
Reactive approach to cyber procurement risks damaging businesses

Too many organisations are following a reactive approach to cyber security, which WithSecure believes is stifling security teams ability to demonstrate value and align with business outcomes
March 21, 2023 21 Mar'23
Nordics move towards common cyber defence strategy

Nordic countries agree to work together to improve their cyber defences amid increasing threat
March 21, 2023 21 Mar'23
GDS signs £24m worth of contracts for One Login

As the Government Digital Service (GDS) prepares for the official end of Gov.uk Verify, it signs three new contracts for its successor programme, One Login
March 20, 2023 20 Mar'23
NCSC launches cyber check-up tools for SMEs

The NCSC has launched two new security services aimed at SMEs that lack the resources to address cyber issues, and may underestimate their vulnerability to attack
March 20, 2023 20 Mar'23
NatWest announces ID service for its customers

The identities of NatWest customers engaging with businesses online can be confirmed by the bank's ID service in seconds
March 08, 2023 08 Mar'23
UK government introduces revised data reform bill to Parliament

Designed in close collaboration with technology businesses, the UK government is re-introducing an updated version of its Data Protection and Digital Information Bill to Parliament, which civil society groups say upends key safeguards
March 08, 2023 08 Mar'23
How ForgeRock is tackling identity management

ForgeRock CEO Fran Rosch has set the identity and access management software supplier on a path to deliver a frictionless identity experience without compromising security or privacy
March 07, 2023 07 Mar'23
Nine in 10 enterprises fell victim to successful phishing in 2022

Egress annual email security risk report breaks down impacts of email-based phishing attacks and data loss, and the effect these can have on organisations in terms of staff retention and morale
March 07, 2023 07 Mar'23
Dutch hospitals underestimate impact of cyber attack

IT failures in acute care organisations in the Netherlands have increased considerably since 2010, affecting patient care and stressing the need to improve IT security in hospitals
March 02, 2023 02 Mar'23
Uber introduces dynamic pricing algorithm in London

The dynamic pricing algorithm will allow Uber to set variable pay and pricing levels, but drivers are concerned about how their personal data will be used and the impact the algorithm will have on their livelihoods
March 02, 2023 02 Mar'23
WH Smith staff data accessed in cyber attack

The retailer has said that customer data has not been affected by the incident as it is held in different systems, and that investigations into the attack are ongoing
March 02, 2023 02 Mar'23
Salt Labs identifies OAuth security flaw within Booking.com

Security flaw in Booking.com OAuth implementation could be used to launch account takeovers, but researchers discovered and flagged the issue before it could be exploited in the wild
February 28, 2023 28 Feb'23
LastPass attack saw employee’s home computer hacked

The ongoing investigation into a series of linked security incidents at LastPass has found that the attacker was successfully able to compromise a developer’s home PC using a vulnerability in a media software package
February 24, 2023 24 Feb'23
UK police have ‘culture of retention’ around biometric data

A culture of retention around biometric data in UK policing is damaging public trust, says UK biometrics commissioner, who is calling for clear regulation to govern police use of biometric technologies
February 22, 2023 22 Feb'23
Dutch cyber security professionals experience stress akin to soldiers in war zone, claims expert

Cyber attacks are taking a heavy toll on Dutch IT professionals, with over a third reporting that their mental health suffers as a result
February 20, 2023 20 Feb'23
Twitter 2FA changes bring more risks than benefits

Twitter’s approach to nudging users away from insecure SMS-based 2FA is being questioned over its logic
February 16, 2023 16 Feb'23
How to tame the identity sprawl

Organisations should find a comprehensive way to gain full visibility into their digital identities and leverage automation to tame the identify sprawl
February 13, 2023 13 Feb'23
Police tech needs clear legal rules, says biometrics regulator

Police use of artificial intelligence and facial recognition needs to be controlled by strict rules and mechanisms to ensure public trust
February 13, 2023 13 Feb'23
Whistleblower in limbo as sensitive NatWest customer files remain under her bed

Whistleblower and NatWest at stalemate as regulators leave it up to them to come to an agreement on return of sensitive customer data
February 10, 2023 10 Feb'23
Social media platform Reddit breached in phishing attack

An unspecified threat actor obtained access to internal documents, code and business systems at Reddit after stealing employee credentials in a phishing attack
February 09, 2023 09 Feb'23
Banking regulatory body wants a ‘tripwire’ to flag APP fraud

Banking code of practice organisation wants banks to monitor where authorised push payment scammers are sending stolen money
February 07, 2023 07 Feb'23
APP fraud reimbursement proposal is ‘fundamentally flawed’, say MPs

MPs claim the involvement of a bank-sponsored organisation in reimbursing victims of APP fraud would be a conflict of interest
February 01, 2023 01 Feb'23
NCSC for Startups inducts four companies into programme

Four more startups are set to join the NCSC accelerator, which helps the UK government develop technology and approaches to pressing cyber security challenges
February 01, 2023 01 Feb'23
Innovative Technology deploys age estimation tech in shops and pubs

A company involved in Home Office-led trials of biometric age estimation technologies has begun rolling out its hardware to UK shops and pubs so they can use its facial recognition algorithm to assure customers’ ages
February 01, 2023 01 Feb'23
Malware variant can block contactless payments

Kaspersky warns that the latest variant of the Prilex malware can block contactless payments to force people to insert cards, enabling criminals to steal money
January 31, 2023 31 Jan'23
GitHub warns Desktop, Atom users after code-signing certificates pinched

Threat actors stole encrypted code-signing certificates for GitHub’s Desktop and Atom applications in December 2022, prompting warnings for users
January 25, 2023 25 Jan'23
NCSC exposes Iranian, Russian spear-phishing campaign targeting UK

Spear-phishing campaigns likely linked to Iranian and Russian espionage activity are targeting persons of interest in the UK, warns the NCSC
January 23, 2023 23 Jan'23
NCSC warning over cyber risk to charity sector

Cash-strapped charities without the resource to tackle their resilience deficit are increasingly at risk from malicious actors, says the NCSC
January 16, 2023 16 Jan'23
The Security Interviews: Protecting your digital self

Our digital self – the virtual presence of who we are online – has a pervasive influence in the real world. People make judgements based on these digital depictions, so what can be done to ensure positive representation?
January 13, 2023 13 Jan'23
Cabinet Office looks to expand public data sharing for digital ID

Cabinet Office seeks feedback on proposed legislation to enhance data sharing across the public sector, in support of the UK government’s ambition to have a single sign-on identity-check system for all public services
January 12, 2023 12 Jan'23
UK government completes trials of age estimation technology

Government-led trials of age estimation and verification technologies for the sale of alcohol in nightlife venues and supermarkets have been completed, with both government and retail lobbyists pushing for legislation that would allow retailers to ...