News

Managing IT and business issues

• August 12, 2022 12 Aug'22

  SMEs overwhelmed by distraction of comms technology, networking platforms

  Study from collaboration workspace and targeted networking platform provider reveals small and medium-sized enterprises are becoming overwhelmed by the noise and distraction of social media channels

• August 12, 2022 12 Aug'22

  Online Safety Bill ‘not fit for purpose’, say tech experts

  IT specialists lack confidence that legislation compelling tech firms to tackle online harms will work as intended, with only a small minority believing ‘harmful but legal’ content can be effectively and proportionately policed by internet platforms

• August 11, 2022 11 Aug'22

  Researcher finds 10 vulnerabilities in Cisco firewalls

  At Black Hat USA, Rapid7 researchers report on 10 security issues in popular Cisco firewall products, many of which do not yet have patches

• August 11, 2022 11 Aug'22

  NHS may take a month to recover from supply chain attack

  Ransomware attack victim Advanced warns its NHS customers they could be waiting until early September to fully recover their operations

• August 10, 2022 10 Aug'22

  Microsoft fixes two-year-old MSDT vulnerability in August update

  August’s Patch Tuesday drop fixes more than 120 CVEs, including another MSDT RCE zero-day that is being actively exploited.

• August 10, 2022 10 Aug'22

  ‘Coopetition’ a growing trend among ransomware gangs

  Sophos shares data from its new X-Ops unit at Black Hat in Las Vegas, revealing a growing number of ransomware victims being attacked by multiple gangs at the same time

• August 09, 2022 09 Aug'22

  Cyber insurance getting harder to obtain

  Organisations looking to shore up their security postures face more and more barriers to obtaining cyber insurance

• August 09, 2022 09 Aug'22

  HS2 sets aside £9.5m to cover cost of IR35 non-compliance

  HS2 has become the latest public sector entity to have fallen foul of the IR35 rules, with its accounts confirming that it is anticipating a tax bill of £9.5m for failing to assess the status of contractors provided to it by a third party

• August 08, 2022 08 Aug'22

  NHS recovering key services after attack on supplier

  Incident at software provider Advanced took out multiple NHS services before the weekend, including the 111 advice service

• August 08, 2022 08 Aug'22

  Internet giants in favour as Ireland tightens rules on datacentres

  Irish premier Michael Martin has insisted its temporary squeeze on datacentre construction is not a moratorium on the industry

• August 05, 2022 05 Aug'22

  Reliance on PSN may have exacerbated cyber attack impact

  As it seeks a new supplier to reinvigorate the migration away from the Public Services Network, the Cabinet Office says relying on the legacy network may be putting public sector bodies at heightened risk in cyber attacks

• August 04, 2022 04 Aug'22

  UK has biggest card fraud problem in Europe

  Social Market Foundation calls on the UK to get a grip on its huge problem with bank card fraud in Europe

• August 04, 2022 04 Aug'22

  SBRC to administer NCSC training across Scotland

  The Scottish Business Resilience Centre has been awarded a £500,000 contract to extend cyber resilience training across more than 250 at-risk organisations

• August 04, 2022 04 Aug'22

  Spyware activity particularly impactful in July

  After a quiet June, vulnerability exploitation ramped up in July, with intrusions linked to spyware seeing unusually high volumes of activity, according to a report

• August 04, 2022 04 Aug'22

  Financial Ombudsman Service mining for gold in cloud HR and finance

  The Financial Ombudsman Service is reaping the benefits of the cloud-based human resources and finance system it implemented last year

• August 03, 2022 03 Aug'22

  New EU due diligence law needs amending to stop tech sector abuse

  European corporate due diligence directive seeking to transform how companies approach their human rights and environmental risk is welcome, but without further changes, it will fail to effectively curb tech firms’ harmful practices, claims ...

• August 03, 2022 03 Aug'22

  Finnish AI Region drives digital growth in small businesses

  Helsinki-based SMEs are being offered support and resources to help them get the best out of artificial intelligence technology to improve their operations and create services to sell

• August 03, 2022 03 Aug'22

  DrayTek patches SOHO router bug that left thousands exposed

  Network hardware supplier has fixed an unauthenticated RCE vulnerability in multiple routers in its Vigor line, after being alerted by Trellix researchers

• August 02, 2022 02 Aug'22

  How worsening economic climate impacts IT spending

  As inflation rises, purse strings are tightening at the tech giants, which will have a material impact on chipmakers and providers of IT equipment

• August 02, 2022 02 Aug'22

  VMware CEO defends Broadcom deal

  Raghu Raghuram is confident that Broadcom will invest in growing VMware through a broad portfolio of assets that will serve its entire customer base, not just its biggest customers

• August 01, 2022 01 Aug'22

  Estonia is building AI Gov Stack

  Data scientists in Baltic nation are creating a repository of software code that provides building blocks for digital services

• July 29, 2022 29 Jul'22

  Austrian data firm accused of selling malware, conducting cyber attacks

  Microsoft has accused DSIRF, an Austrian data services firm, of involvement in a string of cyber attacks

• July 28, 2022 28 Jul'22

  Ex-youth footballers kick-start cyber careers

  New programme aims to find fresh careers for former youth footballers in cyber security

• July 28, 2022 28 Jul'22

  H0lyGh0st ransomware gang faces challenges, but still a threat

  Digital Shadows reports on the recently identified H0lyGh0st ransomware outfit, a new threat actor operating out of North Korea that faces some clear challenges, but is nevertheless still a live threat

• July 28, 2022 28 Jul'22

  NCSC startups scheme turns focus to operational technology, SME security

  NCSC for Startups initiative turns its focus to supporting innovation around securing operational technology and addressing the challenges facing small businesses

• July 28, 2022 28 Jul'22

  Cyber criminals pivot away from macros as Microsoft changes bite

  As Microsoft resumes blocking macros by default in its Office application suite, reversing a temporary reversal, analysis from Proofpoint suggests the action has had a remarkable effect

• July 28, 2022 28 Jul'22

  Teams in Grenoble work on 6G breakthrough technology

  Even as 5G networks are being rolled out, new requirements are driving scientists, and engineers in Europe are back to the lab to start developing 6G

• July 27, 2022 27 Jul'22

  Microsoft anticipates $3.3bn savings by extending server life

  Thanks to new software tools and better hardware, Microsoft plans to upgrade servers and network equipment every six years

• July 27, 2022 27 Jul'22

  Government slammed for slow response to IR35-related consultation on zero-rights employees

  The government has taken four years to publish its response to a three-month consultation on whether employment status and tax laws should be more closely aligned, and concluded that now is not the right time to make any changes

• July 27, 2022 27 Jul'22

  Consumers left out of pocket as security costs soar

  As the average cost of a security incident reaches an all-time high of nearly $4.5m, an IBM Security study reveals how these costs are being passed on to ordinary people

• July 27, 2022 27 Jul'22

  US doubles bounty on Lazarus cyber crime group to $10m

  US State Department doubles a previously announced reward for information on North Korean cyber criminals, including the notorious Lazarus group

• July 27, 2022 27 Jul'22

  Retail software firm PrestaShop warns users about SQL injection attacks

  Open source e-commerce platform PrestaShop warns thousands of small retailers that their customers’ credit card details may be at risk of compromise

• July 27, 2022 27 Jul'22

  Cyber security training ‘boring’ and largely ignored

  Two-thirds of employees don’t bother to pay attention to cyber security training – and the fault does not lie with them

• July 27, 2022 27 Jul'22

  Telstra and Microsoft deepen cloud and connectivity ties

  Telstra will use Azure as a preferred cloud while Microsoft will look at boosting its capacity on Telstra’s subsea cable network in a wide-ranging deal

• July 26, 2022 26 Jul'22

  Secret court asked to quash a decade of MI5 surveillance warrants following ‘systemic breaches’

  The culture at MI5 was to ‘prioritise’ missions ‘over everything else’, including compliance with safeguards designed to protect the public, the UK’s most secret court heard yesterday

• July 26, 2022 26 Jul'22

  No More Ransom initiative helps 1.5 million people in six years

  One and a half million people have now taken advantage of free ransomware decryption tools offered by a joint European project

• July 26, 2022 26 Jul'22

  Post Office attacked subpostmasters who questioned Horizon, say victims

  When the Post Office’s lie about the Horizon system failed to silence subpostmaster critics, it took more extreme measures, say victims of the scandal

• July 26, 2022 26 Jul'22

  Visibility and proactive stance needed to secure OT systems

  Critical infrastructure operators need to have more visibility into their IT and operational technology environment, and take a more active stance to fend off sophisticated adversaries, expert says

• July 26, 2022 26 Jul'22

  Ducktail infostealer targets Facebook Business users

  Newly uncovered Ducktail operation targets individuals with access to Facebook Business service and tries to steal their accounts

• July 26, 2022 26 Jul'22

  Six more subpostmaster convictions overturned in Horizon scandal

  More former subpostmasters have their wrongful convictions for theft and fraud overturned in the Court of Appeal

• July 25, 2022 25 Jul'22

  NCSC seeks community input for Cyber Advisor service

  The NCSC is proposing to establish a new Cyber Advisor service to train up experts in security guidance, and is inviting interested parties to come forward

• July 25, 2022 25 Jul'22

  Latest Atlassian Confluence vulnerability raises concerns

  CVE-2022-26138 is the second major vulnerability disclosure made for Atlassian’s Confluence collaboration platform in recent months

• July 25, 2022 25 Jul'22

  The Security Interviews: Why you need to protect abandoned digital assets

  The war in Ukraine and subsequent boycott of Russia resulted in a swathe of digital infrastructure being abandoned, becoming a potential vulnerability for many organisations, says Cyberpion’s Ran Nahmias

• July 22, 2022 22 Jul'22

  LinkedIn most impersonated brand in phishing attacks

  Social network LinkedIn, along with Microsoft and DHL, are just some of the brands that are most frequently imitated by cyber criminals conducting phishing attacks

• July 21, 2022 21 Jul'22

  GCHQ experts back scanning of encrypted phone messages to fight child abuse

  Ian Levy, technical director of the NCSC, and Crispin Robinson, technical director of GCHQ, back client-side scanning software on mobile phones to detect child abuse

• July 21, 2022 21 Jul'22

  Buy ‘plug-n-play’ malware for the price of a pint of beer

  Three-quarters of malwares and almost 90% of exploits retail on the dark web for about £8.40 or less, according to a report

• July 21, 2022 21 Jul'22

  SSEN partners with Icebreaker One to break energy data silos

  Better access to, and sharing of, energy data will help direct the installation of new electric vehicle charging points, as well as help network operators to better understand the electricity grid’s capacity for the introduction of more renewables

• July 21, 2022 21 Jul'22

  Russia-linked APTs targeted fleeing Ukrainian civilians

  Mandiant and the US authorities have shared details of a phishing campaign that spoofed humanitarian information on evacuation procedures to target Ukrainians fleeing Russian bombardment

• July 21, 2022 21 Jul'22

  UK government introduces data reforms legislation to Parliament

  Proposed changes to UK’s data protection regime include new grounds for data processing, significant powers for the secretary of state to direct the regime’s application, and fewer restrictions on law enforcement’s use of data

• July 20, 2022 20 Jul'22

  Cato aims to bust cyber myths as it extends network protections

  Cato Networks is beefing up its platform’s security features with ransomware and data loss protections, and the firm’s security strategy lead Etay Maor is using the occasion – and his unique access to billions of data points from the firm’s network ...