IT for retail and logistics

Ransomware gangs harass victims to ‘bypass’ backups

Analysis reveals how cyber criminal gangs are turning to extensive, targeted harassment campaigns to force victims to pay up, even if their backups are in good order Continue Reading

Government should invest in maritime tech, say MPs

Report from the Transport Committee calls for investment in technology for the maritime sector, and wants the government to make it easier to scale-up innovation Continue Reading

BBC cracks down on TikTok after review

The BBC is asking staff not to install TikTok on corporate-owned devices without a justified business purpose, although its use will still be allowed to share media content with its audiences Continue Reading

UK TikTok ban gives us all cause to consider social media security

The UK government’s ban on TikTok should give all organisations cause to look into what information social media platforms are collecting on us, and what they are using it for Continue Reading

BEC attacks doubled in 2022, outstripping ransomware

Massive growth in the volume of Business Email Compromise or BEC attacks was linked to a surge in successful phishing campaigns, according to data from Secureworks Continue Reading

Mandiant: Dangerous MS Outlook zero-day widely used against Ukraine

A zero-day vulnerability in Microsoft Outlook that was fixed in the March Patch Tuesday update has likely been actively exploited by Russian actors for a year or more, and its use will now spread rapidly Continue Reading

Chinese Silkloader cyber attack tool falls into Russian hands

A loader tool used by Chinese cyber criminals seems to have been enthusiastically taken up in recent weeks by Russian ransomware operators Continue Reading

Microsoft patches Outlook zero-day for March Patch Tuesday

A highly dangerous privilege escalation bug in Outlook is among 80 different vulnerabilities patched in Microsoft’s March Patch Tuesday update Continue Reading

As Covid fades away, what’s the future of remote work in Europe?

Many IT leaders are still supporting some form of work from home, and a trend is beginning to take shape in Europe Continue Reading

Subpostmaster demands names of Post Office executives who crushed him to suffocate truth

One Post Office scandal victim was deliberately destroyed by the Post Office to deter other subpostmasters from challenging the integrity of its core computer system Continue Reading

MI5 to oversee new National Protective Security Authority

The new National Protective Security Authority will address various national security threats including state-sponsored cyber espionage against UK targets Continue Reading

Face tech – recognising the retail opportunity

From age verification to catching criminals, how are retailers using facial recognition technology to push forward their businesses? Continue Reading

UK government introduces revised data reform bill to Parliament

Designed in close collaboration with technology businesses, the UK government is re-introducing an updated version of its Data Protection and Digital Information Bill to Parliament, which civil society groups say upends key safeguards Continue Reading

IT worker evidence reveals a toxic Post Office IT helpdesk that discriminated against subpostmasters

IT worker tells public inquiry that the Post Office Horizon helpdesk was toxic, rudderless and racist Continue Reading

What can security teams learn from a year of cyber warfare?

With the passing of the first anniversary of Russia’s invasion of Ukraine, we reflect on the ongoing cyber war, and ask what security leaders can learn from the past 12 months Continue Reading

Top trends in tech, and retail’s early adopters

We identify the retail industry’s early adopters of what McKinsey deems the top tech trends. Continue Reading

WH Smith staff data accessed in cyber attack

The retailer has said that customer data has not been affected by the incident as it is held in different systems, and that investigations into the attack are ongoing Continue Reading

Post Office ditched plan to replace Fujitsu with IBM in 2015 due to cost and project concerns

Post Office attempted to replace controversial Horizon system 10 years ago, but was put off by project’s scale and cost. Continue Reading

Post Office’s most senior executives hushed up Horizon errors, public inquiry told

The Post Office messaging strategy was designed to reassure staff that the Horizon accounting system was robust after Computer Weekly first revealed problems in 2009 Continue Reading

Security Think Tank: Training can no longer be a compliance exercise

Historically, security training has tended to take a compliance-based focus, a ‘tick-box’ exercise using generic, off-the-shelf courses. This needs to change, says Hayley Watson of Turnkey Consulting. Continue Reading

Cyber training in 2023 needs to drive measurable change

2023 will see more focus on security training programmes that not only provide employees with an understanding of the risks they face but more importantly drive measurable behavioural change, says PA Consulting’s Richard Allen Continue Reading

Royal Mail stands firm as LockBit leaks data and renews ransom demand

The LockBit ransomware gang has made good on its threat to leak data exfiltrated from Royal Mail’s systems, but the postal service is not entertaining the possibility of giving in Continue Reading

WithSecure proposes ‘undo’ button for ransomware

WithSecure’s Activity Monitor technology supposedly overcomes the shortcomings of sandbox test environments, and may be able to stop ransomware attacks from ever happening Continue Reading

Researchers find new bug ‘class’ in Apple devices

A group of vulnerabilities in Apple products that stem from the ForcedEntry exploit used by spyware firm NSO constitutes a whole new class of bug, say researchers at Trellix Continue Reading

Dutch cyber security professionals experience stress akin to soldiers in war zone, claims expert

Cyber attacks are taking a heavy toll on Dutch IT professionals, with over a third reporting that their mental health suffers as a result Continue Reading

Half of cyber leaders to switch jobs by 2025, citing stress

A substantial number of cyber security leaders are plotting their great escape, saying the industry is leaving them too stressed to go on, according to a study Continue Reading

Royal Mail resumes full export service after cyber attack

Royal Mail resumes the last of its international services as it recovers from a ransomware attack, while the Post Office offers postmasters compensation for their lost business Continue Reading

Cyber security training: Insights for future professionals

Future cyber security professionals need soft skills as well as technical ones, says security educator Sudeep Subramanian Continue Reading

Online makes up a quarter of retail sales in January 2023

Online shopping makes up a quarter of all retail volumes in the first month of 2023, but retail is still rocky as the cost of living rises Continue Reading

Security Think Tank: New trends and drivers in cyber security training

Self-paced, interactive, bite-sized learning is becoming the optimum path for cyber security training in the workplace, says John Tolbert of KuppingerCole Continue Reading

Multi-purpose malwares can use more than 20 MITRE ATT&CK TTPs

Report warns of the development of increasingly sophisticated, multi-purpose malwares, and calls on defenders to play close attention to the MITRE ATT&CK framework to ward them off Continue Reading

Microsoft fixes three zero-days in February update

February’s Patch Tuesday update contains fixes for three previously unpublicised zero-days in Microsoft Office, Windows Graphics Component and Windows Common Log File System Driver Continue Reading

Royal Mail refused to pay £66m LockBit ransom demand, logs reveal

Leaked chat logs reveal Royal Mail has supposedly refused to pay a £66m ransom demand from the LockBit ransomware gang Continue Reading

Vidar, nJRAT re-emerge as prominent malware threats in January

Trojans and infostealers once again dominate the list of most commonly observed threats, according to Check Point’s latest telemetry Continue Reading

‘Buy now, pay later’ crackdown in the making

The finance regulator has proposed bringing ‘buy now, pay later’ providers within its regulatory remit Continue Reading

A passion for information

Barry Panayi, chief data and insight officer at John Lewis Partnership, explains why data science and analytics is an increasingly important function, covering its retail, grocery and financial services brands. Continue Reading

How to protect your business from fraud during a recession

This winter, the chilly winds of a global recession have fraudsters turning up the heat. PJ Rohall of SEON Fraud Fighters shares some guidance on how to bundle up against fraud Continue Reading

KPMG launches metaverse and digital twin hub in Saudi Arabia

The Saudi Arabian government’s commitment to investing in metaverse technology has attracted a KPMG centre of excellence to its shores Continue Reading

Security buyers lack insight into threats, attackers, report finds

The majority of cyber security purchasing decisions are made without proper insight into the attackers organisations are facing, according to a Mandiant report Continue Reading

BNPL accounted for 12% of UK online spending in January

Buy now, pay later products from fintech providers accounted for 12% of the £8bn spent online in the UK in January, according to analysis Continue Reading

Consumers want tech-driven clothing stores

As consumers increasingly visit stores as the pandemic subsides, NTT Data finds that technology in shops could persuade consumers to return to physical shopping Continue Reading

Security Think Tank: Poor training is worse than no training at all

Bad security training is a betrayal of users, a security risk, and ultimately a waste of money, but there are some reasons to be optimistic about the future, say Mike Gillespie and Ellie Hurst of Advent IM Continue Reading

Augmented reality in retail: The second coming

H&M, Avon, Very and others’ usage of augmented reality in retail could mean we’re reaching tipping point for the technology in 2023 Continue Reading

Rakuten targets big edge deployments with Symworld Cloud

Japanese giant Rakuten bought Kubernetes management platform Robin.io and put it in 50,000-plus telco antennas. Now it aims Symworld Cloud at enterprise edge deployments Continue Reading

LockBit cartel finally claims Royal Mail ransomware attack

The LockBit ransomware gang claims it has stolen sensitive data from Royal Mail and will leak it later this week if its demands go unmet Continue Reading

Post Office branches struggling after Royal Mail cyber attack

Royal Mail has restored almost all of its international services to some extent, but remains unable to accept parcels bought over the counter in a Post Office branch Continue Reading

The Security Interviews: How to overcome data protection compliance challenges

Complying with the vast swathe of data protection legislation around the world is complex, especially for smaller organisations without the necessary expertise. Could the compliance process be simplified, and if so, how? Continue Reading

Security Think Tank: In 2023, we need a new way to cultivate better habits

Regular, small adjustments to behaviour offer a better way to keep employees on track and cultivate a corporate culture of cyber awareness, writes Elastic’s Mandy Andress Continue Reading

Security Think Tank: Getting the training and development mix right

Rob Dartnall, CEO at SecAlliance and chair of Crest’s UK Council, describes the need for formal, varied and continuous development in the cyber security sector Continue Reading

Arnold Clark customer data was stolen in Play ransomware attack

Arnold Clark confirms data leaked on dark web was stolen from its systems in ransomware attack Continue Reading

Cloud security top risk to enterprises in 2023, says study

A PwC study finds senior executives expect cyber attacks on cloud services to increase significantly this year Continue Reading

Innovative Technology deploys age estimation tech in shops and pubs

A company involved in Home Office-led trials of biometric age estimation technologies has begun rolling out its hardware to UK shops and pubs so they can use its facial recognition algorithm to assure customers’ ages Continue Reading

Malware variant can block contactless payments

Kaspersky warns that the latest variant of the Prilex malware can block contactless payments to force people to insert cards, enabling criminals to steal money Continue Reading

UK Cyber Council and ISACA launch audit, assurance programme

The UK Cyber Security Council has teamed up with ISACA to partner on a new audit and assurance programme for security pros Continue Reading

Royal Mail recovers more International Tracked services

Royal Mail is making further progress in recovering IT systems hit by a ransomware attack, and has re-enabled another tranche of international export services Continue Reading

How the cost-of-living crisis is affecting IT

In this week’s Computer Weekly, with major tech companies announcing thousands of job cuts, we examine what the cost-of-living crisis means for IT leaders and tech professionals. We analyse what you need to consider when reversing systems out of the cloud and back on-premise. And Very Group’s CIO talks about the post-pandemic challenges facing online retailers. Read the issue now. Continue Reading

Former Fujitsu staff under police investigation to face Post Office IT scandal inquiry

Two former Fujitsu IT professionals being investigated for potential perjury will face Post Office Horizon public inquiry in May Continue Reading

Data of 10 million JD Sports customers accessed in cyber attack

Data on 10 million people who shopped online at JD Sports over a two-year period was accessed and potentially stolen in a cyber attack Continue Reading

Hive ransomware gang taken down after FBI hacks back

The FBI hacked into Hive’s servers, stole its decryption keys and then took down its servers in a major action that has successfully disrupted a prolific and dangerous ransomware operation Continue Reading

Royal Mail resumes some international parcel services from UK

Royal Mail has successfully stood up its International Tracked and Signed, and International Signed, services as it continues to recover from a ransomware attack Continue Reading

Arnold Clark cyber attack claimed by Play ransomware gang

A cyber attack that struck car dealer Arnold Clark prior to Christmas has been claimed as the work of the Play ransomware cartel Continue Reading

Boards struggle to resolve cyber risk in digital supply chains

Accelerated digitisation of supply chains is introducing more cyber risk for which many organisations seem unprepared, according to the BSI’s annual report on supply chain risk Continue Reading

UK insurers need to up their game on cyber gaps, says PRA

Gaps and limitations in how insurers respond to cyber risk need to be addressed, according to the Bank of England regulator, the Prudential Regulation Authority Continue Reading

SSRF attacks hit 100,000 businesses globally since November

There has been a dramatic increase in attacks exploiting the ProxyNotShell/OWASSRF exploit chains to target Microsoft Exchange servers Continue Reading

Fake online contest makes Yahoo! most phished brand of Q4 2022

Yahoo! was the most frequently phished brand during the last three months of 2022, according to a report Continue Reading

The rise of fraud in pop culture is impacting consumers’ digital trust

Shows such as The Tinder Swindler and Inventing Anna were big money-earners for Netflix in 2022, but Onfido’s Mike Tuchen says their popularity risks damaging consumer trust Continue Reading

Royal Mail making limited progress on ransomware recovery

Royal Mail asks customers to hold back from sending post overseas as some services get back on track, while a report warns that disruptive attacks on critical infrastructure are set to become more common Continue Reading

Year-on-year growth down to more customers, says Ocado

As the customer landscape shifts, Ocado reports year-on-year revenue growth in the last quarter of 2022, bolstered by a successful Christmas Continue Reading

International post resumes thanks to Royal Mail ‘workarounds’

Royal Mail has resumed limited international services after putting in place operational workarounds to bypass the impact of a ransomware attack Continue Reading

KFC, Pizza Hut parent shuts UK restaurants after cyber attack

A ransomware attack on Yum! Brands, the parent organisation of restaurants including KFC and Pizza Hut, was forced to shut approximately 300 outlets in the UK following a ransomware attack by an unspecified group Continue Reading

Fraudsters and cyber criminals stole more than £4bn in the UK through 2022

The amount of money stolen by fraudsters and cybercriminals in the UK saw a huge increase in 2022 Continue Reading

Advisory board goal for Post Office scandal victims to be returned to rightful financial position

The board set up to monitor the compensation scheme for Post Office scandal victims agrees goal of returning them to the financial position they would be in had the scandal never happened Continue Reading

Crest throws support behind CyberUp CMA reform campaign

Cyber accreditation association Crest International has lent its support to the CyberUp campaign for reform to the Computer Misuse Act of 1990 Continue Reading

Royal Mail promises ‘workarounds’ to restore services after ransomware attack

Royal Mail CEO Simon Thompson apologises to customers whose businesses are being disrupted by a ransomware attack and promises a ‘workaround’ will be in place in the near future Continue Reading

How PepsiCo works with tech startups to drive growth

In this week’s Computer Weekly, we talk to food and drinks giant PepsiCo about how it works with tech startups to drive growth and digital transformation. Our latest buyer’s guide examines the key elements of a composable business. And with all the chatter about ChatGPT, we look at the implications of generative AI. Read the issue now. Continue Reading

CIO interview: Matt Grest, Very Group

The Covid-19 pandemic changed many things, including an increase in remote working – so how is the Very Group approaching the workplace and talent post-Covid? Continue Reading

LockBit cartel suspected of Royal Mail cyber attack

The still-developing cyber incident at Royal Mail may be the work of the infamous LockBit ransomware operation Continue Reading

UK government completes trials of age estimation technology

Government-led trials of age estimation and verification technologies for the sale of alcohol in nightlife venues and supermarkets have been completed, with both government and retail lobbyists pushing for legislation that would allow retailers to adopt the tools for alcohol sales Continue Reading

Royal Mail services hit by major cyber attack

UK postal service Royal Mail is asking customers not to send any overseas letters or parcels while it deals with the impact of an ongoing cyber attack Continue Reading

Microsoft fixes EoP zero-day on January Patch Tuesday

On the first Patch Tuesday of 2023, Microsoft fixed an elevation of privilege vulnerability in Windows Advanced Local Procedure Call, which has been actively exploited in the wild and may be co-opted into ransomware campaigns Continue Reading

Insurer Beazley introduces catastrophe bond to ease cyber risk

Insurance company Beazley says that its $45m cyber catastrophe bond will help to protect its balance sheet and enable it to offer more cyber insurance cover Continue Reading

Belfast Harbour sails out with Oracle cloud applications

Belfast Harbour spies a more efficient and flexible future on the horizon as it sets sail with Oracle Fusion Cloud ERP Continue Reading

Former subpostmaster Alan Bates, who ‘pulled up trees and moved mountains’, turns down OBE offer

Alan Bates, who fought for decades to expose the Post Office Horizon IT scandal, says it would be inappropriate to accept an OBE when former Post Office CEO Paula Vennells still holds her CBE Continue Reading

Top trends in tech, and retail’s early adopters

Computer Weekly identifies the retail industry’s early adopters of what McKinsey & Co deems the top tech trends Continue Reading

CDO interview: Barry Panayi, chief data and insight officer, John Lewis Partnership

Data science and analytics is an increasingly important function across the John Lewis Partnership, covering its retail, grocery and financial services brands Continue Reading

CIO interview: David Schwartz, vice-president, PepsiCo Labs

The food and drinks giant actively seeks out innovative tech startups and runs a programme to find creative ways to use their products to benefit the business Continue Reading

Cyber security professionals share their biggest lessons of 2022

In the run-up to 2023, cyber security professionals are taking the time to reflect on the past few months and share their biggest lessons of 2022 Continue Reading

Top 10 Nordic IT stories of 2022

Here are Computer Weekly's top 10 Nordic IT articles of 2022 Continue Reading

How does red teaming test the ultimate limits of cyber security?

An expert ethical hacker reveals how he goes about carrying out a red team exercise Continue Reading

Top 10 cyber security stories of 2022

The war in Ukraine loomed large over the cyber security news agenda, but 2022 also saw growing awareness of open source security, discussion around cyber insurance, and more besides Continue Reading

Top 10 cyber crime stories of 2022

Cyber crime continued to hit the headlines in 2022, with impactful cyber attacks abounding, digitally enabled fraud ever more widespread and plenty of ransomware incidents Continue Reading

Top 10 retail technology stories of 2022

Computer Weekly looks at what 2022 had in store for the retail industry – after the pandemic increasing technology adoption for most of the retail sector, what have firms put in place to survive the next few years? Continue Reading

Four-day working week set to stay at Atom bank

Challenger bank Atom has formalised a four-day working week policy after a successful trial Continue Reading

Post Office scandal: Cock-up or cook-up?

The second phase of the Post Office Horizon IT scandal raised more questions over who did what, when and where, with shocking revelations at every turn. Continue Reading

The Post Office IT scandal – cock-up or cover-up?

In this week’s Computer Weekly, the second phase of the Post Office IT scandal inquiry revealed further shocking details at every turn – we review the latest evidence. We examine progress of the roll-out of fast broadband connectivity across the UK. And as the Online Safety Bill returns to Parliament, we look at the ongoing arguments about how to keep the internet safe. Read the issue now. Continue Reading

Security Think Tank: 2022 brought plenty of learning opportunities in cyber

At the end of another busy 12 months, Turnkey Consulting’s Andrew Morris sums up some of the most important takeaways for cyber pros Continue Reading

A retail tech tour of the Battersea Power Station development

We check out the customer-facing digital features on display in the UK’s newest shopping site at Battersea Power Station Continue Reading

Top 10 storage and backup customer stories of 2022

Here are Computer Weekly’s top 10 storage and backup customer stories of 2022 Continue Reading

Shiseido data breach victims plan legal action over fake companies

Employees and former employees of cosmetics firm Shiseido whose data was stolen in a recent breach are planning group legal action after their information was used to establish fraudulent companies in their names Continue Reading

Lego fixes dangerous API vulnerability in BrickLink service

The Lego Group has remediated two potentially serious API vulnerabilities in its BrickLink digital resale platform, just in time for Christmas Continue Reading