News

Managing IT and business issues

• May 03, 2022 03 May'22

  Five TLS comms vulnerabilities hit Aruba, Avaya switching kit

  Five new vulnerabilities in the implementation of transport layer security communications leave several popular switches vulnerable to remote code execution

• April 29, 2022 29 Apr'22

  Attackers enlist cloud providers in large HTTPS DDoS hit

  A recent large-scale DDoS incident shows how cyber criminals are switching up their tactics to conduct more sophisticated attacks

• April 28, 2022 28 Apr'22

  Ransomware recovery costs dwarf actual ransoms

  The cost of recovering from a ransomware attack far outweighs the ransoms now being demanded by cyber criminals, according to recent data

• April 28, 2022 28 Apr'22

  Manufacturer sues JPMorgan after cyber criminals stole $272m

  Manufacturer files lawsuit alleging that US bank failed to inform it of suspicious transaction activity

• April 28, 2022 28 Apr'22

  Russia plumbs new depths in cyber war on Ukraine

  Microsoft details cyber attacks on Ukrainian civilian communications, nuclear safety authorities, and the exploitation of the destruction of Mariupol in a phishing campaign

• April 28, 2022 28 Apr'22

  CIOs have the greatest impact on business

  Chief information officers see their role as core in building out the IT and security infrastructure and talent pool that their organisations require to grow post-pandemic

• April 27, 2022 27 Apr'22

  Log4Shell, ProxyLogon, ProxyShell among most exploited bugs of 2021

  These 15 CVEs were the most commonly exploited last year, and if you haven’t mitigated against them, now is the time

• April 27, 2022 27 Apr'22

  Russia-supporting cyber crime gang claims Coca-Cola as victim

  Stormous cyber crime collective claims to have stolen 161GB of data from Coca-Cola, and says it plans to sell it off

• April 27, 2022 27 Apr'22

  Disappointing earnings at Google, but cloud still strong

  Google posts first-quarter 2022 revenue of $68bn, but growth is not as fast as last year

• April 27, 2022 27 Apr'22

  Ransomware victims paying out when they don’t need to

  Sophos’s annual State of Ransomware report shows dramatic increases in the impact of ransomware attacks, but also finds many organisations are paying ransoms when they don’t need to

• April 27, 2022 27 Apr'22

  Government digital ignorance puts Dutch economy at risk

  In this interview, Michiel Steltman, managing director of Digital Infrastructure Netherlands, tells Computer Weekly why the Dutch digital economy is at risk due to a lack of knowledge and understanding at government level

• April 27, 2022 27 Apr'22

  Police question former Fujitsu worker again in Post Office scandal perjury investigation

  Police have interviewed a former Fujitsu employee for the third time in the investigation into potential perjury during trials of wrongfully convicted subpostmasters

• April 26, 2022 26 Apr'22

  How Denmark attracts tech companies

  Danish government encourages research in strategic fields – and encourages the development of clusters, which include research institutes, tech suppliers and customers

• April 26, 2022 26 Apr'22

  Emotet tests new tricks to thwart enhanced security

  The operators of the Emotet botnet seem to be trying to find a way to get around recent changes made by Microsoft to better protect its users

• April 26, 2022 26 Apr'22

  Danish researcher explains zero-knowledge proofs and post-quantum encryption

  A graduate from the University of Aarhus, a Danish researcher is now a leading player in some of the most important issues in cyber security

• April 26, 2022 26 Apr'22

  Global digital wallet transactions set to soar

  Payments using mobile phones are set to soar globally as suppliers expand the services available, according to research

• April 26, 2022 26 Apr'22

  Odense Robotics helps develop key export for Denmark

  Robotics seen as a future export sector for Denmark as investment startups build their skills in public sector projects

• April 25, 2022 25 Apr'22

  Majority of workers using umbrella companies see no benefits

  Research from trade body for independent professionals finds that most self-employed workers operating through an umbrella company think there are no advantages to the arrangement

• April 25, 2022 25 Apr'22

  US mobile network emerges as latest Lapsus$ victim

  Lapsus$ extortion gang hit T-Mobile and attempted to perform SIM-swapping attacks and code theft

• April 25, 2022 25 Apr'22

  Government appoints head of technology transfer unit

  Government announces a CEO to lead its initiatives around commercialising its knowledge assets

• April 25, 2022 25 Apr'22

  Sophos soaks up SOC.OS

  Sophos says acquisition of BAE spinout SOC.OS will enhance its managed threat and extended detection and response services

• April 22, 2022 22 Apr'22

  What’s up with Conti and REvil, and should we be worrying?

  New intelligence on some of the world’s most prolific ransomware gangs suggests recent disruption to their activities was like water off a duck’s back

• April 22, 2022 22 Apr'22

  UAE bolsters cyber security

  The United Arab Emirates has successfully improved its security posture amid mounting cyber threats

• April 21, 2022 21 Apr'22

  Zoom adds new round of cyber security enhancements

  Videoconferencing platform Zoom adds multiple third-party security certifications and service enhancements

• April 21, 2022 21 Apr'22

  Five Eyes in new Russia cyber warning

  Latest cross-body alert warns of Russian threat to utilities and other core elements of national infrastructure

• April 21, 2022 21 Apr'22

  Impact of Lapsus$ attack on Okta less than feared

  Okta’s investigation into Lapsus$ breach of its systems via a Sitel workstation has concluded that the impact was significantly less than the maximum potential

• April 21, 2022 21 Apr'22

  Tech to account for over half of regulatory compliance spending

  By 2026, regtech will account for more than half of the money that businesses spend on compliance with regulations

• April 21, 2022 21 Apr'22

  European cities moving fast to change business of parking

  German cities are using the latest smart parking technology to reduce traffic and car pollution while collecting more fees for parking

• April 21, 2022 21 Apr'22

  More Scottish subpostmaster conviction reviews expected as part of Post Office scandal

  The Scottish Criminal Cases Review Commission expects more subpostmasters with potential wrongful convictions to come forward

• April 20, 2022 20 Apr'22

  AWS fixes vulnerabilities in Log4Shell hot patch

  AWS issues fixes for a series of Log4Shell hot patches after they turned out to leave its services vulnerable to further exploitation

• April 20, 2022 20 Apr'22

  Nationwide Building Society streamlines payment dispute process through software

  Building society has speeded up the resolution of customer disputes over Visa payments by using Pegasystems software

• April 20, 2022 20 Apr'22

  Financial Ombudsman Service chooses TCS as digital transformation partner

  Tata Consultancy Services will build and implement key systems as part the Financial Ombudsman Service’s digital transformation

• April 19, 2022 19 Apr'22

  Median threat actor ‘dwell time’ dropped during 2021

  Security teams appear to be getting better at detecting attackers within their networks, according to a report

• April 19, 2022 19 Apr'22

  Softbank and UnaBiz team up on internet of robotic things

  Japan’s Softbank Robotics and Singapore-based UnaBiz are bringing IoT and robotics technology together to improve facilities management, among other applications

• April 14, 2022 14 Apr'22

  Kyndryl kindles cyber incident recovery pact with Dell

  IBM spin-out Kyndryl hops into bed with Dell Technologies in a joint cyber resilience proposition

• April 14, 2022 14 Apr'22

  Zhadnost DDoS botnet deployed against Finland

  A coordinated DDoS attack hit two government ministries in Finland at the same time as Ukrainian president Volodymyr Zelensky delivered a virtual address to the Finnish parliament

• April 14, 2022 14 Apr'22

  Incontroller ICS malware has ‘rare, dangerous’ capabilities, says Mandiant

  Mandiant joins a growing chorus of warnings over novel nation state threats to ICS systems

• April 13, 2022 13 Apr'22

  Hybrid work catching on in India

  More tech workers in India now enjoy flexi-work arrangements and higher salaries, but talent retention remains an issue in the subcontinent, study finds

• April 13, 2022 13 Apr'22

  WatchGuard firewall users urged to patch Cyclops Blink vulnerability

  The US authorities have seen fit to add the WatchGuard vulnerability used by Sandworm to build the Cyclops Blink botnet to its list of must-patch vulnerabilities

• April 13, 2022 13 Apr'22

  Microsoft patches two zero-days, 10 critical bugs

  Patch Tuesday is here once again. This month, security teams must fix two privilege escalation zero-days in the Windows Common Log File System Driver and the Windows User Profile Service

• April 13, 2022 13 Apr'22

  Criminals researched hacking TTPs post-breach in ‘messy’ cyber attack

  Sophos shares details of a cyber attack that saw attackers hang out in their victim environment for five months while they prepared to sow further mischief

• April 12, 2022 12 Apr'22

  Universal IAM policy failings put cloud environments at risk

  Almost all organisations lack appropriate IAM policy controls to effectively secure their data in the cloud, according to a damning study

• April 12, 2022 12 Apr'22

  Multiple arrests made in RaidForums takedown

  A Portuguese national and a 21-year-old man from Croydon are among a number of individuals arrested ahead of the closure of RaidForums by police

• April 12, 2022 12 Apr'22

  Sandworm rolls out Industroyer2 malware against Ukraine

  A second generation of the Sandworm-linked Industroyer malware has been identified by ESET researchers and Ukraine’s national CERT

• April 11, 2022 11 Apr'22

  Border IT system fixed after 10-day outage

  Post-Brexit border IT system failure fixed after going down at the start of April, allowing traders to once again file customs documents electronically rather than by hand

• April 11, 2022 11 Apr'22

  Open source CMS platform Directus patches XSS bug

  A stored cross-site scripting vulnerability in the Directus platform could have enabled malicious actors to gain access to valuable data

• April 11, 2022 11 Apr'22

  Mastercard opens European tech hub in Dublin

  Mastercard is doubling its technology workforce in Dublin through a new European tech hub in the Irish capital

• April 11, 2022 11 Apr'22

  Raspberry Pi Foundation ditches default username policy

  Raspberry Pi owners will no longer be able to use the default ‘pi’ username, as the Raspberry Pi Foundation clamps down on insecure practices

• April 08, 2022 08 Apr'22

  Ukrainian cyber criminal gets five years in jail

  A US court has sentenced Denys Iarmak, who worked as a penetration tester for the FIN7 cyber crime group, to a five-year prison sentence

• April 08, 2022 08 Apr'22

  Was Spring4Shell a lot of hot air? No, but...

  Find out why Spring4Shell was apparently not as impactful a security problem as many had at first feared, and why it’s on the cyber community as a whole to do better