News

Managing IT and business issues

February 15, 2022 15 Feb'22
Botched third-party configuration exposes Internet Society data to web

Personal data on members of The Internet Society was exposed after a supplier failed to secure its Azure storage
February 15, 2022 15 Feb'22
UK finance regulator effects changes to ‘buy now, pay later’ contract terms

BNPL finance providers have agreed to make their contracts with consumers fairer, amid concerns
February 15, 2022 15 Feb'22
TA2451 targets aviation and transport sector with tailored lures

Newly designated cyber criminal group favours highly specific lures and a tried-and-tested modus operandi to compromise targets in the aviation, aerospace and transport sectors
February 15, 2022 15 Feb'22
NatWest group shutters 32 more branches as digital shift continues

Banking group announces more branch closures as part of its digital transformation, but promises that no customers will be left behind

February 15, 2022 15 Feb'22
Australian public sector facing transformation challenges

Public sector organisations in Australia are facing organisational and technological challenges in driving back-office innovation and digital-first strategies, new study finds
February 15, 2022 15 Feb'22
China emerges as leader in vulnerability exploitation

Threat actors linked to China are emerging as a significant force in the weaponisation of newly discovered CVEs
February 14, 2022 14 Feb'22
India to invest $1bn in quantum computing

India plans to invest $1bn over the next five years to advance its capabilities in quantum technology, but it will need to have a tailored approach and to address the skills gap to succeed
February 11, 2022 11 Feb'22
Finance Bill Sub-Committee blames IR35 for ‘concerning’ rise in umbrella company contractors

The House of Lords Finance Bill Sub-Committee has shared the findings of its latest inquiry into the impact the IR35 reforms have had on the way contracting works
February 11, 2022 11 Feb'22
Why security professionals should pay attention to what Russia is doing

Even though the average organisation is an unlikely target for a Russian state cyber attack, here's why security teams still need to watch what Russian threat groups are up to
February 11, 2022 11 Feb'22
The birth of Estonia’s digital civil servant

As Estonia finalises the initial version of its government services digital assistant for launch later this year, the man heading the project describes the birth of Bürokratt and beyond

February 11, 2022 11 Feb'22
Hackney Council could be forced to answer questions about IT security training after Psya ransomware

Council is negotiating with the information commissioner after refusing to reply to questions under the Freedom of Information Act about staff IT and security training during the pandemic
February 10, 2022 10 Feb'22
IR35 reforms: HMRC slammed for ‘over-collecting tax’ from non-compliant public sector bodies

HMRC has moved to play down claims it is collecting more tax than it is due when tackling non-compliance with the IR35 reforms in the public sector
February 10, 2022 10 Feb'22
IR35: NAO slams HMRC’s ‘haphazard’ roll-out of off-payroll reforms to public sector

National Audit Office’s 60-page report on the 2017 roll-out of the IR35 reforms claims HMRC’s actions made non-compliance a ‘highly likely’ outcome for public sector bodies
February 09, 2022 09 Feb'22
Linux-based clouds an open door for attackers, says VMware

Its prevalence as a cloud operating system means Linux is becoming a meal ticket for malicious actors, but the security industry does not seem to have cottoned on to this yet, says VMware
February 09, 2022 09 Feb'22
Ransomware ever more sophisticated and impactful, warns NCSC

UK’s National Cyber Security Centre teams up with US and Australian partners in a joint advisory warning organisations of the increasing sophistication exhibited by criminal ransomware gangs
February 09, 2022 09 Feb'22
Microsoft stomps on 48 bugs in February Patch Tuesday update

It’s a light Patch Tuesday for February 2022, as Microsoft issues fixes for just 48 CVEs, including a solitary zero-day
February 09, 2022 09 Feb'22
Post Office scandal victims to tell their stories in public

Victims of the Post Office Horizon scandal are due to tell their devastating stories to the statutory inquiry
February 08, 2022 08 Feb'22
DPD delivers swift fix for serious API flaw

API vulnerability potentially left PII on DPD Group’s customers dangerously exposed, but was rapidly fixed on disclosure
February 08, 2022 08 Feb'22
Microsoft to start blocking macros to thwart malware

Microsoft is making changes to web macro permissions across multiple Office apps to help improve user security
February 08, 2022 08 Feb'22
The Security Interviews: Building the UK’s future cyber ecosystem

As the government lays out the next iteration of its Cyber Security Strategy, we speak to Plexal and Lorca’s Saj Huq about his work building a cyber ecosystem to support the UK’s future ambitions
February 07, 2022 07 Feb'22
Airport services firm thwarts attempted ransomware heist

Aviation services provider Swissport says its systems are mostly back up and running after a ransomware attack
February 07, 2022 07 Feb'22
Umbrella IT contractors urged to seize on court ruling to reclaim withheld holiday pay

The outcome of a court ruling concerning a holiday pay dispute between Pimlico Plumbers and one of its former employees could have costly implications for the umbrella company sector, it is claimed
February 04, 2022 04 Feb'22
Cyber attacks on European oil facilities spreading

Following a cyber attack on distribution facilities in Germany, more incidents have been reported in Belgium and the Netherlands, but it is too early to necessarily draw a link between them
February 03, 2022 03 Feb'22
Cack-handed government compensation scheme prolongs suffering of Horizon scandal victims

Victims of the Post Office Horizon scandal are being denied the millions of pounds they are owed as the government delays compensation resolution
February 03, 2022 03 Feb'22
Danish researchers develop a socially aware robot

A new breed of robots gracefully interacts with humans in an autonomous fashion
February 03, 2022 03 Feb'22
French Supreme Court raises constitutional questions over EncroChat hacking secrecy

Conseil Constitutionnel to decide whether ‘defence secrecy’ over state EncroChat cryptophone hacking breaches French constitution
February 02, 2022 02 Feb'22
Mechanism underlying cookie popups found in breach of GDPR

A fundamental element of the mechanism by which the advertising industry requests tracking consent from web users has been found in breach of the General Data Protection Regulation
February 02, 2022 02 Feb'22
Zero-trust to soar in 2022, but dogged by implementation challenges

IT leaders are keen to invest in zero-trust, but face issues around a lack of expertise, and selling the concept into the C-suite
February 02, 2022 02 Feb'22
Reforms needed to tackle economic crime, says Treasury Committee

The Treasury Committee is disappointed at progress towards tackling economic crime and fraud in both the online and offline worlds, and is calling for more action
February 02, 2022 02 Feb'22
Nationwide Building Society streamlines digital onboarding through API

Building society is improving its digital onboarding process through application programming interface-based technology from a US startup
February 02, 2022 02 Feb'22
British Council data exposed by third-party cyber failure

The British Council entrusted confidential data on its students to a third-party and was let down
February 01, 2022 01 Feb'22
German fuel supplier taken offline in cyber attack

Cyber attack against Germany’s Oiltanking, a major fuel logistics company, affects 13 distribution terminals across Germany, in an incident with echoes of last year’s hit on Colonial Pipeline
February 01, 2022 01 Feb'22
Sweden’s Husqvarna expands IT outsourcing deal with HCL

Swedish power tool maker expands its contract with Indian IT service provider as it continues on its digital journey
February 01, 2022 01 Feb'22
Dutch software engineers join campaign for research funding

Software researchers from all over Europe are sounding the alarm: to maintain a strong international competitive position, more financial resources must be committed to software research
February 01, 2022 01 Feb'22
Over one-fifth of ransomware attacks target financial sector

Newly published data reveals a significant uptick in cyber attacks against the financial services sector during the third quarter of 2021
February 01, 2022 01 Feb'22
Dubai’s fledgling drone programme gets another nudge

Through a series of initiatives, Dubai is positioning itself to reap the benefits of a promising global market for drone technology
January 31, 2022 31 Jan'22
Data on children of armed forces personnel exposed in breach

Data on 4,142 children of serving armed forces personnel was exposed in a data breach at the Ministry of Defence
January 28, 2022 28 Jan'22
Cyber skills gap affecting data privacy practice, finds ISACA

Organisations are struggling to fill both legal and technical privacy roles, with potentially damaging consequences, according to a report
January 27, 2022 27 Jan'22
CISOs must get out in front of Ukraine cyber crisis, says NCSC

The National Cyber Security Centre is urging UK organisations to take steps to bolster their cyber security resilience in response to the ongoing Ukraine crisis
January 27, 2022 27 Jan'22
Novel phishing campaign highlights need for MFA, says Microsoft

Microsoft details a new multi-stage phishing campaign that only affects victims without multifactor authentication in place
January 27, 2022 27 Jan'22
Barclaycard customers increase contactless spending following limit rise

Barclaycard customers have increased their contactless card spending by 40% with most of their card payments using the technology
January 27, 2022 27 Jan'22
Nightmare Log4Shell scenario averted by prompt, professional action

Prompt and professional community response to the Log4Shell disclosure means the dangerous and widespread vulnerability has not been exploited to the extent many had feared
January 27, 2022 27 Jan'22
Umbrella company cyber attacks prompt fresh calls for sector regulation to protect contractors

With the umbrella company industry increasingly finding itself under attack from cyber criminals, contracting market stakeholders embark on a fresh round of calls for the industry to be regulated
January 26, 2022 26 Jan'22
More intel emerges on WhisperGate malware that hit Ukraine

Security experts have been poring over the WhisperGate malware with which alleged Russia-backed entities targeted Ukrainian government websites
January 26, 2022 26 Jan'22
PwnKit bug endangers Linux distributions worldwide

Qualys researchers share intel on a memory corruption vulnerability in a program installed by default on every major Linux distribution
January 26, 2022 26 Jan'22
Demands on Fujitsu to contribute to £1bn Horizon scandal compensation costs

Fujitsu cannot hide away as taxpayers pick up the bill for the Post Office scandal triggered by its IT system, say peers
January 25, 2022 25 Jan'22
Prepare, but don’t panic, over supposed Russian cyber threat

A fresh alert from the US Department of Homeland Security may have IT security teams jumpy over the possibility that their organisations could be targeted by Russian state actors
January 25, 2022 25 Jan'22
Cyber Essentials programme gets biggest update since launch

NCSC implements a thorough revision of its Cyber Essentials scheme to reflect the changing security landscape
January 25, 2022 25 Jan'22
UK government launches internal cyber strategy

Multi-pronged government security strategy is designed to protect both core systems and public services
January 25, 2022 25 Jan'22
Subpostmaster campaign group to meet government over unfair compensation settlement

A group of subpostmasters excluded from fair compensation in the Horizon scandal is to meet government department to discuss their demands