News
Managing IT and business issues
-
March 01, 2022
01
Mar'22
BBC blasted with millions of malicious emails
Responding to an FoI request, the BBC has revealed it receives more than 300,000 malicious email attacks every day
-
March 01, 2022
01
Mar'22
ESET details new IsaacWiper malware used on Ukraine
Having been among the first to report on the HermeticWiper malware used against Ukraine last week, ESET has now identified another destructive malware called IsaacWiper
-
March 01, 2022
01
Mar'22
Nationwide suffers payday payments outage
Nationwide customers were left unable to pay bills on payday as the building society suffered a software outage
-
February 28, 2022
28
Feb'22
Ukraine cyber attacks seen spiking, but no destructive cyber war yet
While cyber attacks linked to Russia’s war on Ukraine are taking place, they are having little impact beyond the region
-
February 28, 2022
28
Feb'22
Government set to backtrack on untenable position on subpostmaster compensation
The government looks set to backtrack on its previous stance and outline a means of providing fair compensation to a group of Post Office Horizon scandal victims so far left out of compensation schemes
-
February 24, 2022
24
Feb'22
Researchers link Dridex botnet to emergent Entropy ransomware
A little-known new ransomware called Entropy contains significant code similarities to the general purpose Dridex botnet, suggesting some kind of link between the two
-
February 24, 2022
24
Feb'22
KnowBe4 cyber drama tackles Colonial Pipeline in fourth season
KnowBe4’s ongoing cyber security training drama, The Inside Man, reaches its fourth season with a plot drawing inspiration from one of the most impactful cyber attacks of 2021
-
February 24, 2022
24
Feb'22
New wave of cyber attacks on Ukraine preceded Russian invasion
A wave of DDoS attacks, and a second data wiper attack, were seen hitting Ukraine in the hours leading up to the Russian invasion
-
February 24, 2022
24
Feb'22
Security organisations form Nonprofit Cyber coalition
Founding members of the Nonprofit Cyber coalition pledge to enhance joint action on cyber security around the world
-
February 24, 2022
24
Feb'22
New cyber guidelines to safeguard construction sector
NCSC launches sector-specific security guidance for organisations in the construction industry, with input from the Chartered Institute of Building
-
February 24, 2022
24
Feb'22
Russia behind dangerous Cyclops Blink malware
Joint NCSC CISA advisory attributes a dangerous malware, dubbed Cyclops Blink, to Russia’s Sandworm APT, likely a GRU unit, with WatchGuard users at particular risk
-
February 23, 2022
23
Feb'22
Paid-for advertising still not covered in Online Safety Bill
Consumer group Which? calls again for government to include measures against scam paid-for advertising in the Online Safety Bill
-
February 23, 2022
23
Feb'22
Salesforce pays out over £2m in bug bounties
Salesforce says it received more than 4,000 vulnerability reports in 2021 alone as it delivers a rare public update on its bug bounty programme
-
February 23, 2022
23
Feb'22
Microsoft extends Defender umbrella to Google Cloud Platform
Redmond says extending Defender for Cloud native capabilities to the Google Cloud Platform will help simplify security for organisations pursuing multicloud strategies by eliminating the gaps where the bad guys can get in
-
February 23, 2022
23
Feb'22
Backups ‘no longer effective’ for stopping ransomware attacks
Traditional methods of mitigating ransomware are less efficacious thanks to the rise in double and triple extortion techniques
-
February 23, 2022
23
Feb'22
Attempted burglary exposes risk of NatWest customer data in former worker’s home
Former Royal Bank of Scotland employee offers bank a compromise in her dispute over the return of confidential customer information
-
February 22, 2022
22
Feb'22
Horizon inquiry questioning raises hopes of fair compensation for victims so far left out
Post Office Horizon scandal victims left out of current compensation schemes have had their hopes raised that the statutory public inquiry is seriously addressing their demands for fair financial redress
-
February 22, 2022
22
Feb'22
UK organisations swift to chide phishing victims
While UK organisations are doing better at security training, many are quick to punish employees who fall victim to phishing attacks, whether real or simulated
-
February 21, 2022
21
Feb'22
Zoom gains NCSC Cyber Essentials Plus and NHS security badges
Video platform Zoom has added a number of UK-specific cyber certifications to help it demonstrate its platform is safeguarded against common threats
-
February 21, 2022
21
Feb'22
Union pushes for collective bargaining around technology and data
Prospect union releases guidance on how workers and unions can engage employers over the use of technology at work, with particular emphasis on the need to include technology provisions in collective bargaining agreements
-
February 21, 2022
21
Feb'22
UK joins US in pinning Ukraine DDoS attacks on Russia
A series of DDoS attacks on Ukrainian defence and banking organisations last week is now being firmly attributed to Russian action
-
February 18, 2022
18
Feb'22
UK organisations untroubled by Trickbot surge
A surge in Trickbot infections is targeting some of the world’s most prominent brands, but UK organisations seem thankfully unaffected
-
February 18, 2022
18
Feb'22
The British people are waking up to the scandal that happened under their noses
Victims of the Post Office Horizon scandal have been suffering in silence for many years, but the current public inquiry is giving them a voice, and people are listening
-
February 17, 2022
17
Feb'22
How Signify accelerated automation projects as pandemic challenges mounted
Dutch lighting manufacturer used robotic process automation technology to help it address Covid-19-inflicted disruption
-
February 17, 2022
17
Feb'22
Helsinki helps lay the groundwork for cities to take on healthcare drones
Finnish capital is part of a pan-EU project to introduce drone technology into emergency medical services
-
February 16, 2022
16
Feb'22
MPs demand urgent compensation for Post Office scandal victim group
MPs have called for the government to urgently provide fair compensation to a group of victims of the Post Office Horizon scandal who have so far been left out of compensation schemes
-
February 16, 2022
16
Feb'22
DDoS attacks hit Ukrainian defence ministry and banks
A further wave of cyber attacks has taken place against targets in Ukraine amid heightened tension in the region
-
February 16, 2022
16
Feb'22
BlackCat ransomware gang claims responsibility for Swissport attack
Ransomware gang is trying to offload 1.6TB of data stolen from aviation services firm
-
February 16, 2022
16
Feb'22
CIO interview: Steve Williams, M&A lead and IT director, Waterstons
Steve Williams is applying decades of CIO experience to the advice he gives businesses during major mergers and acquisitions
-
February 15, 2022
15
Feb'22
Botched third-party configuration exposes Internet Society data to web
Personal data on members of The Internet Society was exposed after a supplier failed to secure its Azure storage
-
February 15, 2022
15
Feb'22
UK finance regulator effects changes to ‘buy now, pay later’ contract terms
BNPL finance providers have agreed to make their contracts with consumers fairer, amid concerns
-
February 15, 2022
15
Feb'22
TA2451 targets aviation and transport sector with tailored lures
Newly designated cyber criminal group favours highly specific lures and a tried-and-tested modus operandi to compromise targets in the aviation, aerospace and transport sectors
-
February 15, 2022
15
Feb'22
NatWest group shutters 32 more branches as digital shift continues
Banking group announces more branch closures as part of its digital transformation, but promises that no customers will be left behind
-
February 15, 2022
15
Feb'22
Australian public sector facing transformation challenges
Public sector organisations in Australia are facing organisational and technological challenges in driving back-office innovation and digital-first strategies, new study finds
-
February 15, 2022
15
Feb'22
China emerges as leader in vulnerability exploitation
Threat actors linked to China are emerging as a significant force in the weaponisation of newly discovered CVEs
-
February 14, 2022
14
Feb'22
India to invest $1bn in quantum computing
India plans to invest $1bn over the next five years to advance its capabilities in quantum technology, but it will need to have a tailored approach and to address the skills gap to succeed
-
February 11, 2022
11
Feb'22
Finance Bill Sub-Committee blames IR35 for ‘concerning’ rise in umbrella company contractors
The House of Lords Finance Bill Sub-Committee has shared the findings of its latest inquiry into the impact the IR35 reforms have had on the way contracting works
-
February 11, 2022
11
Feb'22
Why security professionals should pay attention to what Russia is doing
Even though the average organisation is an unlikely target for a Russian state cyber attack, here's why security teams still need to watch what Russian threat groups are up to
-
February 11, 2022
11
Feb'22
The birth of Estonia’s digital civil servant
As Estonia finalises the initial version of its government services digital assistant for launch later this year, the man heading the project describes the birth of Bürokratt and beyond
-
February 11, 2022
11
Feb'22
Hackney Council could be forced to answer questions about IT security training after Psya ransomware
Council is negotiating with the information commissioner after refusing to reply to questions under the Freedom of Information Act about staff IT and security training during the pandemic
-
February 10, 2022
10
Feb'22
IR35 reforms: HMRC slammed for ‘over-collecting tax’ from non-compliant public sector bodies
HMRC has moved to play down claims it is collecting more tax than it is due when tackling non-compliance with the IR35 reforms in the public sector
-
February 10, 2022
10
Feb'22
IR35: NAO slams HMRC’s ‘haphazard’ roll-out of off-payroll reforms to public sector
National Audit Office’s 60-page report on the 2017 roll-out of the IR35 reforms claims HMRC’s actions made non-compliance a ‘highly likely’ outcome for public sector bodies
-
February 09, 2022
09
Feb'22
Linux-based clouds an open door for attackers, says VMware
Its prevalence as a cloud operating system means Linux is becoming a meal ticket for malicious actors, but the security industry does not seem to have cottoned on to this yet, says VMware
-
February 09, 2022
09
Feb'22
Ransomware ever more sophisticated and impactful, warns NCSC
UK’s National Cyber Security Centre teams up with US and Australian partners in a joint advisory warning organisations of the increasing sophistication exhibited by criminal ransomware gangs
-
February 09, 2022
09
Feb'22
Microsoft stomps on 48 bugs in February Patch Tuesday update
It’s a light Patch Tuesday for February 2022, as Microsoft issues fixes for just 48 CVEs, including a solitary zero-day
-
February 09, 2022
09
Feb'22
Post Office scandal victims to tell their stories in public
Victims of the Post Office Horizon scandal are due to tell their devastating stories to the statutory inquiry
-
February 08, 2022
08
Feb'22
DPD delivers swift fix for serious API flaw
API vulnerability potentially left PII on DPD Group’s customers dangerously exposed, but was rapidly fixed on disclosure
-
February 08, 2022
08
Feb'22
Microsoft to start blocking macros to thwart malware
Microsoft is making changes to web macro permissions across multiple Office apps to help improve user security
-
February 08, 2022
08
Feb'22
The Security Interviews: Building the UK’s future cyber ecosystem
As the government lays out the next iteration of its Cyber Security Strategy, we speak to Plexal and Lorca’s Saj Huq about his work building a cyber ecosystem to support the UK’s future ambitions
-
February 07, 2022
07
Feb'22
Airport services firm thwarts attempted ransomware heist
Aviation services provider Swissport says its systems are mostly back up and running after a ransomware attack