News

Managing IT and business issues

• February 22, 2024 22 Feb'24

  Cyber experts alarmed by ‘trivial’ ConnectWise vulns

  The disclosure of two dangerous vulnerabilities in the popular ConnectWise ScreenConnect product is drawing comparisons with major cyber incidents, including the 2021 Kaseya attack

• February 22, 2024 22 Feb'24

  Law to clear hundreds of wrongfully convicted subpostmasters expected in July

  Law to overturn Post Office convictions based on computer evidence set to be introduced in July following unprecedented legislation

• February 22, 2024 22 Feb'24

  Inside LockBit: A ransomware gang in decline?

  The LockBit ransomware gang was already on the ropes prior to the NCA-led takedown, according to security researchers

• February 21, 2024 21 Feb'24

  CVE volumes set to increase 25% this year

  The number of reported Common Vulnerabilities and Exposures is likely to grow significantly in 2024, hitting a new high of almost 35,000, according to Coalition, a cyber insurance specialist

• February 21, 2024 21 Feb'24

  Co-op signs TCS deal for cloud-first push

  The Co-operative Group has contracted IT service provider Tata Consultancy Services to support its move to a cloud-first IT environment

• February 21, 2024 21 Feb'24

  Unisys investigating potential involvement in controversial Post Office system

  IT supplier wants to get to the bottom of its role in the distribution of the Post Office’s controversial Capture software, linked to potential wrongful convictions

• February 20, 2024 20 Feb'24

  Uber CEO denies pricing algorithm uses ‘behavioural patterns’

  Uber workers are concerned about what data is being used by the company’s algorithm to set variable pay and pricing levels after CEO Dara Khosrowshahi admits to using drivers’ ‘behavioural patterns’

• February 20, 2024 20 Feb'24

  LockBit locked out: Cyber community reacts

  Reaction to the takedown of the LockBit ransomware gang is enthusiastic, but tempered with the knowledge that cyber criminals are often remarkably resilient

• February 20, 2024 20 Feb'24

  LockBit gang members arrested in Poland and Ukraine

  The UK’s National Crime Agency and its global partners have shared more details on their audacious takedown of the LockBit ransomware operation, including news of two arrests

• February 20, 2024 20 Feb'24

  Government agrees law to protect confidential journalistic material from state hacking

  The government will update Investigatory Powers Act to require secret intelligence agencies to seek independent approval before accessing confidential journalistic material obtained by bulk hacking, but journalists remain vulnerable to other bulk ...

• February 20, 2024 20 Feb'24

  Alibaba Cloud debuts Model Studio

  Alibaba Cloud’s Model Studio provides access to its Qwen family of foundation models and other third-party models and a suite of tools to speed up training and deployment of large language models

• February 19, 2024 19 Feb'24

  Cops take down LockBit ransomware gang

  The notorious LockBit ransomware crew has been disrupted in an international law enforcement sting led by the UK's National Crime Agency

• February 19, 2024 19 Feb'24

  Controversial Post Office Capture system was developed in-house

  Second controversial Post Office system was the work of developers in its own IT operation

• February 16, 2024 16 Feb'24

  Post Office IT insider and the software decision that lit the Horizon scandal

  As the Post Office replaces its controversial Horizon software, a former Post Office IT executive describes disastrous mistakes of the past

• February 15, 2024 15 Feb'24

  Security-by-design push prompts new ISC2 accreditations

  Security-by-design has become a hot-button regulatory issue. ISC2 has decided now is the time to upskill cyber pros around these vital software and hardware development principles

• February 14, 2024 14 Feb'24

  Microsoft: Nation-state hackers are exploiting ChatGPT

  Threat actors from China, Iran, North Korea and Russia have all been probing use cases for generative AI service ChatGPT, but have yet to use such tools in a full-blown cyber attack

• February 14, 2024 14 Feb'24

  Microsoft patches two zero-days for Valentine’s Day

  Two security feature bypasses impacting Microsoft SmartScreen are on the February Patch Tuesday docket, among more than 70 issues

• February 14, 2024 14 Feb'24

  Post Office CEO refused to meet government minister without her lawyer after 2015 Horizon report

  Post Office statements on the Horizon system, whether to journalists or the government, were routinely carefully crafted by lawyers

• February 13, 2024 13 Feb'24

  How DBS is industrialising AI across its business

  Southeast Asia’s biggest lender is building a strong data foundation and upskilling employees on data and artificial intelligence to realise its vision of becoming an AI-fuelled bank

• February 13, 2024 13 Feb'24

  New variants of Qakbot malware under development

  Despite its infrastructure having been taken down by the FBI last year, someone appears to be actively working on a new and improved version of the infamous Qakbot malware

• February 13, 2024 13 Feb'24

  Hunter-killer malware volumes seen surging

  Latest Picus Security report on malware tactics, techniques and procedures reveals an increasing focus on disabling security defences

• February 12, 2024 12 Feb'24

  More than 1,000 subpostmasters could have used second faulty Post Office system

  More than 1,000 subpostmasters could have used a previous faulty computer system in their branches as more people come forward with information following Post Office scandal TV drama

• February 09, 2024 09 Feb'24

  Amazon defends facial-recognition tech sale to FBI despite moratorium

  The FBI has confirmed it is using Amazon’s Rekognition image and video analysis software, but Amazon says it is ‘false’ to suggest this violates the company’s self-imposed moratorium on selling facial-recognition technology to US police

• February 09, 2024 09 Feb'24

  MoD ethical hacking programme expands after initial success

  The Ministry of Defence has expanded the scope of its defensive security partnership with HackerOne

• February 08, 2024 08 Feb'24

  Swedish CIO contributes best practices for ethical use of artificial intelligence

  IT leaders are scrambling to keep up with AI technology, but many are losing sight of its ethical impact – and what CIOs need to do to ensure responsible use

• February 07, 2024 07 Feb'24

  NCSC warns CNI operators over ‘living-off-the-land’ attacks

  Malicious, state-backed actors may well be lurking in the UK’s most critical networks right now, and their operators may not even know until it is too late, warn the NCSC and its partners

• February 07, 2024 07 Feb'24

  Government reaffirms commitment to hold off on AI laws

  The UK government reaffirming its commitment hold off on artificial intelligence legislation has been received positively by industry for balancing innovation and safety

• February 07, 2024 07 Feb'24

  How Iranian cyber ops pivoted to target Israel after 7 October attacks

  Microsoft has shared new intelligence on how Iranian government-aligned threat actors have turned their fire on Israel over the past four months

• February 07, 2024 07 Feb'24

  South Staffs Water faces group action over Clop ransomware attack

  South Staffordshire Plc, the parent company of South Staffordshire and Cambridge Water, is facing legal action from customers whose data was compromised in a 2022 Clop ransomware attack

• February 07, 2024 07 Feb'24

  AI ID specialist Onfido in talks to be bought by Entrust

  UK-based cyber unicorn Onfido agrees to enter talks to be acquired by Entrust

• February 06, 2024 06 Feb'24

  UK’s McPartland Cyber Review to probe trust in technology

  The UK government has launched a cyber security review that will investigate how best to give businesses the confidence they need to use new technologies

• February 06, 2024 06 Feb'24

  UK government responds to AI whitepaper consultation

  The UK government is considering introducing binding legal requirements for companies developing the most powerful AI systems, and has outlined a range of funding to realise the ambitions of its ‘pro-innovation’ framework for artificial intelligence

• February 05, 2024 05 Feb'24

  US sanctions Iranians behind CNI cyber attacks

  US government issues new sanctions against six Iranians suspected of being behind a series of cyber attacks targeting critical national infrastructure, notably water supply systems

• February 02, 2024 02 Feb'24

  ‘People are now listening,' Post Office inquiry told as latest phase ends

  The latest phase of the public inquiry into the widest miscarriage of justice in modern UK history – the Post Office Horizon IT scandal – closes with a bang

• February 01, 2024 01 Feb'24

  Welsh workers’ AI experiences shaped by uneven power dynamics

  Workers in Wales are being negatively affected by the unregulated introduction of artificial intelligence into workplaces due to asymmetric power dynamics

• February 01, 2024 01 Feb'24

  Defra legacy IT: 180 applications refreshed, over 1,500 remain

  The Department for Environment, Food and Rural Affairs has a 10-year plan to update technology. So far, 180 have been replaced or updated

• January 31, 2024 31 Jan'24

  Forrester: Curb your AI enthusiasm

  Ongoing supply issues with semiconductors mean IT departments may have to wait up to a year for the latest hardware

• January 29, 2024 29 Jan'24

  Lords question legality of police facial recognition

  Lords committee ‘deeply concerned’ about the rapid expansion of live facial recognition by UK police, which it says is progressing without any real oversight or accountability

• January 29, 2024 29 Jan'24

  MP demands answers from government minister over second faulty Post Office IT system

  Kevan Jones MP highlighted evidence of injustices caused by a computer system used in Post Office branches prior to the introduction of the controversial Horizon system.

• January 26, 2024 26 Jan'24

  GenAI tools ‘could not exist’ if firms are made to pay copyright

  AI firm Anthropic hits out at copyright lawsuit filed by music publishers, claiming the content ingested into its models falls under ‘fair use’ and that any licensing regime would be too complex and costly

• January 26, 2024 26 Jan'24

  Akira ransomware gang claims Lush cyber attack

  The Akira ransomware gang claims to have stolen over 100GB of data from cosmetics manufacturer and retailer Lush

• January 26, 2024 26 Jan'24

  Lawyers carry on Post Office appeals amid uncertainty over government plan to overturn en masse

  Lawyers supporting former subpostmasters said they will continue appealing convictions as normal despite government plan to exonerate hundreds in one go

• January 26, 2024 26 Jan'24

  UK government consults on age verification tech in alcohol sales

  The government has said it wants to allow the use of digital identities and various age-verification technologies in alcohol sales

• January 26, 2024 26 Jan'24

  Expert IT witness outsmarted an ‘aggressive’ Post Office to get to truth after inspection ‘madness’

  The Post Office’s attempts to protect the Horizon system are well known, in light of the public inquiry and a recent TV drama, but Computer Weekly can reveal how an IT expert was treated during his investigation of Horizon

• January 25, 2024 25 Jan'24

  Bugcrowd sees surge in vulnerability submissions, led by public sector

  Crowdsourced vulnerability disclosure and bug bounty platform Bugcrowd says it saw a 151% uptick in submissions related to government and public sector organisations in 2023

• January 24, 2024 24 Jan'24

  WebKit vulnerability sparks Apple’s first major security update of 2024

  A zero-day in the open source WebKit browser engine that powers Safari has sparked Apple’s first major patch roll-out of the new year

• January 24, 2024 24 Jan'24

  Southern Water confirms cyber attack after Black Basta claims

  Southern Water, which supplies millions of customers in southeast England, has confirmed it has fallen victim to a cyber attack, although its services appear to be running normally

• January 24, 2024 24 Jan'24

  Inside Cisco’s security platform strategy

  Raj Chopra, senior vice-president of Cisco’s security business, outlines the company’s security platform strategy and how it brought different products together into a single platform

• January 24, 2024 24 Jan'24

  Critical vulnerability exposes Fortra GoAnywhere users

  Fortra GoAnywhere MFT users must take steps to address a newly disclosed zero-day vulnerability without delay

• January 24, 2024 24 Jan'24

  AI will heighten global ransomware threat, says NCSC

  The benefits of artificial intelligence to cyber criminals being well-known, the NCSC now assesses it’s likely AI will soon be widely used to enhance ransomware attacks