News
Managing IT and business issues
-
April 21, 2022
21
Apr'22
Impact of Lapsus$ attack on Okta less than feared
Okta’s investigation into Lapsus$ breach of its systems via a Sitel workstation has concluded that the impact was significantly less than the maximum potential
-
April 21, 2022
21
Apr'22
Tech to account for over half of regulatory compliance spending
By 2026, regtech will account for more than half of the money that businesses spend on compliance with regulations
-
April 21, 2022
21
Apr'22
European cities moving fast to change business of parking
German cities are using the latest smart parking technology to reduce traffic and car pollution while collecting more fees for parking
-
April 21, 2022
21
Apr'22
More Scottish subpostmaster conviction reviews expected as part of Post Office scandal
The Scottish Criminal Cases Review Commission expects more subpostmasters with potential wrongful convictions to come forward
-
April 20, 2022
20
Apr'22
AWS fixes vulnerabilities in Log4Shell hot patch
AWS issues fixes for a series of Log4Shell hot patches after they turned out to leave its services vulnerable to further exploitation
-
April 20, 2022
20
Apr'22
Nationwide Building Society streamlines payment dispute process through software
Building society has speeded up the resolution of customer disputes over Visa payments by using Pegasystems software
-
April 20, 2022
20
Apr'22
Financial Ombudsman Service chooses TCS as digital transformation partner
Tata Consultancy Services will build and implement key systems as part the Financial Ombudsman Service’s digital transformation
-
April 19, 2022
19
Apr'22
Median threat actor ‘dwell time’ dropped during 2021
Security teams appear to be getting better at detecting attackers within their networks, according to a report
-
April 19, 2022
19
Apr'22
Softbank and UnaBiz team up on internet of robotic things
Japan’s Softbank Robotics and Singapore-based UnaBiz are bringing IoT and robotics technology together to improve facilities management, among other applications
-
April 14, 2022
14
Apr'22
Kyndryl kindles cyber incident recovery pact with Dell
IBM spin-out Kyndryl hops into bed with Dell Technologies in a joint cyber resilience proposition
-
April 14, 2022
14
Apr'22
Zhadnost DDoS botnet deployed against Finland
A coordinated DDoS attack hit two government ministries in Finland at the same time as Ukrainian president Volodymyr Zelensky delivered a virtual address to the Finnish parliament
-
April 14, 2022
14
Apr'22
Incontroller ICS malware has ‘rare, dangerous’ capabilities, says Mandiant
Mandiant joins a growing chorus of warnings over novel nation state threats to ICS systems
-
April 13, 2022
13
Apr'22
Hybrid work catching on in India
More tech workers in India now enjoy flexi-work arrangements and higher salaries, but talent retention remains an issue in the subcontinent, study finds
-
April 13, 2022
13
Apr'22
WatchGuard firewall users urged to patch Cyclops Blink vulnerability
The US authorities have seen fit to add the WatchGuard vulnerability used by Sandworm to build the Cyclops Blink botnet to its list of must-patch vulnerabilities
-
April 13, 2022
13
Apr'22
Microsoft patches two zero-days, 10 critical bugs
Patch Tuesday is here once again. This month, security teams must fix two privilege escalation zero-days in the Windows Common Log File System Driver and the Windows User Profile Service
-
April 13, 2022
13
Apr'22
Criminals researched hacking TTPs post-breach in ‘messy’ cyber attack
Sophos shares details of a cyber attack that saw attackers hang out in their victim environment for five months while they prepared to sow further mischief
-
April 12, 2022
12
Apr'22
Universal IAM policy failings put cloud environments at risk
Almost all organisations lack appropriate IAM policy controls to effectively secure their data in the cloud, according to a damning study
-
April 12, 2022
12
Apr'22
Multiple arrests made in RaidForums takedown
A Portuguese national and a 21-year-old man from Croydon are among a number of individuals arrested ahead of the closure of RaidForums by police
-
April 12, 2022
12
Apr'22
Sandworm rolls out Industroyer2 malware against Ukraine
A second generation of the Sandworm-linked Industroyer malware has been identified by ESET researchers and Ukraine’s national CERT
-
April 11, 2022
11
Apr'22
Border IT system fixed after 10-day outage
Post-Brexit border IT system failure fixed after going down at the start of April, allowing traders to once again file customs documents electronically rather than by hand
-
April 11, 2022
11
Apr'22
Open source CMS platform Directus patches XSS bug
A stored cross-site scripting vulnerability in the Directus platform could have enabled malicious actors to gain access to valuable data
-
April 11, 2022
11
Apr'22
Mastercard opens European tech hub in Dublin
Mastercard is doubling its technology workforce in Dublin through a new European tech hub in the Irish capital
-
April 11, 2022
11
Apr'22
Raspberry Pi Foundation ditches default username policy
Raspberry Pi owners will no longer be able to use the default ‘pi’ username, as the Raspberry Pi Foundation clamps down on insecure practices
-
April 08, 2022
08
Apr'22
Ukrainian cyber criminal gets five years in jail
A US court has sentenced Denys Iarmak, who worked as a penetration tester for the FIN7 cyber crime group, to a five-year prison sentence
-
April 08, 2022
08
Apr'22
Was Spring4Shell a lot of hot air? No, but...
Find out why Spring4Shell was apparently not as impactful a security problem as many had at first feared, and why it’s on the cyber community as a whole to do better
-
April 08, 2022
08
Apr'22
IT contractors warned as HMRC draws on ‘IR35-adjacent’ legislation in tax avoidance clampdown
IT contractors are being urged to take action now, as details emerge about how HM Revenue & Customs is drawing on some IR35-adjacent legislation to send out five-figure tax bills to individuals who engage with contractor-focused accountants
-
April 07, 2022
07
Apr'22
US shuts down Russia’s Cyclops Blink botnet operation
Operation by US authorities has taken the Russia-attributed Cyclops Blink botnet ‘off the board’
-
April 07, 2022
07
Apr'22
Banks should be able to integrate e-krona into existing systems, says Swedish regulator
Swedish financial services regulator says banks and service providers should be able to integrate a potential digital currency into existing systems
-
April 06, 2022
06
Apr'22
APAC organisations to spend more on AI
The higher investments in AI will be led by the region’s banking industry which is harnessing AI systems to mitigate risks and detect fraud
-
April 06, 2022
06
Apr'22
Apple criticised over unpatched CVEs in Catalina, Big Sur
Apple patched two zero-days in macOS Monterey last week, but did not address the same issue in Catalina or Big Sur, raising questions
-
April 06, 2022
06
Apr'22
Denonia malware may be first to target AWS Lambda
The newly discovered Denonia malware appears to be custom designed to target AWS Lambda environments, and may be the first of its kind
-
April 06, 2022
06
Apr'22
Hydra takedown merely shifts cyber criminal problem elsewhere
The seizure of the Hydra dark web marketplace is a positive development in the fight against cyber crime, but will only be a temporary setback for determined criminals
-
April 05, 2022
05
Apr'22
Structured decentralisation is the key to unlocking Nordic-level innovation
Finnish tech entrepreneurs will be taking the stage at the World Economic Forum to tell the world about the role of trust in Finnish startup success
-
April 05, 2022
05
Apr'22
Secrecy over police EncroChat hacking is unconstitutional, defence lawyers tell top French court
France’s constitutional court, the Conseil Constitutionnel, has heard arguments that the use of ‘defence secrecy’ to withhold information about police surveillance operations breaches the French constitution
-
April 05, 2022
05
Apr'22
Discount retailer The Works hit by cyber attack
A small number of The Works’ bricks-and-mortar stores were forced to close amid a cyber attack of an undisclosed nature
-
April 05, 2022
05
Apr'22
Triple-threat Borat malware no joke for victims
Unlike its namesake, the newly discovered Borat malware won’t raise a smile for IT security pros
-
April 05, 2022
05
Apr'22
Zopa bank profitable after just 21 months
The bank that emerged from peer-to-peer lending pioneer has hit its first profit after 21 months of operation
-
April 05, 2022
05
Apr'22
Saudi Arabian ICT sector hits $32.1bn after strong pandemic response
The Saudi Arabian IT and communications sector is recovering strongly from the Covid-19 pandemic
-
April 04, 2022
04
Apr'22
Fujitsu bags £430m government contracts despite rising cost of Post Office Horizon scandal
Fujitsu has won two huge government IT contracts, worth over £400m, while taxpayers face footing the massive bill for the Post Office scandal caused by its software
-
April 01, 2022
01
Apr'22
Two teenagers charged with Lapsus$ cyber attacks
City of London Police have charged two teenagers in connection with the Lapsus$ cyber crime spree
-
April 01, 2022
01
Apr'22
Apple drops emergency patches for two zero-days
Apple has fixed two zero-day vulnerabilities that appear to have been actively exploited in the wild
-
March 31, 2022
31
Mar'22
Bank fraud prevention scheme blocked £60m in fraud last year
Scheme to catch fraudsters, including online scammers, before they commit their crimes has reported a significant increase in crimes prevented
-
March 31, 2022
31
Mar'22
Lapsus$ cyber crime spree continues despite arrests
The arrests of seven people in connection with the Lapsus$ cyber crime group has not dented the gang’s enthusiasm for causing chaos
-
March 31, 2022
31
Mar'22
Spring4Shell zero-day sprung on security teams
Some are describing a newly disclosed Spring Java framework vulnerability as the next Log4Shell, but what is Spring4Shell, and what can we do about it?
-
March 31, 2022
31
Mar'22
BCS Pride group calls for end to transphobia in tech
The BCS has called for an end to transphobic abuse and harassment in the technology industry
-
March 30, 2022
30
Mar'22
Compensation goal finally in sight for 555 Post Office scandal victims
The subpostmaster campaign group which exposed the Post Office Horizon scandal could be close to achieving the objective it was established for, with fair compensation for its members in sight
-
March 30, 2022
30
Mar'22
One-third of UK firms suffer a cyber attack every week
New statistics from the annual DCMS Cyber security breaches survey reveal the extent and frequency with which UK organisations are being attacked by malicious actors
-
March 30, 2022
30
Mar'22
Why integration and automation are two sides of the same coin
Workato’s regional leader explains why integration and automation are intertwined and how the company is addressing the Asia-Pacific market
-
March 29, 2022
29
Mar'22
NCSC: Not necessarily wise to ditch Kaspersky
UK’s National Cyber Security Centre issues refreshed guidance on organisations’ usage of technology and services of Russian origin, but stops short of advising users to expunge all Russian products from their IT estates
-
March 29, 2022
29
Mar'22
Wave of Log4j-linked attacks targeting VMware Horizon
Sophos issues a new warning to organisations that have so far failed to patch their VMware Horizon servers against Log4Shell