News
Managing IT and business issues
-
February 15, 2022
15
Feb'22
Botched third-party configuration exposes Internet Society data to web
Personal data on members of The Internet Society was exposed after a supplier failed to secure its Azure storage
-
February 15, 2022
15
Feb'22
UK finance regulator effects changes to ‘buy now, pay later’ contract terms
BNPL finance providers have agreed to make their contracts with consumers fairer, amid concerns
-
February 15, 2022
15
Feb'22
TA2451 targets aviation and transport sector with tailored lures
Newly designated cyber criminal group favours highly specific lures and a tried-and-tested modus operandi to compromise targets in the aviation, aerospace and transport sectors
-
February 15, 2022
15
Feb'22
NatWest group shutters 32 more branches as digital shift continues
Banking group announces more branch closures as part of its digital transformation, but promises that no customers will be left behind
-
February 15, 2022
15
Feb'22
Australian public sector facing transformation challenges
Public sector organisations in Australia are facing organisational and technological challenges in driving back-office innovation and digital-first strategies, new study finds
-
February 15, 2022
15
Feb'22
China emerges as leader in vulnerability exploitation
Threat actors linked to China are emerging as a significant force in the weaponisation of newly discovered CVEs
-
February 14, 2022
14
Feb'22
India to invest $1bn in quantum computing
India plans to invest $1bn over the next five years to advance its capabilities in quantum technology, but it will need to have a tailored approach and to address the skills gap to succeed
-
February 11, 2022
11
Feb'22
Finance Bill Sub-Committee blames IR35 for ‘concerning’ rise in umbrella company contractors
The House of Lords Finance Bill Sub-Committee has shared the findings of its latest inquiry into the impact the IR35 reforms have had on the way contracting works
-
February 11, 2022
11
Feb'22
Why security professionals should pay attention to what Russia is doing
Even though the average organisation is an unlikely target for a Russian state cyber attack, here's why security teams still need to watch what Russian threat groups are up to
-
February 11, 2022
11
Feb'22
The birth of Estonia’s digital civil servant
As Estonia finalises the initial version of its government services digital assistant for launch later this year, the man heading the project describes the birth of Bürokratt and beyond
-
February 11, 2022
11
Feb'22
Hackney Council could be forced to answer questions about IT security training after Psya ransomware
Council is negotiating with the information commissioner after refusing to reply to questions under the Freedom of Information Act about staff IT and security training during the pandemic
-
February 10, 2022
10
Feb'22
IR35 reforms: HMRC slammed for ‘over-collecting tax’ from non-compliant public sector bodies
HMRC has moved to play down claims it is collecting more tax than it is due when tackling non-compliance with the IR35 reforms in the public sector
-
February 10, 2022
10
Feb'22
IR35: NAO slams HMRC’s ‘haphazard’ roll-out of off-payroll reforms to public sector
National Audit Office’s 60-page report on the 2017 roll-out of the IR35 reforms claims HMRC’s actions made non-compliance a ‘highly likely’ outcome for public sector bodies
-
February 09, 2022
09
Feb'22
Linux-based clouds an open door for attackers, says VMware
Its prevalence as a cloud operating system means Linux is becoming a meal ticket for malicious actors, but the security industry does not seem to have cottoned on to this yet, says VMware
-
February 09, 2022
09
Feb'22
Ransomware ever more sophisticated and impactful, warns NCSC
UK’s National Cyber Security Centre teams up with US and Australian partners in a joint advisory warning organisations of the increasing sophistication exhibited by criminal ransomware gangs
-
February 09, 2022
09
Feb'22
Microsoft stomps on 48 bugs in February Patch Tuesday update
It’s a light Patch Tuesday for February 2022, as Microsoft issues fixes for just 48 CVEs, including a solitary zero-day
-
February 09, 2022
09
Feb'22
Post Office scandal victims to tell their stories in public
Victims of the Post Office Horizon scandal are due to tell their devastating stories to the statutory inquiry
-
February 08, 2022
08
Feb'22
DPD delivers swift fix for serious API flaw
API vulnerability potentially left PII on DPD Group’s customers dangerously exposed, but was rapidly fixed on disclosure
-
February 08, 2022
08
Feb'22
Microsoft to start blocking macros to thwart malware
Microsoft is making changes to web macro permissions across multiple Office apps to help improve user security
-
February 08, 2022
08
Feb'22
The Security Interviews: Building the UK’s future cyber ecosystem
As the government lays out the next iteration of its Cyber Security Strategy, we speak to Plexal and Lorca’s Saj Huq about his work building a cyber ecosystem to support the UK’s future ambitions
-
February 07, 2022
07
Feb'22
Airport services firm thwarts attempted ransomware heist
Aviation services provider Swissport says its systems are mostly back up and running after a ransomware attack
-
February 07, 2022
07
Feb'22
Umbrella IT contractors urged to seize on court ruling to reclaim withheld holiday pay
The outcome of a court ruling concerning a holiday pay dispute between Pimlico Plumbers and one of its former employees could have costly implications for the umbrella company sector, it is claimed
-
February 04, 2022
04
Feb'22
Cyber attacks on European oil facilities spreading
Following a cyber attack on distribution facilities in Germany, more incidents have been reported in Belgium and the Netherlands, but it is too early to necessarily draw a link between them
-
February 03, 2022
03
Feb'22
Cack-handed government compensation scheme prolongs suffering of Horizon scandal victims
Victims of the Post Office Horizon scandal are being denied the millions of pounds they are owed as the government delays compensation resolution
-
February 03, 2022
03
Feb'22
Danish researchers develop a socially aware robot
A new breed of robots gracefully interacts with humans in an autonomous fashion
-
February 03, 2022
03
Feb'22
French Supreme Court raises constitutional questions over EncroChat hacking secrecy
Conseil Constitutionnel to decide whether ‘defence secrecy’ over state EncroChat cryptophone hacking breaches French constitution
-
February 02, 2022
02
Feb'22
Mechanism underlying cookie popups found in breach of GDPR
A fundamental element of the mechanism by which the advertising industry requests tracking consent from web users has been found in breach of the General Data Protection Regulation
-
February 02, 2022
02
Feb'22
Zero-trust to soar in 2022, but dogged by implementation challenges
IT leaders are keen to invest in zero-trust, but face issues around a lack of expertise, and selling the concept into the C-suite
-
February 02, 2022
02
Feb'22
Reforms needed to tackle economic crime, says Treasury Committee
The Treasury Committee is disappointed at progress towards tackling economic crime and fraud in both the online and offline worlds, and is calling for more action
-
February 02, 2022
02
Feb'22
Nationwide Building Society streamlines digital onboarding through API
Building society is improving its digital onboarding process through application programming interface-based technology from a US startup
-
February 02, 2022
02
Feb'22
British Council data exposed by third-party cyber failure
The British Council entrusted confidential data on its students to a third-party and was let down
-
February 01, 2022
01
Feb'22
German fuel supplier taken offline in cyber attack
Cyber attack against Germany’s Oiltanking, a major fuel logistics company, affects 13 distribution terminals across Germany, in an incident with echoes of last year’s hit on Colonial Pipeline
-
February 01, 2022
01
Feb'22
Sweden’s Husqvarna expands IT outsourcing deal with HCL
Swedish power tool maker expands its contract with Indian IT service provider as it continues on its digital journey
-
February 01, 2022
01
Feb'22
Dutch software engineers join campaign for research funding
Software researchers from all over Europe are sounding the alarm: to maintain a strong international competitive position, more financial resources must be committed to software research
-
February 01, 2022
01
Feb'22
Over one-fifth of ransomware attacks target financial sector
Newly published data reveals a significant uptick in cyber attacks against the financial services sector during the third quarter of 2021
-
February 01, 2022
01
Feb'22
Dubai’s fledgling drone programme gets another nudge
Through a series of initiatives, Dubai is positioning itself to reap the benefits of a promising global market for drone technology
-
January 31, 2022
31
Jan'22
Data on children of armed forces personnel exposed in breach
Data on 4,142 children of serving armed forces personnel was exposed in a data breach at the Ministry of Defence
-
January 28, 2022
28
Jan'22
Cyber skills gap affecting data privacy practice, finds ISACA
Organisations are struggling to fill both legal and technical privacy roles, with potentially damaging consequences, according to a report
-
January 27, 2022
27
Jan'22
CISOs must get out in front of Ukraine cyber crisis, says NCSC
The National Cyber Security Centre is urging UK organisations to take steps to bolster their cyber security resilience in response to the ongoing Ukraine crisis
-
January 27, 2022
27
Jan'22
Novel phishing campaign highlights need for MFA, says Microsoft
Microsoft details a new multi-stage phishing campaign that only affects victims without multifactor authentication in place
-
January 27, 2022
27
Jan'22
Barclaycard customers increase contactless spending following limit rise
Barclaycard customers have increased their contactless card spending by 40% with most of their card payments using the technology
-
January 27, 2022
27
Jan'22
Nightmare Log4Shell scenario averted by prompt, professional action
Prompt and professional community response to the Log4Shell disclosure means the dangerous and widespread vulnerability has not been exploited to the extent many had feared
-
January 27, 2022
27
Jan'22
Umbrella company cyber attacks prompt fresh calls for sector regulation to protect contractors
With the umbrella company industry increasingly finding itself under attack from cyber criminals, contracting market stakeholders embark on a fresh round of calls for the industry to be regulated
-
January 26, 2022
26
Jan'22
More intel emerges on WhisperGate malware that hit Ukraine
Security experts have been poring over the WhisperGate malware with which alleged Russia-backed entities targeted Ukrainian government websites
-
January 26, 2022
26
Jan'22
PwnKit bug endangers Linux distributions worldwide
Qualys researchers share intel on a memory corruption vulnerability in a program installed by default on every major Linux distribution
-
January 26, 2022
26
Jan'22
Demands on Fujitsu to contribute to £1bn Horizon scandal compensation costs
Fujitsu cannot hide away as taxpayers pick up the bill for the Post Office scandal triggered by its IT system, say peers
-
January 25, 2022
25
Jan'22
Prepare, but don’t panic, over supposed Russian cyber threat
A fresh alert from the US Department of Homeland Security may have IT security teams jumpy over the possibility that their organisations could be targeted by Russian state actors
-
January 25, 2022
25
Jan'22
Cyber Essentials programme gets biggest update since launch
NCSC implements a thorough revision of its Cyber Essentials scheme to reflect the changing security landscape
-
January 25, 2022
25
Jan'22
UK government launches internal cyber strategy
Multi-pronged government security strategy is designed to protect both core systems and public services
-
January 25, 2022
25
Jan'22
Subpostmaster campaign group to meet government over unfair compensation settlement
A group of subpostmasters excluded from fair compensation in the Horizon scandal is to meet government department to discuss their demands