News

Privacy and data protection

• January 21, 2022 21 Jan'22

  Tinder algorithm charging users more based on age

  Popular dating app Tinder could have broken data protection and equality laws by using personal data about people’s age to set different prices

• January 21, 2022 21 Jan'22

  Mandiant analysts: Russia-backed APTs likely to ramp up attacks

  More cyber attacks like those perpetrated against targets in Ukraine are to be expected, and they may become more destructive

• January 21, 2022 21 Jan'22

  ICO criticises government-backed campaign to delay end-to-end encryption

  Data protection watchdog warns that delaying end-to-end encryption will put children at risk

• January 21, 2022 21 Jan'22

  Cyber pros: Don’t revel in REvil’s downfall just yet

  The arrests of REvil’s alleged kingpins is a welcome step, but as with any disruption to cyber criminal activity, it is never wise to assume law enforcement action means the threat has passed entirely

• January 20, 2022 20 Jan'22

  Ransomware attacks dropped 37% in December, claims NCC

  Latest monthly data reveals a significant decline in ransomware attacks at the end of 2021, but a new, emergent gang is making waves

• January 20, 2022 20 Jan'22

  Data of 515,000 vulnerable people stolen in Red Cross attack

  The International Committee of the Red Cross is probing a cyber attack that has already seen the personal data of hundreds of thousands of the world’s most vulnerable people compromised

• January 20, 2022 20 Jan'22

  Singapore to tighten digital banking security

  Banks in Singapore will have to put in place more stringent measures to combat the rise in online phishing scams targeted at bank customers in the city-state

• January 19, 2022 19 Jan'22

  Government funds charity campaign to warn big tech over the risks of encryption to children

  Barnardo’s and other charities begin a government-backed PR campaign to warn of the dangers end-to-end encryption poses to child safety, which has been criticised as being ‘one-sided’

• January 19, 2022 19 Jan'22

  Investigators find Beijing 2022 app riddled with security flaws

  Security flaws in Olympic app may put personal health data at risk of compromise in a man-in-the-middle attack

• January 18, 2022 18 Jan'22

  Police take down VPN linked to multiple ransomware hits

  German police led a multinational effort to seize and take down the LabVPN service, which was allegedly used by cyber criminals to facilitate ransomware attacks

• January 17, 2022 17 Jan'22

  ‘Russian-backed’ hackers defaced Ukrainian websites as cover for dangerous malware attack

  Kiev claims that a hacking group in Belarus – a close ally of Russia – was responsible for hacking Ukrainian government websites amid threats of military action

• January 12, 2022 12 Jan'22

  MEPs demand EU probe into Pegasus spyware abuse

  A group of European Parliament Members has called for an EU-wide investigation into NSO Group’s Pegasus spyware after it emerged EU member states may have used it

• January 11, 2022 11 Jan'22

  Banks accused of neglecting customer security measures

  Which? singles out Metro Bank, Virgin Money and TSB over insecure online banking processes

• January 11, 2022 11 Jan'22

  Companies propose scanning content pre-encryption to fight CSAM

  Firms working on the UK government’s Safety Tech Challenge have suggested that scanning content before encryption will help prevent the spread of child sexual abuse material – but privacy concerns remain

• January 11, 2022 11 Jan'22

  Proofpoint acquires Singapore data security startup

  Proofpoint’s acquisition of Dathena will bolster its data loss prevention capabilities, enabling organisations to better understand information risk through the use of AI

• January 10, 2022 10 Jan'22

  Ministry of Justice caught up in multiple cyber incidents

  Besides multiple disclosed data breaches, department was also affected by two ransomware attacks

• January 09, 2022 09 Jan'22

  Singapore retailer hit by data breach

  The personal data of OG’s basic and gold members stored in a database managed by a third-party service provider was reportedly compromised

• January 06, 2022 06 Jan'22

  France fines Facebook and Google over alleged cookie malpractice

  French data protection authorities clamp down on tech platforms for purposely making it more burdensome for users to decline tracking cookies

• January 05, 2022 05 Jan'22

  Judges to decide whether Assange can appeal against extradition as he reaches 1,000 days in jail

  Mexican president Andrés Manuel López Obrador urges US to treat WikiLeaks founder Julian Assange with humanity and to consider Mexico’s offer to grant Assange asylum

• January 03, 2022 03 Jan'22

  How APAC firms can stay ahead of cyber threats

  Organisations will need to develop behavioural detection, machine learning and threat hunting capabilities to keep pace with the onslaught of cyber attacks

• December 31, 2021 31 Dec'21

  Top 10 crime, national security and law stories of 2021

  Here are Computer Weekly’s top 10 crime, national security and law stories of 2021

• December 30, 2021 30 Dec'21

  Top 10 technology and ethics stories of 2021

  Here are Computer Weekly’s top 10 technology and ethics stories of 2021

• December 23, 2021 23 Dec'21

  Top 10 cyber security stories of 2021

  Cyber security dominated the headlines in 2021, making it hard to gain a clear picture of what to pay attention to. What is an IT buyer to do?

• December 20, 2021 20 Dec'21

  Top 10 artificial intelligence stories of 2021

  This year, artificial intelligence has moved to operationalisation, explainability and regulatory frameworks. Here are Computer Weekly’s top 10 artificial intelligence stories for 2021

• December 10, 2021 10 Dec'21

  Julian Assange can be extradited to the US to face espionage and hacking charges, court rules

  High Court overturns decision not to extradite WikiLeaks founder after US government gives assurances over his treatment

• December 09, 2021 09 Dec'21

  UK and US to collaborate on privacy innovation contest

  Joint UK-US innovation challenge contest centring on privacy-enhancing technology announced at Summit for Democracy in Washington DC

• December 08, 2021 08 Dec'21

  UK privacy chief denies conflict of interest in new role

  UK information commissioner will join a private law firm that represents technology companies she used to regulate, raising questions about conflicts of interest and drawing ‘revolving door’ criticisms

• December 08, 2021 08 Dec'21

  Number of .uk domain suspensions at record low

  Statistics from Nominet show how effective law enforcement action against cyber crime in the UK is paying off

• December 02, 2021 02 Dec'21

  Millions of credit card details for sale on dark web for as little as 75p

  The credit card details of millions of people from across the world can be bought by criminals using the dark web for as little as $1

• December 01, 2021 01 Dec'21

  Kaspersky introduces cyber policy for bionic devices

  Cyber firm Kaspersky has become one of the first organisations in the world to develop and implement a security policy covering the use of bionic devices and other forms of human augmentation

• November 30, 2021 30 Nov'21

  Compliance, device management a challenge for NHS cyber teams

  Information gleaned by asset visibility specialist Armis reveals that despite improvements, some daunting security challenges still dog the NHS

• November 30, 2021 30 Nov'21

  HP patches bugs in over 150 printer models

  More than 150 HP multifunction printers are at risk of compromise through a series of newly disclosed vulnerabilities, one of them wormable

• November 29, 2021 29 Nov'21

  ICO warns facial recognition company Clearview AI it could face £17m fine over privacy breaches

  The UK’s information commissioner has issued a preliminary decision to fine Clearview over £17m for breaching UK data protection law and invited the company to make representations

• November 29, 2021 29 Nov'21

  British Army picks Immersive Labs for cyber training

  The British Army will make Immersive Labs’ security training platform available to all serving personnel

• November 26, 2021 26 Nov'21

  UK’s surveillance culture may be normalising use of tech for abuse

  Intense surveillance of public spaces by UK authorities may be playing a part in the normalisation of cyber stalking in intimate relationships

• November 25, 2021 25 Nov'21

  Government must prove its plans to police encryption work, says ex-cyber security chief

  Ciaran Martin, the former UK cyber security chief, says the government must explain how it can access encrypted communications without damaging cyber security and weakening privacy

• November 25, 2021 25 Nov'21

  UK consumers warned of increase in credit card application fraud

  There has been a sharp rise in fraudsters using stolen personal details to open credit card accounts

• November 24, 2021 24 Nov'21

  Consumer cyber bill to protect mobiles, smart devices

  Product Security and Telecommunications Infrastructure Bill will reinforce protections for consumer devices and mandate improvements to default security settings

• November 24, 2021 24 Nov'21

  Apple sues under-fire malware firm NSO

  Lawsuit alleges spyware firm NSO Group targeted Apple’s users, adding to the pressure on the under-fire company

• November 24, 2021 24 Nov'21

  Police tech introduced with little scrutiny or training

  A Lords inquiry into the adoption of advanced algorithmic technologies by police in England and Wales has been told that new tools are being introduced without proper training and with little scrutiny of their impacts

• November 23, 2021 23 Nov'21

  Schrems accuses Irish DPC of trying to block publication of Facebook documents

  Austrian lawyer Max Schrems has filed a complaint after the Irish data protection commissioner put his privacy organisation under pressure to sign a non-disclosure agreement

• November 22, 2021 22 Nov'21

  Black Friday cyber warning for 4,000 card-skimming victims

  NCSC warns thousands of small retailers that their websites are being exploited to steal customer data

• November 18, 2021 18 Nov'21

  Sky ECC provided free cryptophones to a Canadian police force

  Internal emails disclosed in a US court show how Sky Global supplied sample encrypted phones to a Canadian police force before its phone users became subject to an international police investigation

• November 18, 2021 18 Nov'21

  Cryptophone supplier Sky Global takes legal action over US government website seizures

  Canadian tech company Sky Global has filed a legal motion claiming that the US government unlawfully seized the company’s internet sites following police investigations into the use of its cryptophones by organised crime

• November 18, 2021 18 Nov'21

  AstraZeneca looks at the bigger picture in enterprise social media

  How do you work with people in different time zones and from different cultures and what happens when people leave the company?

• November 17, 2021 17 Nov'21

  Security startups line up on Cyber Runway

  Some 108 cyber security startups representing the UK’s most cutting-edge innovators are to join Plexal’s Cyber Runway accelerator

• November 16, 2021 16 Nov'21

  One-fifth of NCSC-supported cyber incidents linked to Covid-19

  National Cyber Security Centre has helped to thwart multiple cyber incidents that could have seriously disrupted the UK’s response to the pandemic

• November 15, 2021 15 Nov'21

  UK government proposes new rules for digital supply chain security

  Proposals could see IT service providers legally required to adhere to the NCSC’s Cyber Assessment Framework, among other things

• November 11, 2021 11 Nov'21

  HPE’s Aruba networking unit hit by cyber attack

  Undisclosed threat actor compromised data buckets used to run the Aruba Central cloud environment using a stolen access key

• November 11, 2021 11 Nov'21

  Scale of crime-as-a-service economy a growing concern, say researchers

  The cyber criminal underground continues its evolution towards a service-based economy

• November 11, 2021 11 Nov'21

  Lloyd v Google Supreme Court verdict brings end to privacy class actions against big tech in UK

  A ruling by the Supreme Court has left it financially unviable for individuals to bring class actions in the UK against big tech companies for privacy breaches

• November 10, 2021 10 Nov'21

  EU artificial intelligence regulation risks undermining social safety net

  Europe’s proposed artificial intelligence regulation will not adequately protect people from European governments' increasing use of the technology in social security decisions and resource allocation, says Human Rights Watch

• November 09, 2021 09 Nov'21

  Yoti develops age estimation algorithm for under-13s

  Age estimation technology developed by Yoti is being pitched as a way of helping social media platforms and other online businesses protect younger internet users from harm

• November 08, 2021 08 Nov'21

  Gig economy workforce nearly trebles over five years

  Over four million people in England and Wales now work for gig economy platforms at least once a week, marking a nearly threefold increase since 2016

• November 08, 2021 08 Nov'21

  How cosmetics retailer Lush made over its approach to authentication

  Evolving approaches to IT at cosmetics retailer Lush meant the organisation’s previous approach to authentication was no longer up to scratch. Find out how it overcame this hurdle

• November 04, 2021 04 Nov'21

  The Netherlands works on resilience with large-scale national cyber exercise

  For the Netherlands, the biggest challenge in a large-scale cyber crisis is to maintain speed while exercising due care

• November 03, 2021 03 Nov'21

  Spyware firm NSO and others added to US banned Entity List

  US government bans target Israeli spyware makers and cyber firms in Russia and Singapore

• November 03, 2021 03 Nov'21

  Facebook self-imposes facial recognition moratorium

  Facebook and Meta have committed to halting their use of facial recognition technology and deleting the biometric data of more than a billion people by the end of 2021, but will retain the underlying algorithms and software for potential use in ...

• November 03, 2021 03 Nov'21

  UK’s Labour Party hit by third-party data breach

  Data on Labour Party members was recently compromised in an apparent cyber attack on a third-party data processor

• November 03, 2021 03 Nov'21

  BlackMatter ransomware crew shuts down, leaves victims in a bind

  The BlackMatter ransomware gang appears to be winding down its activities, possibly due to pressure from law enforcement

• November 03, 2021 03 Nov'21

  Adelaide healthcare network digitises manual processes

  The Central Adelaide Local Health Network has digitised manual processes in more than 20 speciality areas to improve patient experience and alleviate the workloads of frontline staff

• November 02, 2021 02 Nov'21

  Electronic waste excluded from COP26 agenda

  Data sanitation industry group calls on UK government to add electronic waste to the climate summit’s agenda

• November 02, 2021 02 Nov'21

  Convicted Silk Road admin stripped of £500k in crypto earnings

  Jailed Silk Road administrator Thomas White, aka Cthulhu, has been ordered to hand over more than £490,000 of illicit earnings

• November 01, 2021 01 Nov'21

  Businesses and governments urged to take action over Trojan Source supply chain attacks

  Businesses and governments have been put on alert to guard against Trojan Source hacking attacks

• November 01, 2021 01 Nov'21

  MPs and Lords grill Facebook over online safety efforts

  Facebook answers British lawmakers’ questions about the social media giant’s efforts to ensure the safety of its users, as part of legislative security of the government's proposed online safety bill

• October 29, 2021 29 Oct'21

  Facebook rebrands to Meta amid continuing controversies

  Facebook has changed its corporate name to Meta to support its work on the next generation of “social technologies”, but concerns around trust and privacy persist

• October 28, 2021 28 Oct'21

  CIA sought revenge against Julian Assange over hacking tool leaks, court hears

  The CIA discussed kidnapping Julian Assange after WikiLeaks published thousands of documents revealing its arsenal of hacking tools, defence lawyers tell a London court

• October 28, 2021 28 Oct'21

  Illegal state surveillance in Africa ‘carried out with impunity’

  Analysis of surveillance laws and practices in six African countries finds that existing privacy laws are failing to protect citizens from illegal digital surveillance, which is being facilitated and enabled by global tech companies

• October 28, 2021 28 Oct'21

  How ransomware crews pile on the pressure to get victims to pay

  Sophos researchers share some of the more common tactics ransomware gangs use to pressurise their victims into paying up

• October 27, 2021 27 Oct'21

  ‘No-one extradited from UK to US has committed suicide,’ US tells court in Assange appeal

  US government claims that a district judge has given WikiLeaks founder Julian Assange a ‘trump card’ to avoid extradition  

• October 27, 2021 27 Oct'21

  Government commits millions to security investment

  Spending Review adds more than £750m of funding to improve cyber security resilience across government

• October 26, 2021 26 Oct'21

  DarkMarket takedown results in 150 arrests

  A coordinated operation by law enforcement has seen 150 taken into custody amid allegations of buying or selling illicit goods on the dark web

• October 22, 2021 22 Oct'21

  MEPs vote to expand Europol data mandate

  The European Parliament has voted in favour of expanding Europol’s mandate to process data and develop AI tools, but critics claim it contradicts a previous vote which opposed using new technologies to predict crime

• October 20, 2021 20 Oct'21

  US intelligence agencies issue advisory on BlackMatter gang

  Joint advisory on ransomware gang warns about potential of further attacks on critical infrastructure providers

• October 20, 2021 20 Oct'21

  Police IT buyers should compel suppliers to prove AI claims

  House of Lords told that UK law enforcement bodies should use their position as buyers to compel private sector suppliers to divulge more information about how their AI-powered technologies work

• October 18, 2021 18 Oct'21

  How Samlesbury, Lancashire became the home of the National Cyber Force

  The National Cyber Force, a new branch of the military, is gearing up to fight battles in cyber space from the fields of Lancashire. Its presence is expected to bring a high-tech renaissance to the region

• October 14, 2021 14 Oct'21

  Apple scheme to detect child abuse creates serious privacy and security risks, say scientists

  Apple’s plan to automatically scan photos to detect child abuse would unduly risk the privacy and security of law-abiding citizens and could open up the way to surveillance, say the world’s top cryptographic experts

• October 14, 2021 14 Oct'21

  NHS Digital enhances in-house cyber awareness drive

  Keep IT Confidential campaign aims to help NHS staff understand more about security threats and learn how to reduce risk

• October 13, 2021 13 Oct'21

  FCA warns over future hybrid working security risks

  Earlier this week, the Financial Conduct Authority issued fresh guidance to regulated organisations on keeping hybrid workers safe and secure

• October 13, 2021 13 Oct'21

  Former signals intel leader named godfather of UK security

  Sixth annual Security Serious Unsung Heroes Awards honours former Royal Corps of Signals colonel and infosec pioneer John Doody

• October 13, 2021 13 Oct'21

  Australia unveils ransomware action plan

  The Australian government has established a task force to address the ransomware menace and is proposing legislation to mandate reporting of ransomware incidents by businesses

• October 12, 2021 12 Oct'21

  BCS calls on government to retain protections against AI

  BCS, the Chartered Institute for IT, wants the government to retain protections that allow people to have decisions about them made by an AI reviewed by humans if needed

• October 12, 2021 12 Oct'21

  Ban UK police use of facial-recognition, House of Lords told

  Experts giving evidence to the House of Lords have said that UK police use of facial-recognition technology is disproportionate and ineffective, and further questioned the utility of algorithmic crime ‘prediction’ tools

• October 11, 2021 11 Oct'21

  Covid-19 will loom over cyber strategy for years to come

  In remarks delivered to a Chatham House conference, NCSC head Lindy Cameron reflects on the security challenges facing the UK, and sets out some plans for the future

• October 11, 2021 11 Oct'21

  Sensitive documents to stay with whistleblower after deadline for agreement for their return passes

  A deadllne to agree the safe return of the sensitive banking details of former and current NatWest Group customers has passed without agreement

• October 11, 2021 11 Oct'21

  Singapore refreshes cyber security strategy

  The city-state updates its national cyber security strategy to shore up the security of critical infrastructure and enterprises while growing its cyber security industry, among other goals

• October 08, 2021 08 Oct'21

  Craft beer specialist Brewdog fixes serious app vulnerability

  Vulnerability in brewer’s mobile app could have resulted in serious consequences for its shareholders and customers

• October 07, 2021 07 Oct'21

  ICO expresses concerns over its future independence

  In its response to the government’s data protection consultation, the Information Commissioner’s Office has raised worries over its future ability to function independently of government interference

• October 07, 2021 07 Oct'21

  Uber faces legal action over ‘racist’ facial verification system

  Two UK-based unions are taking Uber to court, claiming their members have been unfairly dismissed as a result of misidentification by the company’s facial verification system

• October 07, 2021 07 Oct'21

  Twitch data breach investigations continue

  Investigations are ongoing into a 125GB data breach that hit livestreaming platform Twitch, apparently the work of hacktivists

• October 06, 2021 06 Oct'21

  US lawmakers propose ransomware reporting rules

  Former presidential candidate Elizabeth Warren lends her support to a bill that would require corporate ransomware victims to disclose more information about their attacks to the authorities

• October 06, 2021 06 Oct'21

  Gaming service Twitch hacked, data leaked

  Users of livestreaming platform Twitch may be at risk after a 125GB torrent of data was leaked

• October 06, 2021 06 Oct'21

  Apache web server users urged to patch immediately

  New zero-day in Apache HTTP Server is already being actively exploited and must be addressed immediately

• October 06, 2021 06 Oct'21

  Auto-enrolment begins for Google multi-factor authentication

  Google has started to turn on multi-factor authentication on consumer accounts by default, and aims to auto-enrol 150 million users by the end of 2021

• October 04, 2021 04 Oct'21

  How GYG Singapore moved to paperless contracts

  The Singapore franchisee of Mexican cuisine specialist Guzman y Gomez has turned to electronic agreements and digital signatures to ease the administrative burden on its HR team

• October 01, 2021 01 Oct'21

  Met Police purchase new retrospective facial-recognition system

  Retrospective facial-recognition software purchased for £3m by the Met Police will be deployed in coming months amid continuing controversy around the use of biometric technologies by law enforcement bodies

• October 01, 2021 01 Oct'21

  Amnesty International exploited in malware campaign

  According to new intelligence from Cisco Talos, Amnesty International’s branding and profile is being used as part of a new malware campaign that exploits people’s fears of the notorious Pegasus spyware app

• October 01, 2021 01 Oct'21

  JVCKenwood hit by Conti ransomware attack

  Nearly 2TB of data was stolen from Japanese electronics firm in a Conti ransomware hit

• September 30, 2021 30 Sep'21

  UK consumers would collectively pay over £1bn a year for control of their data

  UK consumers are willing to pay a small fee per month to have control of the data they share with Google and Facebook

• September 28, 2021 28 Sep'21

  Digital regulators need discrete but cooperative remits

  The UK’s information commissioner has told MPs that digital economy regulators need discrete remits backed up by strong information sharing powers to both provide clear focus as well as allow for greater cooperation between their disparate but ...