News

Managing IT and business issues

• February 24, 2021 24 Feb'21

  Businesses forced to ask IT service providers for help during pandemic

  IT service providers have been approached by long-time enterprise customers asking for price cuts due to the impact of the pandemic

• February 24, 2021 24 Feb'21

  Babuk ransomware unsophisticated, but highly dangerous

  Intelligence gathered through McAfee’s Mvision service reveals more insight into the emerging Babuk ransomware

• February 24, 2021 24 Feb'21

  Bombardier is latest victim of Accellion supply chain attack

  Canadian aviation company joins the growing list of Accellion breach victims

• February 24, 2021 24 Feb'21

  Appointment of disgraced former Post Office director triggers vote of no confidence in Welsh FA boss

  Vote of no confidence in Football Association of Wales boss triggered by recruitment of former Post Office executive who tried to mislead a judge in IT trial

• February 23, 2021 23 Feb'21

  Subpostmaster group calls for prime minister to pause Horizon ‘whitewash’ inquiry

  Subpostmasters call for Boris Johnson to pause and reshape the government’s Horizon inquiry

• February 23, 2021 23 Feb'21

  XDR makes cyber a Stroll in the park for Aston Martin F1

  Aston Martin Cognizant Formula One team will run SentinelOne’s Singularity XDR platform under the bonnet

• February 23, 2021 23 Feb'21

  Tech worker-centric umbrella company launches to target IT contractors 'displaced' by IR35

  As the number of private sector firms enforcing blanket bans on contractors grows, Techcentre Umbrella is offering IT workers ‘displaced’ by the reforms a safe haven, claims its founder

• February 23, 2021 23 Feb'21

  CyberScotland offers centralised security resource hub

  Newly launched partnership brings together security resources for individuals and organisations across Scotland

• February 22, 2021 22 Feb'21

  Malaysia government intervenes to drive 5G forward

  The government of Malaysia pledges to spend 15bn ringgit to set up an entity that would be granted spectrum and operational scope to manage 5G roll-outs

• February 22, 2021 22 Feb'21

  Microphones, smartphones, laptops among items stolen from BBC

  A total of 105 devices have been stolen from the BBC in the past two years, some of which may have been spirited away by remote workers

• February 19, 2021 19 Feb'21

  NCSC cyber defence scheme blocked thousands of scams in 2019

  The NCSC has reported another productive year for its Active Cyber Defence programme

• February 19, 2021 19 Feb'21

  Uber drivers should be classified as ‘workers’, UK Supreme Court confirms

  Supreme Court ruling brings Uber’s four-year legal battle to have its drivers classified as self-employed to an end, and could see its drivers in line to receive thousands of pounds in compensation

• February 18, 2021 18 Feb'21

  HMRC accused of 'utter hypocrisy' over use of IT contractors enrolled in tax avoidance schemes

  Campaign group calls for HMRC to face an investigation, while accusing the department of ‘utter hypocrisy’ for using IT contractors enrolled in disguised remuneration schemes

• February 18, 2021 18 Feb'21

  2020 a record year for cyber, thanks to Covid

  The UK’s cyber industry now employs close to 50,000 people and contributes billions to the economy

• February 18, 2021 18 Feb'21

  Fingerprints will help payment cards retain relevance

  Biometric payment cards using fingerprint technology could add billions to global banking revenues, says UBS

• February 17, 2021 17 Feb'21

  North Korean Lazarus Group hackers indicted in US

  Charges filed relate to Lazarus Group’s long-running cyber crime spree, including financial theft and extortion, WannaCry malware and the cyber attack on Sony Pictures

• February 17, 2021 17 Feb'21

  Finnish IT sector demand increases after months of decline

  IT sector in Finland sees small signs of recovery as demand increases after months of Covid-19-related decline

• February 17, 2021 17 Feb'21

  Security pros agree: We need to take a break

  As many as 85% of security staff engage in leisure activities during working hours, but they have excellent reasons for doing so

• February 17, 2021 17 Feb'21

  Egregor ransomware arrests confirmed

  Authorities confirm that they have arrested an undisclosed number of cyber criminals associated with the Egregor ransomware

• February 17, 2021 17 Feb'21

  Emotional intelligence, empathy increasingly valued in CISOs

  The pandemic has highlighted the value of soft skills, rather than technical ones, in security

• February 17, 2021 17 Feb'21

  Law firm and cyber criminals clash over source of stolen data

  Cyber attack victim Jones Day says its data was stolen in a supply chain attack, but the gang holding it to ransom disagrees

• February 16, 2021 16 Feb'21

  North Korea accused of Pfizer Covid vaccine cyber attack

  South Korean intelligence pins a recent attack on Pfizer, targeting information on coronavirus vaccines, on its neighbour

• February 16, 2021 16 Feb'21

  RDP, SSH exposures off the charts thanks to remote working

  The Covid-19 pandemic has had an impact on the prevalence of certain vulnerabilities in the wild, according to a report

• February 14, 2021 14 Feb'21

  Cancer Council NSW fixes data silos in integration move

  The Cancer Council in New South Wales has integrated its core systems to eliminate data silos and improve productivity

• February 12, 2021 12 Feb'21

  University benefited from early virtual desktop investments when pandemic struck

  Edinburgh Napier University was able to react quickly to some of the main challenges brought by the Covid-19 pandemic

• February 11, 2021 11 Feb'21

  Hacked Finnish therapy business collapses

  Vastaamo, the Finnish psychotherapy centre whose patients were blackmailed by a cyber criminal gang, has filed for bankruptcy

• February 11, 2021 11 Feb'21

  Goldman Sachs reopens UK digital savings account

  US banking giant resumes online account for UK savers after temporarily withdrawing it in response to high demand

• February 11, 2021 11 Feb'21

  Low-complexity CVEs a growing concern

  Analysis of thousands of CVEs logged with NIST in 2020 reveals some unwelcome developments

• February 10, 2021 10 Feb'21

  HelloKitty almost certainly behind CD Projekt ransomware attack

  Theories that the cyber attack on a high-profile gaming studio was orchestrated by players who are disappointed in a videogame are likely wide of the mark, according to analysis

• February 10, 2021 10 Feb'21

  Windows 10, Server 2019 users must patch serious zero-day

  Another dangerous zero-day exploit is among 56 vulnerabilities patched by Microsoft in February’s Patch Tuesday update

• February 10, 2021 10 Feb'21

  Century-old insurer uses low code as digital demands increase

  Lloyds of London insurance and reinsurance broker Miller breaks from the past by adopting low-code software development platform

• February 09, 2021 09 Feb'21

  IR35 private sector reforms: Deloitte confirms post-April 2021 ban on PSCs

  Consultancy giant confirms that contractors will only be able to engage with it via a third-party umbrella or employment agency after April 2021, as part of its IR35 compliance strategy

• February 09, 2021 09 Feb'21

  ‘Batman Begins’ cyber attack is a warning to CNI providers

  A thwarted cyber attack in a Florida town that could have resulted in the poisoning of the water supply is a timely reminder of the vulnerability of critical services

• February 09, 2021 09 Feb'21

  NHS reports fewer phishing emails in 2020

  The NHSmail email service saw a steady decline in suspected phishing emails during the course of 2020

• February 08, 2021 08 Feb'21

  UK Cyber Security Council to take charge of skills strategy

  New government-backed body will be set up to boost careers opportunities and professional standards in the cyber security sector

• February 08, 2021 08 Feb'21

  Too few UK organisations offering cyber training for remote work

  Nearly a year into the pandemic, a study reveals a concerning tendency for organisations not to bother offering security training for remote workers

• February 08, 2021 08 Feb'21

  Get ready for fake work epidemic

  Remote working has become a fact of life for many office-based workers during the pandemic, and there has also been a rise in remote staff monitoring

• February 08, 2021 08 Feb'21

  Data of thousands of Dutch citizens leaked from government Covid-19 systems

  Weak access controls and outdated systems blamed for leaking of the personal details of thousands of Dutch citizens tested for Covid-19

• February 08, 2021 08 Feb'21

  Woolworths to invest more than A$50m in skills training

  More than 60,000 Woolworths employees across store and e-commerce operations, supply chain network and support offices are expected to benefit from the new investment

• February 08, 2021 08 Feb'21

  Sweden to establish national cyber security centre

  Sweden becomes latest Nordic state to establish a national cyber security centre as the threat landscape grows

• February 08, 2021 08 Feb'21

  Singapore tops cloud adoption in ASEAN

  Nearly nine in 10 organisations in Singapore are using cloud services, but cost and security concerns remain

• February 05, 2021 05 Feb'21

  Google Chrome update to patch serious zero-day

  A serious heap buffer overflow vulnerability means Google Chrome users should patch their browsers as soon as possible

• February 05, 2021 05 Feb'21

  Financial regulatory body bombarded with malicious emails

  New disclosures reveal the FCA’s systems bounced almost a quarter of a million malicious emails in a three-month period

• February 05, 2021 05 Feb'21

  Security firm Stormshield loses source code in cyber attack

  Source code from two products developed by French cyber security firm was compromised in a December 2020 incident

• February 05, 2021 05 Feb'21

  How Yarra Valley Water is tapping APIs

  The largest water retailer in Melbourne has rolled out application programming interfaces to improve operations and customer service

• February 04, 2021 04 Feb'21

  UKRI should speed up Industrial Strategy Challenge Fund approval processes, says NAO

  Industrial Strategy Challenge Fund’s lengthy approval process leads to delays in funding projects and could be a deterrent, according to the National Audit Office

• February 04, 2021 04 Feb'21

  Nurture software developer heroes

  Developer teams have been put under immense pressure to drive through digital transformation change, and they are now experiencing stress and burnout

• February 04, 2021 04 Feb'21

  Revolut rewrites policy to include permanent remote working

  Challenger finance firm Revolut is redesigning its office spaces and introducing permanent remote working policies

• February 04, 2021 04 Feb'21

  Boeing outsources to Dell affecting 600 IT jobs

  US aircraft manufacturer contracts hundreds of IT roles to Dell as it accelerates outsourcing plans

• February 04, 2021 04 Feb'21

  Fraud and cyber crime still vastly under-reported

  The scale of digitally enabled crime in the UK is dramatically under-reported, new statistics indicate

• February 03, 2021 03 Feb'21

  Has Covid-19 made bank branch closures easier to sell?

  Big banks continue to close branches and invest more in technology as the Covid-19 pandemic makes a case for digital banking

• February 03, 2021 03 Feb'21

  Foxtons rejects claims of slow reaction to data leak

  Investigators have unearthed 16,000 data records that seem to have been stolen in an attack on property firm Foxtons last year, but the organisation says it acted by the book in dealing with the incident

• February 03, 2021 03 Feb'21

  ‘Classic’ Cerber ransomware targets health sector in high volumes

  Cerber ransomware-as-a-service seems to have re-emerged as one of the most critical cyber threats facing healthcare organisations, reports VMware Carbon Black

• February 03, 2021 03 Feb'21

  SolarWinds patches two critical CVEs in Orion platform

  New vulnerabilities disclosed as SolarWinds reels from December 2020 Solorigate/Sunburst attack – but do not appear to have been exploited yet

• February 02, 2021 02 Feb'21

  Agent Tesla trojan finds new ways to sneak past defences

  Updated versions of Agent Tesla Rat include new techniques that fiddle with code to disable endpoint protection tools on target systems

• February 02, 2021 02 Feb'21

  Nordic region provides autonomous vehicle test bed

  Nordic region has the suppliers, environment and appetite for pioneering the development of autonomous vehicles

• February 01, 2021 01 Feb'21

  Serco confirms Babuk ransomware attack

  Outsourcing firm was hit by the ransomware last week but insists most of its operations are running as normal

• February 01, 2021 01 Feb'21

  CISOs invisible to their organisations, says BT report

  Ignorance of cyber issues is leading to misplaced confidence in security in many organisations, as CISOs struggle to make themselves seen and heard

• February 01, 2021 01 Feb'21

  IR35 private sector reforms: Zurich Insurance under fire over contractor blanket ban

  Zurich Insurance is the latest high-profile financial services company to declare contractors can only continue to engage with it via umbrella setups from April 2021, ahead of the IR35 rules coming into force

• January 29, 2021 29 Jan'21

  Revealed: Brits who fuelled ‘vicious’ conspiracy theory by Trump supporters

  Trump supporters have apologised and paid millions in damages to the family of murdered Democratic Party staffer Seth Rich for promoting false allegations that Rich – not Russian agents – stole emails from the Democratic National Committee

• January 29, 2021 29 Jan'21

  Commerzbank announces big job cuts and branch closures

  German bank is closing hundreds of branches and cutting thousands of jobs as it reshapes for the digital age

• January 28, 2021 28 Jan'21

  Apprenticeships may be a solution to cyber skills shortage, say insiders

  Cyber security professionals are open to new approaches to finding sorely needed talent, according to a poll

• January 28, 2021 28 Jan'21

  TCS rings in the new year on a roll

  India’s Tata Consultancy Services recorded one of its strongest third-quarter earnings and grew its brand value amid a global pandemic

• January 27, 2021 27 Jan'21

  Mimecast breach was work of SolarWinds attackers

  Mimecast’s investigation into a January 2021 breach of its systems turns up evidence that the culprit was the same group that targeted SolarWinds in December

• January 27, 2021 27 Jan'21

  Emotet botnet goes offline as cops seize servers

  The Emotet botnet has been disrupted and knocked offline after a major international effort by law enforcement

• January 27, 2021 27 Jan'21

  Grindr complaint results in €9.6m GDPR fine

  Norway’s data protection authority plans to apply a fine totalling 10% of LGBTQ+ dating app Grindr’s revenues over its data sharing practices

• January 27, 2021 27 Jan'21

  Emergency Apple updates patch exploited zero-days

  Three vulnerabilities could give attackers full control of their target Apple devices, and must be patched immediately

• January 27, 2021 27 Jan'21

  Latest Microsoft results show strength in Teams and Azure

  Microsoft reports 50% growth in Azure and integration between Teams and ServiceNow, Workday and Salesforce

• January 27, 2021 27 Jan'21

  After a push at the start, Mencap’s automation journey is gathering pace

  UK charity was helped out by a bank at the start of an automation investigation that is now a project sweeping across the organisation

• January 26, 2021 26 Jan'21

  Australia’s IT spending set to bounce back in 2021

  IT spending in Australia will grow by 4% this year, reversing a decline of 1% in 2020 as organisations seek to grow their digital chops

• January 26, 2021 26 Jan'21

  North Korean state attacks legitimate security researchers

  Threat researchers specialising in vulnerability research and development appear to be being targeted by a North Korean state-backed group

• January 26, 2021 26 Jan'21

  Saudi IT spending to hit $11bn in 2021

  Saudi Arabian organisations will spend about $11bn on IT this year, with emerging technologies high on shopping lists

• January 26, 2021 26 Jan'21

  Cyber fraud a national security issue, says Rusi report

  A report from the Rusi think tank calls for fresh approaches to how we think about fighting fraud

• January 25, 2021 25 Jan'21

  Cracking the message in a bottle

  Between 2016 and 2019, a number of bottles washed ashore in Hamburg, each containing an ‘uncrackable’ message

• January 22, 2021 22 Jan'21

  Nine out of 10 UK card payments in 2020 were contactless

  Contactless cards payments accounted for around 90% of card payments in the UK in 2020

• January 22, 2021 22 Jan'21

  Sepa data leaks as agency resists ransom demands

  The Scottish Environment Protection Agency is resisting extortion demands from a ransomware gang, but has suffered a data leak in retaliation

• January 21, 2021 21 Jan'21

  Hackney Council tenders for cyber security upgrade

  Suppliers are being invited to tender for enhanced cyber security capabilities at ransomware victim Hackney Council

• January 21, 2021 21 Jan'21

  Two-thirds of CISOs say they’ll be cyber attack victims this year

  Security professionals are ever alert to the threats they face, but some still seem to think it is unlikely they will be attacked

• January 21, 2021 21 Jan'21

  UKtech50 2021: Vote for the most influential person in UK technology

  Our judges have picked a shortlist, and now we invite readers to tell us who should be chosen as the most influential person in the UK tech scene for 2021 – submit your vote now

• January 21, 2021 21 Jan'21

  Incompetent cyber criminals leak data in opsec failure

  Even cyber criminals need to pay attention to their information security posture, as this cautionary tale uncovered by Check Point reveals

• January 21, 2021 21 Jan'21

  Digital knowledge must be integral part of Dutch police training

  Research reveals gaps in digital knowledge among Netherlands police, with calls for a training ‘roadmap’ to get officers up to speed to tackle cyber crime

• January 21, 2021 21 Jan'21

  IR35 private sector reforms: IT contractors warned to be wary of non-compliant umbrella companies

  The proliferation of websites offering comparison site-like services for umbrella companies has prompted tax experts to warn IT contractors of the financial risk posed by firms offering ‘too good to be true’ take-home pay rates

• January 20, 2021 20 Jan'21

  Should I be worried about MFA-bypassing pass-the-cookie attacks?

  Malicious actors bypassed multi-factor authentication using so-called pass-the-cookie attacks, but how worrying is this and what is the risk to organisations?

• January 20, 2021 20 Jan'21

  HSBC closing more branches as customers turn to digital channel

  Bank announces branch closures as it reshapes its network for the digital age

• January 20, 2021 20 Jan'21

  Malwarebytes also hit by SolarWinds attackers

  The nation state group that attacked SolarWinds in December got inside Malwarebytes by exploiting privileged access to its Microsoft Office 365 tenant, the firm reveals

• January 19, 2021 19 Jan'21

  Value of GDPR fines shows dramatic increase in 2020

  European regulators imposed almost €160m worth of fines during the past 12 months, a substantial rise

• January 19, 2021 19 Jan'21

  Click fraud levels reach new heights in pandemic

  Small companies risk losing £10,000 a year, and enterprises as much as £520,000, to cyber criminals as click fraud volumes spike

• January 19, 2021 19 Jan'21

  Criminals fiddled stolen Covid-19 vaccine data to damage trust

  Malicious actors manipulated stolen Covid-19 data in a way clearly intended to damage public trust in vaccines, says the EMA

• January 18, 2021 18 Jan'21

  MoD reports 18% rise in data loss incidents

  The Ministry of Defence reported more than five hundred data security incidents in 2019-20, with seven serious enough to warrant disclosure to the ICO

• January 14, 2021 14 Jan'21

  All EU states can take data protection cases against Facebook, says EU court

  An opinion from the European Court of Justice has the potential to lead to a flood of privacy complaints against Facebook if upheld

• January 14, 2021 14 Jan'21

  Old, on-premise systems targeted in Hackney ransomware attack

  Council reveals some more insight into how the Pysa ransomware gang infiltrated its systems by exploiting legacy technology

• January 13, 2021 13 Jan'21

  Court to rule on Facebook data sharing after Schrems drops legal challenge against Irish regulator

  Irish High Court says it will issue a judgment as soon as possible over a draft decision by Ireland’s data protection commissioner to order Facebook to stop the transfer of data about EU citizens to datacentres in the US

• January 13, 2021 13 Jan'21

  World’s largest dark web market disrupted in major police operation

  Coordinated international operation including Europol and the UK’s National Crime Agency has successfully taken DarkMarket offline

• January 13, 2021 13 Jan'21

  Stolen Pfizer/BioNTech Covid-19 vaccine data leaked

  Data dump understood to include screenshots of emails, peer review information, PDFs and PowerPoint presentations

• January 13, 2021 13 Jan'21

  Critical zero-day features in first Patch Tuesday of 2021

  Microsoft releases fixes for 84 bugs on the first Patch Tuesday of 2021, including a critical zero-day vulnerability in Microsoft Defender

• January 12, 2021 12 Jan'21

  Mimecast latest security firm to be compromised

  Users of a specific Mimecast certificate used to authenticate services to Microsoft Office 365 may be at risk of compromise in an attack that may relate to the ongoing SolarWinds incident

• January 12, 2021 12 Jan'21

  Retail giant Walmart to launch a fintech

  Fintech will be geared towards offering the services Walmart’s customers and employees want

• January 11, 2021 11 Jan'21

  APAC firms’ ‘future readiness’ a mixed bag

  Led by firms in China, Singapore and Australia, just over a quarter of businesses in APAC fit the bill as a future-ready business, study finds

• January 11, 2021 11 Jan'21

  New SolarWinds CEO sets out rescue plan

  Customers can expect to see more regular and thorough checks on SolarWinds products, alongside greater engagement with the security community

• January 11, 2021 11 Jan'21

  Kaspersky claims link between Solorigate and Kazuar backdoors

  Researchers say they have found specific code similarities between the Solorigate/Sunburst malware and the Kazuar backdoor, suggesting some relationship