News

Managing IT and business issues

• October 03, 2023 03 Oct'23

  Amnesia hides names of individuals behind Post Office’s ‘head on a spike’ strategy

  Former Post Office lawyer deflects individual responsibility for a strategy that crushed subpostmasters, blaming the organisation as a whole

• October 03, 2023 03 Oct'23

  Public sector needs systemic reform of capacity to innovate

  Improving the public sector’s capacity to innovate requires a culture of innovation underpinned by people, skills and new ways of working with the private sector

• October 03, 2023 03 Oct'23

  CIISec scores DSIT funding to expand successful CyberEPQ scheme

  DSIT has committed to enhanced funding to expand CIISec’s CyberEPQ education programme after recording excellent results to date

• October 03, 2023 03 Oct'23

  Top science journal faced secret attacks from Covid conspiracy theory group

  A conspiratorial group of extreme Brexit lobbyists mounted an extraordinary campaign against one of the world’s most prestigious science journals – part of a series of joint investigations between Byline Times and Computer Weekly

• October 02, 2023 02 Oct'23

  How the Australian government is approaching AI

  The Australian government is experimenting with AI use cases in a safe environment while it figures out ways to harness the technology to benefit citizens and businesses

• September 29, 2023 29 Sep'23

  Government ‘breached privacy’ of Horizon victims with compensation offer, says lawyer

  The government breached the privacy of victims of the Post Office Horizon scandal through making a compensation offer public

• September 29, 2023 29 Sep'23

  Scottish watchdog urges wider biometric oversight

  Scotland’s biometrics watchdog urges Scottish Parliament to extend oversight of biometric information to include the entire criminal justice system, not just police

• September 28, 2023 28 Sep'23

  Strasbourg court condemns Turkey for jailing teacher for using ByLock encrypted messaging app

  The case is expected to have implications for the use of digital evidence in prosecutions against users of other encrypted phone apps

• September 28, 2023 28 Sep'23

  US lawmakers write to AI firms about ‘gruelling’ work conditions

  Lawmakers have written to nine tech companies – including Amazon, Google and Microsoft – about the working conditions of those they employ to train and maintain their artificial intelligence systems, giving them until 11 October 2023 to respond

• September 28, 2023 28 Sep'23

  Businesses disconnected from realities of API security

  Business leaders feel confident they’ve got a handle on API security, but at the same time, incidents are through the roof, according to a report

• September 28, 2023 28 Sep'23

  Security and risk management spending to grow 14% next year

  Growth in public cloud services will stand out over the next 12 months, as Gartner projects an overall 14% increase in cyber spending in 2024

• September 28, 2023 28 Sep'23

  Yahoo picks Intigriti to run crowdsourced bug bounty programme

  Digital media brand Yahoo is setting up a crowdsourced bug bounty programme with ethical hacking specialist Intigriti, and is reaching out to the Capture the Flag community to participate

• September 27, 2023 27 Sep'23

  Five more subpostmasters have IT system-related convictions overturned

  Over 90 former subpostmasters have so far seen wrongful convictions overturned since it was proved that software errors were to blame for accounting shortfalls

• September 27, 2023 27 Sep'23

  Researchers offer free threat briefings on Vegas casino hackers

  Permiso, a cloud detection and response startup, is making its threat intel team available to speak on Scattered Spider, the group behind recent cyber attacks on MGM Resorts and Caesars Entertainment

• September 27, 2023 27 Sep'23

  City of Las Vegas masters cyber incident response with Darktrace

  The high-rolling city of Las Vegas experiences unique cyber security challenges rarely seen elsewhere. CIO Mike Sherwood reveals how he turned to Darktrace to help address incidents quicker and with confidence

• September 26, 2023 26 Sep'23

  Sony alleged victim of new extortion gang

  A little-known threat actor claims it has breached IT systems and networks at electronics and entertainment giant Sony, and is threatening to release the organisation’s data unless paid off

• September 26, 2023 26 Sep'23

  IT contractors ‘forced against their will’ to work for umbrella companies, survey finds

  Research conducted by contracting authority ContractorCalculator paints a bleak picture of the plight of IT contractors ‘forced’ to provide their services through umbrella firms

• September 26, 2023 26 Sep'23

  Cover-ups still the norm in the wake of a cyber incident

  Almost half of organisations that have experienced a cyber incident did not report it to the appropriate authorities, according to a report

• September 26, 2023 26 Sep'23

  Crest and IASME to deliver upcoming NCSC Cyber Exercise programme

  Crest and IASME have been tasked with assuring that security services providers signing up to a soon-to-launch NCSC Cyber Incident Exercising scheme are up to the job

• September 25, 2023 25 Sep'23

  Apple fixes three vulnerabilities found by spyware researchers

  Apple has patched three more vulnerabilities uncovered by spyware and surveillance researchers at The Citizen Lab

• September 22, 2023 22 Sep'23

  Annual Security Serious Awards nominations announced

  Annual Security Serious Awards will recognise the professionals and organisations doing the most to safeguard and advance cyber security, as well as those committed to diversity and mental health in the industry

• September 22, 2023 22 Sep'23

  UK-US data bridge to open to traffic on 12 October

  Government forges ahead with the implementation of the UK-US data bridge, which will come into effect for real just under three weeks from now

• September 22, 2023 22 Sep'23

  Cyber experts set out plan to secure future US elections

  A group of experts are setting out to enhance election cyber security in the United States, and restore public faith in a process tainted by interference and misinformation in the past

• September 22, 2023 22 Sep'23

  Lords begin inquiry into large language models

  Lords will examine the risks and opportunities of large language models and look at how government can effectively manage them in the coming years

• September 21, 2023 21 Sep'23

  Cisco snaps up Splunk in $28bn application observability deal

  The acquisition builds out Cisco’s observability portfolio, with AI-based full-stack observability for hybrid cloud environments

• September 21, 2023 21 Sep'23

  ‘Top’ ransomware gangs favour smaller businesses

  Despite high-profile attacks on prominent organisations, the world’s most prolific ransomware operations tend to target smaller businesses

• September 21, 2023 21 Sep'23

  Poor digital experience a blocker for cyber resilience

  Organisations that neglect the digital employee experience are not only vulnerable to employee attrition, but putting themselves at increased cyber risk, an Ivanti report finds

• September 20, 2023 20 Sep'23

  Organisations failing to proactively address insider cyber risk

  Organisations are spending less than 10% of their annual security budgets on trying to solve one of the costliest problems in cyber: insider risk

• September 19, 2023 19 Sep'23

  Braverman puts pressure on Meta to pause end-to-end encryption plans

  The home secretary is calling on Meta to halt its plans to introduce encrypted messaging services on Facebook and Instagram until the company puts measures in place to detect abuse

• September 19, 2023 19 Sep'23

  New revelations from the Snowden archive surface

  A decade after Snowden exposed NSA’s mass surveillance in cooperation with the British GCHQ, only about 1% of the documents have been published – but three major facts can finally be revealed thanks to a doctoral thesis in applied cryptography by ...

• September 19, 2023 19 Sep'23

  Post Office employee changed story for witness statement used to destroy subpostmaster

  Post Office inquiry hears how an auditor changed her story about a subpostmaster to help win court battle

• September 19, 2023 19 Sep'23

  Okta confirms link to cyber attacks on Las Vegas casinos

  Okta CISO David Bradbury confirms widespread speculation about the high-profile cyber attacks on two Las Vegas casino operators, revealing that the threat actors responsible had indeed abused its services as they earlier claimed

• September 19, 2023 19 Sep'23

  38TB Microsoft data leak highlights risks of oversharing

  An accidentally disclosed SAS token with excessive privileges enabled researchers to access nearly 40TB of Microsoft’s data, highlighting the risks of privilege mismanagement and oversharing

• September 19, 2023 19 Sep'23

  Nominet and European counterparts link up on intelligence sharing

  The new European TLD ISAC, a collaborative project between top-level domain providers across Europe, aims to enhance their collective security posture to better protect internet users

• September 18, 2023 18 Sep'23

  Government offers £600,000 to subpostmasters with overturned convictions

  Subpostmasters wrongfully convicted of financial crimes based on evidence from faulty Horizon software will be offered £600,000 compensation by government

• September 18, 2023 18 Sep'23

  Unregulated DeFi services abused in latest pig butchering twist

  Pig butchering scammers are taking advantage of the unregulated nature of DeFi crypto trading apps to siphon off even more money from their victims, according to the latest findings of an ongoing investigation

• September 18, 2023 18 Sep'23

  Government seeks industry views on cyber threat to UK CNI

  The Science, Innovation and Technology Select Committee is seeking evidence from the cyber sector as it launches an inquiry into the resilience of the UK's critical national infrastructure

• September 15, 2023 15 Sep'23

  TikTok fined €345m under GDPR for failing to protect children’s privacy

  Data protection regulators warn social media companies to take all necessary measures to protect children’s privacy

• September 15, 2023 15 Sep'23

  Las Vegas mainstay Caesars Palace likely paid off ransomware crew

  Caesars Entertainment, owner of the lavish Roman Empire-themed Caesars Palace casino in Las Vegas, has revealed it also suffered a ransomware attack, and appears to have paid off its hackers

• September 15, 2023 15 Sep'23

  UK space sector needs more people with AI skills, according to survey

  Space sector survey shows machine learning and artificial intelligence skills are highly sought after, as the industry struggles to recruit and retain people with the necessary talent

• September 15, 2023 15 Sep'23

  Manchester police data breach a classic supply chain incident

  The developing data breach at Greater Manchester Police follows a cyber attack on the systems of a key supplier of ID services to the force

• September 14, 2023 14 Sep'23

  Data on over 3,000 Airbus suppliers leaked after breach

  An emergent threat actor has leaked details of multiple sensitive Airbus suppliers after claiming to have accessed the firm’s systems having hacked customer Turkish Airlines

• September 14, 2023 14 Sep'23

  BlackCat on the hook for cyber attack that crippled Vegas casinos

  The ALPHV/BlackCat ransomware operation claimed responsibility for an attack that forced MGM Resorts to shut down systems at some of Las Vegas’ most popular gambling venues

• September 14, 2023 14 Sep'23

  Google, Microsoft and Mozilla push browser updates to foil zero-day

  A zero-day in Google’s Chrome browser was first reported by surveillance researchers at The Citizen Lab and Apple, but also affects other browsers

• September 14, 2023 14 Sep'23

  As vehicle safety regulations loom, carmakers fret over cyber risks

  Global, UN-backed car safety and security regulations come into force next year, and automotive bosses say they are not only unprepared, but “swamped” by a tide of compliance and security risks

• September 13, 2023 13 Sep'23

  GitHub fixes race condition that could have led to ‘repojacking’

  A subtle flaw in how GitHub handled repository creation and user renaming could have had serious consequences for the open source community, but has now been fixed. Learn more about how it worked

• September 13, 2023 13 Sep'23

  BianLian ransomware gang holds Save the Children hostage

  The dangerous and prolific BianLian ransomware gang claims to have stolen almost 7TB of data from NGO Save the Children, but thankfully the charity’s vital work on the ground appears to be unaffected

• September 13, 2023 13 Sep'23

  Storm-0324 gathers over Microsoft Teams

  An initial access broker associated with several different ransomware operations is now conducting Microsoft Teams phishing attacks

• September 13, 2023 13 Sep'23

  NCSC and ICO sign MoU to forge deeper collaborative links

  The scope of the MoU signed by the NCSC and the ICO includes collaboration on new cyber regulations and guidance, and how to support cyber attack victims appropriately and minimise regulatory penalties

• September 13, 2023 13 Sep'23

  Patch Tuesday: Microsoft fixes zero-days in Word and Streaming Service

  September 2023 brings a light Patch Tuesday, with two zero-days and five critical vulnerabilities listed in the latest release