News
Identity and access management products
-
April 11, 2022
11
Apr'22
Open source CMS platform Directus patches XSS bug
A stored cross-site scripting vulnerability in the Directus platform could have enabled malicious actors to gain access to valuable data
-
April 11, 2022
11
Apr'22
Raspberry Pi Foundation ditches default username policy
Raspberry Pi owners will no longer be able to use the default ‘pi’ username, as the Raspberry Pi Foundation clamps down on insecure practices
-
April 01, 2022
01
Apr'22
Two teenagers charged with Lapsus$ cyber attacks
City of London Police have charged two teenagers in connection with the Lapsus$ cyber crime spree
-
April 01, 2022
01
Apr'22
Four moves to ‘checkmate’ critical assets thanks to lax cloud security
Malicious actors can compromise 94% of critical assets within four steps of the initial breach point, according to a report
-
March 31, 2022
31
Mar'22
Bank fraud prevention scheme blocked £60m in fraud last year
Scheme to catch fraudsters, including online scammers, before they commit their crimes has reported a significant increase in crimes prevented
-
March 31, 2022
31
Mar'22
Lapsus$ cyber crime spree continues despite arrests
The arrests of seven people in connection with the Lapsus$ cyber crime group has not dented the gang’s enthusiasm for causing chaos
-
March 29, 2022
29
Mar'22
Overhaul of UK police tech needed to prevent abuse
Lords inquiry finds UK police are deploying artificial intelligence and algorithmic technologies without a thorough examination of their efficacy or outcomes, and are essentially ‘making it up as they go along’
-
March 25, 2022
25
Mar'22
European Commission proposes new cyber security regulations
New cyber and information security regulations have been proposed by the European Commission to create a minimum set of standards in both areas
-
March 25, 2022
25
Mar'22
London police arrest seven in connection to Lapsus$
Seven people arrested by London police over cyber attacks carried out by Lapsus$ group, which is responsible for a number of recent, high profile attacks
-
March 25, 2022
25
Mar'22
How Lapsus$ exploited the failings of multifactor authentication
Attacks on Nvidia and Okta highlight weak MFA and the risk of employees being bribed or falling victim to social engineering
-
March 23, 2022
23
Mar'22
Private equity house spins SSE company out of McAfee Enterprise
The launch of Skyhigh Security completes division of McAfee Enterprise into separate businesses by Symphony Technology Group, which acquired the long-standing cyber security firm for $4bn in March 2021
-
March 23, 2022
23
Mar'22
NHS urgent care provider uses ID and access management to reduce complexity for clinicians
Provider of care through NHS 111 is using a cloud-based identity and access management system to remove the need for clinicians to remember multiple passwords
-
March 22, 2022
22
Mar'22
Details of Conti ransomware affiliate released
Information about a new Conti affiliate has been released by eSentire and BreakPoint Lab after a joint investigation into the group’s indicators of compromise
-
March 18, 2022
18
Mar'22
Ukrainian cyber defences prove resilient
Thanks to a combination of prior experience and global support, Ukraine’s defences against cyber incidents are holding strong in the face of Russian attacks
-
March 17, 2022
17
Mar'22
NCSC catches 10 million phishes
Nation Cyber Security Centre’s scam email reporting service enjoys great success as government embarks on new cyber awareness campaign
-
March 17, 2022
17
Mar'22
Online Safety Bill introduced in Parliament
The government has introduced its long-awaited Online Safety Bill in Parliament, alongside new criminal offences and sanctions for tech company execs
-
March 17, 2022
17
Mar'22
Value of contactless transactions doubles in two years
Almost £166bn was spent in the UK last year using contactless technology, compared with £80.5bn in 2019
-
March 16, 2022
16
Mar'22
SentinelOne adds Attivo Networks to identity portfolio
SentinelOne adds identity threat detection and response technology to its cyber portfolio, saying it will benefit zero-trust adoption among its customers
-
March 09, 2022
09
Mar'22
Paid-for advertising measures included in Online Safety Bill
New measures to deal with fraudulent paid-for advertising have been included in the government’s draft Online Safety Bill, marking the fourth extension in two months
-
February 28, 2022
28
Feb'22
Online Safety Bill updated to deal with anonymous abuse
Social media companies will be forced to deal with anonymous abuse online by the introduction of new measures in the Online Safety Bill
-
February 24, 2022
24
Feb'22
KnowBe4 cyber drama tackles Colonial Pipeline in fourth season
KnowBe4’s ongoing cyber security training drama, The Inside Man, reaches its fourth season with a plot drawing inspiration from one of the most impactful cyber attacks of 2021
-
February 24, 2022
24
Feb'22
New cyber guidelines to safeguard construction sector
NCSC launches sector-specific security guidance for organisations in the construction industry, with input from the Chartered Institute of Building
-
February 23, 2022
23
Feb'22
Backups ‘no longer effective’ for stopping ransomware attacks
Traditional methods of mitigating ransomware are less efficacious thanks to the rise in double and triple extortion techniques
-
February 23, 2022
23
Feb'22
Microsoft extends Defender umbrella to Google Cloud Platform
Redmond says extending Defender for Cloud native capabilities to the Google Cloud Platform will help simplify security for organisations pursuing multicloud strategies by eliminating the gaps where the bad guys can get in
-
February 22, 2022
22
Feb'22
UK organisations swift to chide phishing victims
While UK organisations are doing better at security training, many are quick to punish employees who fall victim to phishing attacks, whether real or simulated
-
February 18, 2022
18
Feb'22
Lawyers say ‘unprecedented’ secrecy deprived EncroChat defendants of fair trials
Lawyers from seven countries say it is impossible for their clients to challenge the accuracy, authenticity, reliability and legality of the evidence against them
-
February 16, 2022
16
Feb'22
2021 another record year for UK cyber investment
Total revenue generated by the UK’s cyber sector was up 14% last year, and UK-registered security firms raised over £1bn in investment
-
February 11, 2022
11
Feb'22
Lack of knowledge disastrous for effective security strategy within Dutch companies
Most Dutch companies still haven’t realised that security is an integral part of their IT and company strategy
-
February 10, 2022
10
Feb'22
UK second in money laundering hall of shame
Banks need to step up their anti-money laundering processes if billions of pounds’ worth of criminal activity is to be prevented
-
February 08, 2022
08
Feb'22
Parasol data breach: Contractors rage as fallout from umbrella cyber attack continues
Contractors working for the Parasol umbrella company are querying why it has taken so long for news of the firm's data breach, which is linked to a cyber attack on its systems five weeks ago, to come to light
-
February 08, 2022
08
Feb'22
The Security Interviews: Building the UK’s future cyber ecosystem
As the government lays out the next iteration of its Cyber Security Strategy, we speak to Plexal and Lorca’s Saj Huq about his work building a cyber ecosystem to support the UK’s future ambitions
-
February 08, 2022
08
Feb'22
Porn sites will be legally required to verify users’ ages
Porn sites could be legally obliged to verify that their users are 18 or over under proposed online safety rules, in UK government’s second attempt to prevent children from accessing pornography online
-
February 03, 2022
03
Feb'22
EC proposes new directive to improve gig economy work conditions
Gig economy workers in Europe could be entitled to more rights and better workplace protections under a directive proposed by the European Commission
-
February 02, 2022
02
Feb'22
Zero-trust to soar in 2022, but dogged by implementation challenges
IT leaders are keen to invest in zero-trust, but face issues around a lack of expertise, and selling the concept into the C-suite
-
February 02, 2022
02
Feb'22
Nationwide Building Society streamlines digital onboarding through API
Building society is improving its digital onboarding process through application programming interface-based technology from a US startup
-
February 02, 2022
02
Feb'22
MPs call on government to ‘push harder’ and ‘act faster’ amid online fraud epidemic
MPs on the Treasury Committee want the government to act quickly to reduce the amount of money being stolen through online fraud
-
January 27, 2022
27
Jan'22
Novel phishing campaign highlights need for MFA, says Microsoft
Microsoft details a new multi-stage phishing campaign that only affects victims without multifactor authentication in place
-
January 25, 2022
25
Jan'22
Cyber Essentials programme gets biggest update since launch
NCSC implements a thorough revision of its Cyber Essentials scheme to reflect the changing security landscape
-
January 19, 2022
19
Jan'22
Government funds charity campaign to warn big tech over the risks of encryption to children
Barnardo’s and other charities begin a government-backed PR campaign to warn of the dangers end-to-end encryption poses to child safety, which has been criticised as being ‘one-sided’
-
January 17, 2022
17
Jan'22
Test police algorithms in court rather than legislate, Lords told
Police algorithms and their impacts should be tested and challenged in court, rather than controlled by new laws, says policing minister
-
January 13, 2022
13
Jan'22
Nordic companies targeted in wave of cyber attacks
After a slew of cyber attacks hit major companies in the Nordics at the end of last year, we look at how they were affected and how they have recovered
-
January 12, 2022
12
Jan'22
UK government bodies challenged on secure identity
Public sector bodies in the UK recognise secure identity and access management as critical to the roll-out of digital services, but face challenges in addressing this
-
January 11, 2022
11
Jan'22
Banks accused of neglecting customer security measures
Which? singles out Metro Bank, Virgin Money and TSB over insecure online banking processes
-
January 11, 2022
11
Jan'22
Companies propose scanning content pre-encryption to fight CSAM
Firms working on the UK government’s Safety Tech Challenge have suggested that scanning content before encryption will help prevent the spread of child sexual abuse material – but privacy concerns remain
-
January 03, 2022
03
Jan'22
How APAC firms can stay ahead of cyber threats
Organisations will need to develop behavioural detection, machine learning and threat hunting capabilities to keep pace with the onslaught of cyber attacks
-
December 23, 2021
23
Dec'21
Top 10 cyber security stories of 2021
Cyber security dominated the headlines in 2021, making it hard to gain a clear picture of what to pay attention to. What is an IT buyer to do?
-
December 17, 2021
17
Dec'21
HSBC fined £64m for automated transaction monitoring failures
Bank hit by multimillion-pound fine for failures related to its transaction monitoring, which failed to spot potential money-laundering activity
-
December 09, 2021
09
Dec'21
UK and US to collaborate on privacy innovation contest
Joint UK-US innovation challenge contest centring on privacy-enhancing technology announced at Summit for Democracy in Washington DC
-
December 08, 2021
08
Dec'21
Most consumers expect banks to cover losses to scams
Consumers expect banks to cover losses to cyber crime, as the number of attacks grows
-
December 06, 2021
06
Dec'21
IT Priorities 2022: Pandemic’s long tail for cyber buyers
Pandemic response has been top of mind for cyber leaders these past 18 months, and as Covid-19 turns two, the TechTarget/Computer Weekly IT Priorities 2022 study shows buyers are still focused on how Covid has upended the workplace