News

Managing IT and business issues

• October 26, 2023 26 Oct'23

  Exploitation of Citrix NetScaler vulns reaching dangerous levels

  Observed activity exploiting two new Citrix NetScaler vulnerabilities disclosed earlier this month is ramping up, and users may be running out of time to patch lest they be attacked

• October 25, 2023 25 Oct'23

  UK Finance paints mixed picture of fraud as losses top £500m

  UK losses to fraud in the first six months of the year topped £500m, but a slight decline in overall crime rates was observed, according to UK Finance’s latest data

• October 25, 2023 25 Oct'23

  1Password caught up in Okta support breach

  After breaches at BeyondTrust and Cloudflare, 1Password, a third customer of Okta operating in the same space, has revealed that it too was impacted in a breach of the IAM house’s support systems

• October 24, 2023 24 Oct'23

  Cisco hackers likely taking steps to avoid identification

  Cisco confirms that a drop in detections of devices compromised by two zero-days was likely the result of reactive measures taken by the threat actors to avoid discovery

• October 24, 2023 24 Oct'23

  Research team tricks AI chatbots into writing usable malicious code

  Researchers at the University of Sheffield have demonstrated that so-called Text-to-SQL systems can be tricked into writing malicious code for use in cyber attacks

• October 24, 2023 24 Oct'23

  Kaspersky opens up over spyware campaign targeting its staffers

  Kaspersky has shared more details of the TriangleDB spyware that was used against its own workforce by an unknown APT group

• October 24, 2023 24 Oct'23

  Customers speak out over Okta’s response to latest breach

  Customers of identity specialist Okta have been attacked via a compromise of its systems, and are claiming Okta’s response leaves something to be desired

• October 24, 2023 24 Oct'23

  Suzy Lamplugh Trust treads path to improved cyber resilience

  Personal safety charity enlists the support of the London Cyber Resilience Centre to improve staff awareness and strengthen its overall cyber resilience

• October 23, 2023 23 Oct'23

  Cisco pushes update to stop exploitation of two IOS XE zero-days

  Cisco releases updates to thwart exploitation of two flaws affecting users of its IOS XE software

• October 23, 2023 23 Oct'23

  How Ensign is leading the charge in cyber security

  Lee Fook Sun, chairman of Ensign InfoSecurity, traces the company’s journey and how it is leading the charge in cyber security by doing things differently, investing in R&D and engaging with the wider ecosystem

• October 20, 2023 20 Oct'23

  Computer Weekly contributor named Godfather of UK Security

  Advent IM founder Mike Gillespie was among those honoured at the eighth annual Security Serious Unsung Heroes Awards

• October 20, 2023 20 Oct'23

  Five Eyes chiefs warn of Chinese spying campaign to steal high-tech secrets

  Intelligence chiefs warn high-tech companies and universities they may be the target of attempts by the Chinese Communist Party to steal technology secrets

• October 20, 2023 20 Oct'23

  RagnarLocker cyber gang that pioneered double extortion busted

  Europol and the FBI have taken down the RagnarLocker ransomware crew, a long-standing gang that helped pioneer some now common tactics, taking its dark web negotiation and data leak sites offline

• October 19, 2023 19 Oct'23

  Nuclear regulator raps EDF over cyber compliance

  The Office for Nuclear Regulation says EDF has come up short on needed measures to improve cyber security standards at several critical UK nuclear facilities

• October 19, 2023 19 Oct'23

  Fears grow over extent of Cisco IOS XE zero-day

  Researchers have identified spiking numbers of victims of a recently disclosed Cisco zero-day, as users of the networking supplier’s IOS XE software are urged to take defensive measures

• October 19, 2023 19 Oct'23

  Sellafield local authority unsure if data was stolen six years on from North Korea ransomware attack

  Senior managers at an ‘Achilles heel’ local authority for Europe’s biggest nuclear site ‘still don’t know what was lost’ in a 2017 cyber attack, according to a council source

• October 19, 2023 19 Oct'23

  Government concedes it will miss 2024 e-prescribing target

  The government won’t meet its target to get rid of paper prescribing in hospitals by 2024, and has pushed the goal post back two years to 2026

• October 19, 2023 19 Oct'23

  SAP results highlight AI-driven business software

  SAP, like other enterprise software companies, is integrating artificial intelligence across its enterprise software portfolio

• October 18, 2023 18 Oct'23

  What are the cyber risks from the latest Middle Eastern conflict?

  The outbreak of war between Hamas and Israel in October 2023 has seen a wide variety of accompanying cyber attacks from hacktivists and other groups. We look at the risks to organisations

• October 18, 2023 18 Oct'23

  Former Post Office executive admits he wouldn’t sign unfair contract he pushed on subpostmasters

  Former contract manager said contract that subpostmasters had to sign with Post Office “put them on the hook” for everything

• October 17, 2023 17 Oct'23

  Five Eyes issues five tips on thwarting nation state threats

  Intelligence chiefs from the UK, Australia, Canada, New Zealand and the US have published guidance on building resilience against nation state cyber threats

• October 17, 2023 17 Oct'23

  UK Apple Store workers detail ‘union-busting’ tactics

  Apple Store workers in the UK are attempting to unionise, but say they are facing pushback from the company, which is allegedly deploying a variety of “union-busting” tactics

• October 17, 2023 17 Oct'23

  Alert sounded over dangerous Cisco IOS XE zero-day

  Cisco warns customers using its IOS XE software of a newly discovered vulnerability that could enable a threat actor to take over their systems

• October 17, 2023 17 Oct'23

  What it takes to succeed in DevSecOps

  Providing engineering leadership and balancing between speed and security are some areas that organisations will need to focus on in their DevSecOps journey

• October 16, 2023 16 Oct'23

  How APAC organisations are tapping generative AI

  Organisations in the region are deploying and experimenting with generative AI in healthcare, citizen services and other use cases amid cost-related concerns and other challenges

• October 13, 2023 13 Oct'23

  US SEC launches probe into mass MOVEit breach

  Progress Software is facing an investigation from the SEC for the breach of its MOVEit tool, as well as dozens of legal battles resulting from the exfiltration of personal data from the roughly 2,000 organisations affected

• October 13, 2023 13 Oct'23

  ‘Angry’ lawyer warned against Post Office computer investigation in 2010 email

  Angered by his exclusion from an important discussion, former Royal Mail lawyer told colleagues of the risks to the Post Office if, as planned, they publicly investigate allegations against its computer system

• October 12, 2023 12 Oct'23

  How generative AI and cloud complement each other

  McKinsey partner explains the symbiotic relationship between generative AI and cloud, enabling organisations to speed up cloud migration and harness the benefits of AI

• October 12, 2023 12 Oct'23

  Scottish biometrics watchdog outlines police cloud concerns

  Police Scotland’s response to the biometrics commissioner’s formal information notice ‘did not ameliorate’ his concerns about the sovereignty and security of the sensitive biometric information being uploaded to cloud infrastructure that is subject ...

• October 11, 2023 11 Oct'23

  Public sector buyers of AI tech must interrogate its suitability

  The Ada Lovelace Institute has published a review on public sector use of artificial intelligence foundation models, looking at the risks and opportunities associated with the technology, and how these can be dealt with from the early stages of ...

• October 11, 2023 11 Oct'23

  Telstra to acquire Versent for A$267.5m

  The move is expected to bolster Telstra’s enterprise IT services business and support international expansion

• October 10, 2023 10 Oct'23

  MGM faces £100m loss from cyber attack on its casinos

  MGM Resorts has provided further details on the fallout of the hack targeting its casinos in early September, confirming that a range of personal information has been stolen and that it will likely cost the firm around $100m

• October 05, 2023 05 Oct'23

  Microsoft: Nation-state cyber espionage on rise in 2023

  Microsoft’s latest Digital Defence Report outlines how nation-state cyber activity has largely moved from destructive attacks to espionage and intelligence gathering

• October 05, 2023 05 Oct'23

  Red Cross issues rules of engagement for hackers in conflicts

  The digital rules of engagement are the first time cyber activity has been looked at by the conflict watchdog, but a number of hacker groups have already come out and said they will not be following them

• October 05, 2023 05 Oct'23

  Ransomware dwell times now measured in hours, says Secureworks

  Ransomware payloads are now being deployed and executed within 24 hours in more than 50% of cases, according to Secureworks’ annual report

• October 04, 2023 04 Oct'23

  IR35: HMRC completes first phase of CEST upgrades with Ocelot platform migration

  HMRC has confirmed that its online IR35 status checker tool has completed its migration to a new platform, as the government tax collection agency’s revamp of the service continues apace

• October 04, 2023 04 Oct'23

  HPE hones GreenLake strategy with AI moves, hybrid cloud management

  HPE has evolved its GreenLake strategy over the past five years, expanding beyond its as-a-service offerings to include a capital purchase model and a strong focus on hybrid cloud management and AI

• October 04, 2023 04 Oct'23

  ICO issues guidance on workplace surveillance

  Guidance on employee monitoring covers how employers can conduct their digital surveillance lawfully, transparently and fairly, and warns against businesses intruding on their workers’ private lives

• October 03, 2023 03 Oct'23

  Cyber experts urge EU to rethink vulnerability disclosure plans

  The European Union’s proposed cyber security vulnerability disclosure measures are well-intentioned but ultimately counterproductive, as making unmitigated vulnerabilities public knowledge increases the risk of their exploitation by various actors, ...

• October 03, 2023 03 Oct'23

  Amnesia hides names of individuals behind Post Office’s ‘head on a spike’ strategy

  Former Post Office lawyer deflects individual responsibility for a strategy that crushed subpostmasters, blaming the organisation as a whole

• October 03, 2023 03 Oct'23

  Public sector needs systemic reform of capacity to innovate

  Improving the public sector’s capacity to innovate requires a culture of innovation underpinned by people, skills and new ways of working with the private sector

• October 03, 2023 03 Oct'23

  CIISec scores DSIT funding to expand successful CyberEPQ scheme

  DSIT has committed to enhanced funding to expand CIISec’s CyberEPQ education programme after recording excellent results to date

• October 03, 2023 03 Oct'23

  Top science journal faced secret attacks from Covid conspiracy theory group

  A conspiratorial group of extreme Brexit lobbyists mounted an extraordinary campaign against one of the world’s most prestigious science journals – part of a series of joint investigations between Byline Times and Computer Weekly

• October 02, 2023 02 Oct'23

  How the Australian government is approaching AI

  The Australian government is experimenting with AI use cases in a safe environment while it figures out ways to harness the technology to benefit citizens and businesses

• September 29, 2023 29 Sep'23

  Government ‘breached privacy’ of Horizon victims with compensation offer, says lawyer

  The government breached the privacy of victims of the Post Office Horizon scandal through making a compensation offer public

• September 29, 2023 29 Sep'23

  Scottish watchdog urges wider biometric oversight

  Scotland’s biometrics watchdog urges Scottish Parliament to extend oversight of biometric information to include the entire criminal justice system, not just police

• September 28, 2023 28 Sep'23

  Strasbourg court condemns Turkey for jailing teacher for using ByLock encrypted messaging app

  The case is expected to have implications for the use of digital evidence in prosecutions against users of other encrypted phone apps

• September 28, 2023 28 Sep'23

  US lawmakers write to AI firms about ‘gruelling’ work conditions

  Lawmakers have written to nine tech companies – including Amazon, Google and Microsoft – about the working conditions of those they employ to train and maintain their artificial intelligence systems, giving them until 11 October 2023 to respond

• September 28, 2023 28 Sep'23

  Businesses disconnected from realities of API security

  Business leaders feel confident they’ve got a handle on API security, but at the same time, incidents are through the roof, according to a report

• September 28, 2023 28 Sep'23

  Security and risk management spending to grow 14% next year

  Growth in public cloud services will stand out over the next 12 months, as Gartner projects an overall 14% increase in cyber spending in 2024