News

Managing IT and business issues

• August 25, 2022 25 Aug'22

  LockBit 3.0 cements dominance of ransomware ecosystem

  Ransomware attacks were up 47% in July compared with the previous month, according to the latest threat data from NCC Group, with the LockBit family largely to blame

• August 24, 2022 24 Aug'22

  Most CISOs think they’ve been attacked by a nation state

  Most organisations have made changes to their cyber strategies and policies following Russia’s invasion, and almost two-thirds suspect they have been directly targeted or impacted by a nation-state cyber attack

• August 24, 2022 24 Aug'22

  Alleged Twitter security failings spell trouble ahead

  Twitter’s former security head, Peiter Zatko, has alleged a number of serious cyber failures at the social media platform, raising the spectre of investigations and sanctions

• August 23, 2022 23 Aug'22

  Home Office announces Scale-up visa for fast-growth firms

  Scale-up visa launched to help high-growth businesses employ talent from overseas, but sponsorship requirements could undermine effectiveness

• August 23, 2022 23 Aug'22

  NCSC shares cyber guidance for large infrastructure builds

  Balfour Beatty and McAlpine are among the large construction firms to have input into latest NCSC guidance for ensuring the security of major infrastructure projects

• August 22, 2022 22 Aug'22

  Contracting market weighs in on Liz Truss pledge to review IR35 rules if she becomes prime minister

  As Liz Truss continues her Conservative Party leadership campaign, she tells the national press of her plans to review the IR35 rules should she succeed Boris Johnson as prime minister

• August 22, 2022 22 Aug'22

  Kaspersky threat data added to Microsoft Sentinel service

  Microsoft and Kaspersky have agreed a collaboration to integrate Kaspersky’s threat data feeds into Microsoft’s cloud-native SIEM/SOAR service

• August 22, 2022 22 Aug'22

  Lloyd’s to end insurance coverage for state cyber attacks

  Lloyd’s of London has instructed its members to exclude nation state cyber attacks from insurance policies beginning in 2023, saying they pose unacceptable levels of risk

• August 19, 2022 19 Aug'22

  Google employees demand end to collection of abortion data

  In the wake of the US Supreme Court rolling back abortion rights, Google employees are calling on the company to stop collecting abortion-related data, so that it can never be shared with police

• August 19, 2022 19 Aug'22

  Cozy Bear targets MS 365 environments with new tactics

  Cozy Bear, or APT29, is trying out new tricks as it seeks access to its targets’ Microsoft 365 environments

• August 19, 2022 19 Aug'22

  Apple patches two zero-days in macOs, iOS

  Mac users should urgently apply new patches addressing vulnerabilities in its desktop and mobile operating systems

• August 18, 2022 18 Aug'22

  Growing MFA use spurs ‘pass-the-cookie’ attacks

  The exploitation of stolen session cookies by cyber criminals is once again back on the agenda, thanks to the growing popularity of multifactor authentication tools

• August 18, 2022 18 Aug'22

  It takes a breach to force boards to take notice of cyber, says UK government

  Too often, it takes a major incident for business leadership to pay attention to cyber issues, according to a government-commissioned study of victims

• August 18, 2022 18 Aug'22

  Ukraine war drives DDoS attack volumes ever higher

  There has been a boom in distributed denial-of-service attacks in the first six months of 2022, according to a report, with Russia’s war on Ukraine helping to drive activity

• August 17, 2022 17 Aug'22

  How BE Switchcraft is using RFID to streamline manufacturing

  The Australian switchboard manufacturer has rolled out a radio frequency identification system to track production jobs and streamline manufacturing processes

• August 16, 2022 16 Aug'22

  South Staffs Water is victim of botched Clop attack

  South Staffordshire Water moves to reassure customers that their supplies remain safe after its attackers screw up their initial assault

• August 16, 2022 16 Aug'22

  Why organisations need to harmonise their CIO and CISO roles

  Unless properly managed, conflicting responsibilities between the chief information officer and the chief information security officer can cause project delays and budget overruns, says Netskope’s Mike Anderson

• August 15, 2022 15 Aug'22

  How clean data helps Southern Water identify vulnerable customers

  Escalating prices means households around the country are having to tighten spending, with many struggling to pay their bills. Water4All, a consortium led by Southern Water, is using data to identify low-income and vulnerable households so they can ...

• August 15, 2022 15 Aug'22

  Major APAC economies to lose 63 million jobs to automation

  Workers in India, China, South Korea, Australia and Japan are more at risk of losing their jobs to automation, despite the creation of new jobs in the green economy and ICT industry

• August 12, 2022 12 Aug'22

  UK Amazon workers stage series of wildcat strikes over pay offers

  Amazon warehouse workers across the UK have organised a series of spontaneous strike actions after the e-commerce giant’s management offered them pay rises between 35p and 50p

• August 12, 2022 12 Aug'22

  Microsoft doles out $13.7m in bug bounties

  Microsoft’s Bug Bounty programme has paid a total of $13.7m to more than 300 researchers in almost 50 countries

• August 12, 2022 12 Aug'22

  SMEs overwhelmed by distraction of comms technology, networking platforms

  Study from collaboration workspace and targeted networking platform provider reveals small and medium-sized enterprises are becoming overwhelmed by the noise and distraction of social media channels

• August 12, 2022 12 Aug'22

  Online Safety Bill ‘not fit for purpose’, say tech experts

  IT specialists lack confidence that legislation compelling tech firms to tackle online harms will work as intended, with only a small minority believing ‘harmful but legal’ content can be effectively and proportionately policed by internet platforms

• August 11, 2022 11 Aug'22

  Researcher finds 10 vulnerabilities in Cisco firewalls

  At Black Hat USA, Rapid7 researchers report on 10 security issues in popular Cisco firewall products, many of which do not yet have patches

• August 11, 2022 11 Aug'22

  NHS may take a month to recover from supply chain attack

  Ransomware attack victim Advanced warns its NHS customers they could be waiting until early September to fully recover their operations

• August 10, 2022 10 Aug'22

  Microsoft fixes two-year-old MSDT vulnerability in August update

  August’s Patch Tuesday drop fixes more than 120 CVEs, including another MSDT RCE zero-day that is being actively exploited.

• August 10, 2022 10 Aug'22

  ‘Coopetition’ a growing trend among ransomware gangs

  Sophos shares data from its new X-Ops unit at Black Hat in Las Vegas, revealing a growing number of ransomware victims being attacked by multiple gangs at the same time

• August 09, 2022 09 Aug'22

  Cyber insurance getting harder to obtain

  Organisations looking to shore up their security postures face more and more barriers to obtaining cyber insurance

• August 09, 2022 09 Aug'22

  HS2 sets aside £9.5m to cover cost of IR35 non-compliance

  HS2 has become the latest public sector entity to have fallen foul of the IR35 rules, with its accounts confirming that it is anticipating a tax bill of £9.5m for failing to assess the status of contractors provided to it by a third party

• August 08, 2022 08 Aug'22

  NHS recovering key services after attack on supplier

  Incident at software provider Advanced took out multiple NHS services before the weekend, including the 111 advice service

• August 08, 2022 08 Aug'22

  Internet giants in favour as Ireland tightens rules on datacentres

  Irish premier Michael Martin has insisted its temporary squeeze on datacentre construction is not a moratorium on the industry

• August 05, 2022 05 Aug'22

  Reliance on PSN may have exacerbated cyber attack impact

  As it seeks a new supplier to reinvigorate the migration away from the Public Services Network, the Cabinet Office says relying on the legacy network may be putting public sector bodies at heightened risk in cyber attacks

• August 04, 2022 04 Aug'22

  UK has biggest card fraud problem in Europe

  Social Market Foundation calls on the UK to get a grip on its huge problem with bank card fraud in Europe

• August 04, 2022 04 Aug'22

  SBRC to administer NCSC training across Scotland

  The Scottish Business Resilience Centre has been awarded a £500,000 contract to extend cyber resilience training across more than 250 at-risk organisations

• August 04, 2022 04 Aug'22

  Spyware activity particularly impactful in July

  After a quiet June, vulnerability exploitation ramped up in July, with intrusions linked to spyware seeing unusually high volumes of activity, according to a report

• August 04, 2022 04 Aug'22

  Financial Ombudsman Service mining for gold in cloud HR and finance

  The Financial Ombudsman Service is reaping the benefits of the cloud-based human resources and finance system it implemented last year

• August 03, 2022 03 Aug'22

  New EU due diligence law needs amending to stop tech sector abuse

  European corporate due diligence directive seeking to transform how companies approach their human rights and environmental risk is welcome, but without further changes, it will fail to effectively curb tech firms’ harmful practices, claims ...

• August 03, 2022 03 Aug'22

  Finnish AI Region drives digital growth in small businesses

  Helsinki-based SMEs are being offered support and resources to help them get the best out of artificial intelligence technology to improve their operations and create services to sell

• August 03, 2022 03 Aug'22

  DrayTek patches SOHO router bug that left thousands exposed

  Network hardware supplier has fixed an unauthenticated RCE vulnerability in multiple routers in its Vigor line, after being alerted by Trellix researchers

• August 02, 2022 02 Aug'22

  How worsening economic climate impacts IT spending

  As inflation rises, purse strings are tightening at the tech giants, which will have a material impact on chipmakers and providers of IT equipment

• August 02, 2022 02 Aug'22

  VMware CEO defends Broadcom deal

  Raghu Raghuram is confident that Broadcom will invest in growing VMware through a broad portfolio of assets that will serve its entire customer base, not just its biggest customers

• August 01, 2022 01 Aug'22

  Estonia is building AI Gov Stack

  Data scientists in Baltic nation are creating a repository of software code that provides building blocks for digital services

• July 29, 2022 29 Jul'22

  Austrian data firm accused of selling malware, conducting cyber attacks

  Microsoft has accused DSIRF, an Austrian data services firm, of involvement in a string of cyber attacks

• July 28, 2022 28 Jul'22

  Ex-youth footballers kick-start cyber careers

  New programme aims to find fresh careers for former youth footballers in cyber security

• July 28, 2022 28 Jul'22

  H0lyGh0st ransomware gang faces challenges, but still a threat

  Digital Shadows reports on the recently identified H0lyGh0st ransomware outfit, a new threat actor operating out of North Korea that faces some clear challenges, but is nevertheless still a live threat

• July 28, 2022 28 Jul'22

  NCSC startups scheme turns focus to operational technology, SME security

  NCSC for Startups initiative turns its focus to supporting innovation around securing operational technology and addressing the challenges facing small businesses

• July 28, 2022 28 Jul'22

  Cyber criminals pivot away from macros as Microsoft changes bite

  As Microsoft resumes blocking macros by default in its Office application suite, reversing a temporary reversal, analysis from Proofpoint suggests the action has had a remarkable effect

• July 28, 2022 28 Jul'22

  Teams in Grenoble work on 6G breakthrough technology

  Even as 5G networks are being rolled out, new requirements are driving scientists, and engineers in Europe are back to the lab to start developing 6G

• July 27, 2022 27 Jul'22

  Microsoft anticipates $3.3bn savings by extending server life

  Thanks to new software tools and better hardware, Microsoft plans to upgrade servers and network equipment every six years

• July 27, 2022 27 Jul'22

  Government slammed for slow response to IR35-related consultation on zero-rights employees

  The government has taken four years to publish its response to a three-month consultation on whether employment status and tax laws should be more closely aligned, and concluded that now is not the right time to make any changes