News
Privacy and data protection
-
August 29, 2025
29
Aug'25
ICO publishes summary of police facial recognition audit
The UK data regulator has released a summary of its facial recognition audit of two police forces
-
August 29, 2025
29
Aug'25
Home Office ‘backdoor’ seeks worldwide access to Apple iCloud users’ data, court documents confirm
A court filing states that a government order against Apple would give it the capability to access communications and metadata of customers using the iCloud service anywhere in the world
-
August 28, 2025
28
Aug'25
Microsoft refuses to divulge data flows to Police Scotland
Tech giant Microsoft is declining to share key information with Police Scotland about where the sensitive data it uploads to Office 365 will be processed, leaving the force unable to comply with UK-wide data protection laws
-
August 26, 2025
26
Aug'25
Okta makes AI identity play with Axiom acquisition
Okta says Axiom Security’s technology will reinforce its own offerings in privileged access management, especially when it comes to the growing number of non-human identities
-
August 25, 2025
25
Aug'25
How to secure the identity perimeter and prepare for AI agents
Ping Identity CEO Andre Durand explains why identity has become the critical security battleground, how decentralised credentials will reduce data breach risks, and why AI agents will need their own identities to be trusted
-
August 25, 2025
25
Aug'25
Ransomware attack volumes up nearly three times on 2024
During the first six months of 2025, the number of observed and tracked ransomware attacks far outpaced the volume seen in 2024
-
August 21, 2025
21
Aug'25
Scale of MoD Afghan data breaches widens dramatically
Many more data breaches at the MoD's Arap programme to relocate at-risk Afghan citizens to Britain have emerged following an FoI request by BBC journalists
-
August 21, 2025
21
Aug'25
Apple iOS update fixes new iPhone zero-day flaw
Latest Apple zero-day found in the ImageIO framework opens the door for targeted zero-click attacks on iPhone users
-
August 21, 2025
21
Aug'25
UK equality watchdog: Met Police facial recognition unlawful
The UK’s equality watchdog has been granted permission to intervene in a judicial review of the Met Police’s live facial-recognition (LFR) technology use, which it claims is being deployed unlawfully
-
August 20, 2025
20
Aug'25
Microsoft starts including PQC algorithms in cyber foundations
Microsoft updates on its post-quantum cyber strategy as it continues integrating quantum-safe algorithms into some of the core foundations underpinning its products and services
-
August 20, 2025
20
Aug'25
Commvault users told to patch two RCE exploit chains
Storage firm Commvault fixes four vulnerabilities that, when combined, create a pair of RCE exploit chains that could be used to target on-premise customers with ransomware and other nasties
-
August 19, 2025
19
Aug'25
Google spins up agentic SOC to speed up incident management
Google Cloud elaborates on its vision for securing artificial intelligence unveiling new protections and capabilities across its product suite
-
August 19, 2025
19
Aug'25
Deepfake AI scammers target the Big Yin
Cyber criminal scammers exploiting GenAI to create deepfake AI tools are targeting one of the UK’s most beloved comics, and one of its strongest accents
-
August 19, 2025
19
Aug'25
US says UK has agreed to drop encryption ‘backdoor’ demands against Apple
US and UK end diplomatic row over UK encryption ‘backdoor’ order against Apple, but it remains unclear whether Apple will restore advanced encryption services to UK users
-
August 18, 2025
18
Aug'25
Workday hit in wave of social engineering attacks
A campaign of voice-based social engineering attacks targeting users of Salesforce’s services appears to have struck HR platform Workday
-
August 18, 2025
18
Aug'25
Extremist hacker who defaced websites and stole data imprisoned
Hacker Al-Tahery Al-Mashriky pled guilty to attacking multiple websites based on extremist political and religious ideology
-
August 15, 2025
15
Aug'25
Warlock claims ransomware attack on network services firm Colt
UK network services firm Colt is attempting to recover various customer-facing systems following a cyber attack that has been claimed by the Warlock ransomware gang and may have arisen via a SharePoint flaw
-
August 15, 2025
15
Aug'25
US trade body calls on Washington to cut cyber red tape
The US Information Technology Industry Council has called on the White House’s Office of the National Cyber Director to cut burdensome regulations in areas such as AI and incident reporting, and to do more to build a unified security regime
-
August 12, 2025
12
Aug'25
Researchers firm up ShinyHunters, Scattered Spider link
ReliaQuest researchers present new evidence that firms up a potential link, or outright partnership, between the ShinyHunters and Scattered Spider cyber gangs
-
August 12, 2025
12
Aug'25
UK work visa sponsors are target of phishing campaign
Mimecast identifies a phishing campaign targeting UK organisations that sponsor migrant workers and students, opening the door to account compromise and visa fraud
-
August 12, 2025
12
Aug'25
Workday research: 75% of employees will work with artificial intelligence, but not for it
Workday research finds 75% of workers like AI as a teammate, but only 30% want it to be the boss. Trust in the technology may grow with use, but human focus, clear roles and governance are key
-
August 11, 2025
11
Aug'25
McCullough Review into PSNI spying on journalists and lawyers delayed
Angus McCullough KC is to present findings of an independent review of police spying on phone data of lawyers, journalists and NGOs in Northern Ireland in October
-
August 11, 2025
11
Aug'25
Watching the watchers: Is the Technical Advisory Panel a match for MI5, MI6 and GCHQ?
Dame Muffy Calder is chair of the Technical Advisory Panel (TAP), a small group of experts that advises the Investigatory Powers Commissioner on surveillance technology. Do they have what it takes to oversee the intelligence community?
-
August 08, 2025
08
Aug'25
OpenAI closes gap to artificial general intelligence with GPT-5
As OpenAI’s latest large language model delivers smarter AI, experts are wary of the risks GPT-5 poses to human creativity
-
August 06, 2025
06
Aug'25
Black Hat USA: Startup breaks secrets management tools
Researchers at Cyata, an agentic identity specialist that has just emerged from stealth, found 14 CVEs in the widely used CyberArk Conjur and HashiCorp Vault enterprise secrets management platforms
-
August 06, 2025
06
Aug'25
Companies House ID verification to start in November 2025
Companies House plans to start vetting director identities from mid-November, but its reliance on the troubled One Login digital identity service may be cause for concern
-
August 06, 2025
06
Aug'25
Australian scaleup to bring AI-led data protection to the MoD
The UK’s Ministry of Defence is embracing AI-led data protection in the wake of a major privacy breach, enlisting Australian cyber firm Castlepoint Systems to oversee sensitive records
-
August 04, 2025
04
Aug'25
Black Hat USA: Halcyon and Sophos tag-team ransomware fightback
Ransomware experts Halcyon and Sophos are to pool their expertise in ransomware, working together to enhance data- and intelligence-sharing and bringing more comprehensive protection to customers
-
August 04, 2025
04
Aug'25
Proliferation of on-premise GenAI platforms is widening security risks
Research finds increased adoption of unsanctioned generative artificial intelligence platforms is magnifying risk and causing a headache for security teams
-
August 01, 2025
01
Aug'25
Met Police to double facial recognition use amid budget cuts
The UK’s largest police force is massively expanding its use of live facial recognition technology as it prepares to lose 1,700 officers and staff
-
August 01, 2025
01
Aug'25
Securing agentic identities focus of Palo Alto’s CyberArk buy
Palo Alto Networks is entering the identity security space with a multibillion-dollar acquisition, and plans to address growing concerns around protecting identities associated with AI agents
-
July 30, 2025
30
Jul'25
Apple pushes almost 30 security fixes in mobile update
Apple pushes what will likely be the last major security update to its current iPhone and iPad operating systems, fixing 29 vulnerabilities in its mobile ecosystem
-
July 30, 2025
30
Jul'25
Industry experts warn crypto infrastructure is ‘creaking’
A report from experts at HSBC, Thales and InfoSec Global claims decades-old cryptographic systems are failing, putting businesses at risk from current vulnerabilities and the threat from quantum computing
-
July 29, 2025
29
Jul'25
Senator warns of new UK surveillance risks to US citizens following Apple ‘backdoor’ row
US lawmaker calls for the US to publish an assessment of the risks posed by UK surveillance laws to US citizens in the wake of disclosures that the UK has ordered Apple to introduce ‘backdoors’ in Apple encryption
-
July 29, 2025
29
Jul'25
Austrian government faces likely legal challenge over state spyware
Civil society groups are talking to opposition MPs about bringing a legal challenge to the Austrian constitutional court over ‘state trojan’ law
-
July 29, 2025
29
Jul'25
European Commission ignores calls to reassess Israel data adequacy
The European Commission is ignoring calls to reassess Israel’s data adequacy status in spite of concerns raised about its data protection framework and use of personal data in ‘repressive practices’
-
July 28, 2025
28
Jul'25
Data resilience critical as ransomware attacks target backups
With more threat actors targeting backup repositories to ensure a payday, Veeam urges organisations to treat data resilience as a competitive advantage, not just an insurance policy
-
July 24, 2025
24
Jul'25
US seeks ‘unquestioned’ AI dominance
US AI action plan sets out aims to expand American dominance in the world of artificial intelligence
-
July 24, 2025
24
Jul'25
SharePoint users hit by Warlock ransomware, says Microsoft
Microsoft’s security analysts confirm a number of cyber attacks on on-premise SharePoint Server users involve ransomware
-
July 24, 2025
24
Jul'25
Dutch researchers use heartbeat detection to unmask deepfakes
Dutch method to counter deepfakes analyses blood flow patterns in faces that current deepfake generation tools cannot yet replicate
-
July 24, 2025
24
Jul'25
Monzo’s £21m fine highlights banks’ cyber security failures
Monzo’s recent fine over failings in its customer verification processes highlights wider security and privacy shortcomings in the personal finance world
-
July 23, 2025
23
Jul'25
WhatsApp is refused right to intervene in Apple legal action on encryption ‘backdoors’
Investigatory Powers Tribunal to hear arguments in public over lawfulness of secret UK order requiring Apple to give UK law enforcement access to users’ encrypted data stored on the Apple iCloud
-
July 22, 2025
22
Jul'25
Microsoft confirms China link to SharePoint hacks
Microsoft confirms two known China-nexus threat actors, and one other suspected state-backed hacking group, are exploiting vulnerabilities in SharePoint Server
-
July 22, 2025
22
Jul'25
Chinese cyber spies among those linked to SharePoint attacks
Exploitation of the ToolShell RCE zero-day in Microsoft SharePoint continues to gather pace, with evidence emerging of exploitation by nation state-backed threat actors
-
July 22, 2025
22
Jul'25
UK government to bring in ransomware payment ban
Critical infrastructure operators, hospitals, local councils and schools will be among those banned from giving in to cyber criminal demands as the UK moves forward with proposals to address the scourge of ransomware
-
July 21, 2025
21
Jul'25
Netherlands calls for European shift to post-tracking internet as privacy laws fail
Dutch research institute argues decade of regulation hasn’t curbed surveillance capitalism, proposes fundamental business model change
-
July 18, 2025
18
Jul'25
NCSC exposes Fancy Bear's Authentic Antics malware attacks
Amid a new round of UK government sanctions targeting Moscow's intelligence apparatus, the NCSC has formally attributed attacks orchestrated with a cleverly-designed malware to the GRU's Fancy Bear cyber unit
-
July 18, 2025
18
Jul'25
DWP accused of shielding AI deployments from public scrutiny
Amnesty International and Big Brother Watch say Department for Work and Pensions’ ‘unchecked’ and opaque use of AI in the UK benefits system treats claimants as suspicious and is shielded from public scrutiny
-
July 16, 2025
16
Jul'25
Co-op chief ‘incredibly sorry’ for theft of 6.5m members’ data
Co-op chief executive Shirine Khoury-Haq has revealed that all the personal data of all 6.5 million of its members was compromised in the April 2025 cyber attack on its systems
-
July 15, 2025
15
Jul'25
MoD cyber breach put thousands of Afghan lives at risk
More than 18,000 Afghan citizens eligible to relocate to the UK under a government programme to protect them from the Taliban were put at risk in a heretofore unreportable data breach