Privacy and data protection
-
News
15 Mar 2024
London Mayor’s Office reprimanded over data breach
The London Mayor’s Office has been reprimanded by the ICO after an internal error exposed the data of people who had made complaints against the Metropolitan Police Continue Reading
-
News
14 Mar 2024
Questions raised over NHS deletion of thousands of emails during whistleblower tribunal
NHS doctor Chris Day has won the right to challenge a tribunal ruling that found no procedural unfairness when an NHS trust deleted thousands of emails. The case that raises wider questions about the use of electronic evidence Continue Reading
-
News
15 Sep 2022
Organisations failing to account for digital trust
The vast majority of businesses are well aware of the importance of digital trust, yet very few have a dedicated staff role responsible for it, report finds Continue Reading
-
News
14 Sep 2022
FormBook knocks Emotet off top of malware chart
FormBook emerged as the most widely seen malware in August, according to Check Point’s latest data Continue Reading
-
News
14 Sep 2022
NCSC warns public of potential Queen-related phishing attacks
The National Cyber Security Centre is urging users to be on guard against phishing attacks during the period of national mourning for the Queen Continue Reading
-
Definition
13 Sep 2022
data masking
Data masking is a method of creating a structurally similar but inauthentic version of an organization's data that can be used for purposes such as software testing and user training. Continue Reading
-
News
13 Sep 2022
Cisco confirms leaked data was stolen in Yanluowang ransomware hit
Cisco has confirmed that data leaked last week by the Yanluowang ransomware gang was that stolen during a May 2022 cyber attack Continue Reading
-
News
13 Sep 2022
Blancco works with charity to provide IT for African schools
Blancco is providing data sanitisation and erasure software to The Turing Trust so that old IT equipment can be securely reused by school children in Sub-Saharan Africa, instead of adding to world’s growing e-waste problem Continue Reading
-
News
13 Sep 2022
Multi-persona impersonation adds new dimension to phishing
Iranian APT used multiple personas on a single email thread to convince targets of the legitimacy of its phishing lures Continue Reading
-
News
12 Sep 2022
Mandiant floats off into Google Cloud
As planned, the acquisition of Mandiant will see the threat intel and incident response giant become a part of Google’s Cloud business Continue Reading
-
News
12 Sep 2022
CISOs should spend on critical apps, cloud, zero-trust, in 2023
Faced with a global recession next year, security buyers should try to direct investment towards technology that protects customer-facing and revenue-generating workloads, say analysts Continue Reading
-
News
08 Sep 2022
Chinese APT using PlugX malware on espionage targets
China’s Bronze President APT is once again targeting government officials of interest to its paymasters, this time using forged diplomatic correspondence, according to the Secureworks Counter Threat Unit Continue Reading
-
News
08 Sep 2022
Dutch cyber security organisations to join forces
Cyber security organisations in the Netherlands are going to merge into a single central expertise centre and information hub, which all organisations in the country will soon be able to tap into Continue Reading
-
News
08 Sep 2022
India’s wake-up call on health data privacy
Health app developers and industry watchers in India are keeping an eye on data privacy following the reversal of the Roe vs Wade ruling in the US Continue Reading
-
News
07 Sep 2022
Albania cuts diplomatic ties with Iran after cyber attack
In a global geopolitical first, the Albanian government has severed diplomatic ties with Iran and expelled its ambassador after it was targeted by an APT backed by Tehran Continue Reading
-
Definition
07 Sep 2022
privacy compliance
Privacy compliance is a company's accordance with established personal information protection guidelines, specifications or legislation. Continue Reading
-
News
07 Sep 2022
Hotel group IHG confirms cyber attack after two-day outage
IHG, the operator of hotel chains Crowne Plaza, Holiday Inn, Intercontinental and Kimpton, says it has been targeted by an unknown threat actor Continue Reading
-
News
07 Sep 2022
Digital identity is key to coping with surge in air travel
The International Air Transport Association’s One ID digital identity initiative will pave the way for seamless air travel from curb to gate and help airports cope with growing passenger traffic Continue Reading
-
E-Zine
06 Sep 2022
Out with the old at Asda
In this week’s Computer Weekly, we talk to Asda’s CIO, Carl Dawson, about the supermarket’s cloud-oriented renovation of its technology stack. We narrate the security woes at Twitter. And we examine best practices for data backup. Read the issue now. Continue Reading
-
Opinion
05 Sep 2022
Data-driven government needs practical steps
We should build data platforms for government with the same techniques used in creating anything digital, argues Jim Stamp, head of data at Made Tech Continue Reading
-
News
01 Sep 2022
Space nerds beware: James Webb images used to spread malware
Astronomy and space aficionados are being targeted by cyber criminals exploiting some of the now-famous images captured by Nasa’s James Webb Space Telescope to distribute malware Continue Reading
-
News
31 Aug 2022
Four years into GDPR, Norway hopes for safer data transfer to US
Much of the data on the internet ends up on US servers at some point, and that is not always compatible with the General Data Protection Regulation, says Norwegian data protection authority Continue Reading
-
News
30 Aug 2022
UK government presses on with new cyber rules for telcos
Government has finalised new security rules for telecoms companies and will move to make them binding in the near future Continue Reading
-
News
30 Aug 2022
One Login digital identity project makes headway
Government services are lining up to work with the GDS on its One Login digital identity system, according to its director of digital identity, Natalie Jones Continue Reading
-
News
25 Aug 2022
CIOs: Geopolitics impacts your IT strategy
Research from analyst Gartner illustrates how geopolitics is influencing IT strategies Continue Reading
-
News
25 Aug 2022
Criminal 0ktapus spoofed IAM firm in massive phishing attack
Researchers at Group-IB have published research on a major phishing campaign that ensnared victims at the likes of Cloudflare and Twilio Continue Reading
-
News
25 Aug 2022
Millions of Plex users may be at risk in password breach
Up to half of Plex’s 30 million users may have had their personal data stolen by an unknown threat actor Continue Reading
-
News
24 Aug 2022
Alleged Twitter security failings spell trouble ahead
Twitter’s former security head, Peiter Zatko, has alleged a number of serious cyber failures at the social media platform, raising the spectre of investigations and sanctions Continue Reading
- 24 Aug 2022
-
News
23 Aug 2022
NCSC shares cyber guidance for large infrastructure builds
Balfour Beatty and McAlpine are among the large construction firms to have input into latest NCSC guidance for ensuring the security of major infrastructure projects Continue Reading
-
News
19 Aug 2022
Google employees demand end to collection of abortion data
In the wake of the US Supreme Court rolling back abortion rights, Google employees are calling on the company to stop collecting abortion-related data, so that it can never be shared with police Continue Reading
-
Opinion
19 Aug 2022
Data sharing: How can we make sure the UK is a world leader?
The UK government risks missing out on the benefits and opportunities laid out in its National Data Strategy – and could lose international competitiveness as a result Continue Reading
-
News
19 Aug 2022
Inside Singapore’s national digital identity journey
Singapore’s national digital identity system has evolved from providing single sign-on to e-government services to pandemic-related and digital document capabilities in recent years Continue Reading
-
News
18 Aug 2022
Amazon Ring vulnerability could have been used to spy on users
A now-patched vulnerability in the Amazon Ring mobile app could have been exploited to expose users’ video recordings, but was complex to exploit, according to the researchers who stumbled upon it Continue Reading
-
News
18 Aug 2022
GPS tagging of migrants breaches UK data protection law, says Privacy International complaint
Privacy group files complaints with Information Commissioner’s Office and Forensic Science Regulator over Home Office’s GPS monitoring of migrants Continue Reading
-
Opinion
18 Aug 2022
Why you should start your post-quantum encryption migration now
Some say we have the best part of a decade to prepare for the security risks that quantum computing presents to current encryption tech, but PA Consulting experts believe that timeframe is shrinking dramatically Continue Reading
-
News
16 Aug 2022
South Staffs Water is victim of botched Clop attack
South Staffordshire Water moves to reassure customers that their supplies remain safe after its attackers screw up their initial assault Continue Reading
-
News
15 Aug 2022
Lawyers and journalists sue CIA and Mike Pompeo over Assange surveillance claims
CIA and its former director sued over allegations that they authorised unlawful spying on US citizens when they visited WikiLeaks founder Julian Assange at the Ecuadorian Embassy in London Continue Reading
-
News
12 Aug 2022
Cyber criminal forum targets only Russia
The Digital Shadows Photon Research Team has been investigating a pro-Ukraine cyber criminal forum called Dumps, which appears to be one of a kind Continue Reading
-
News
11 Aug 2022
Cisco averts cyber disaster after successful phishing attack
A potentially serious cyber attack on Cisco’s systems that began after a threat actor successfully exploited an employee’s carelessly secured credentials was thwarted without major damage Continue Reading
-
News
11 Aug 2022
NHS may take a month to recover from supply chain attack
Ransomware attack victim Advanced warns its NHS customers they could be waiting until early September to fully recover their operations Continue Reading
-
News
10 Aug 2022
UK to surveil convicted migrants with facial recognition
A Home Office scheme to biometrically scan the faces of convicted migrants who have already carried out punishments has come under fire from privacy and human rights groups for being discriminatory Continue Reading
-
Definition
09 Aug 2022
data privacy (information privacy)
Data privacy, also called information privacy, is an aspect of data protection that addresses the proper storage, access, retention, immutability and security of sensitive data. Continue Reading
-
News
09 Aug 2022
Cyber insurance getting harder to obtain
Organisations looking to shore up their security postures face more and more barriers to obtaining cyber insurance Continue Reading
-
Opinion
05 Aug 2022
The dangers of the UK’s illogical war on encryption
The unintended consequences of the Online Safety Bill will have a dramatic effect on our ability to communicate securely, including in Ukraine, where it is needed most Continue Reading
-
Opinion
04 Aug 2022
Reimagining ethical digital technology
With ever-increasing digitisation leading to greater dependence on a range of digital technologies, enterprises need to urgently look at how they can incorporate ethical and social considerations into the tech they develop Continue Reading
-
News
29 Jul 2022
Austrian data firm accused of selling malware, conducting cyber attacks
Microsoft has accused DSIRF, an Austrian data services firm, of involvement in a string of cyber attacks Continue Reading
-
News
28 Jul 2022
NCSC startups scheme turns focus to operational technology, SME security
NCSC for Startups initiative turns its focus to supporting innovation around securing operational technology and addressing the challenges facing small businesses Continue Reading
-
News
28 Jul 2022
Cyber criminals pivot away from macros as Microsoft changes bite
As Microsoft resumes blocking macros by default in its Office application suite, reversing a temporary reversal, analysis from Proofpoint suggests the action has had a remarkable effect Continue Reading
-
News
27 Jul 2022
Retail software firm PrestaShop warns users about SQL injection attacks
Open source e-commerce platform PrestaShop warns thousands of small retailers that their customers’ credit card details may be at risk of compromise Continue Reading
-
News
27 Jul 2022
Cyber security training ‘boring’ and largely ignored
Two-thirds of employees don’t bother to pay attention to cyber security training – and the fault does not lie with them Continue Reading
-
News
26 Jul 2022
Secret court asked to quash a decade of MI5 surveillance warrants following ‘systemic breaches’
The culture at MI5 was to ‘prioritise’ missions ‘over everything else’, including compliance with safeguards designed to protect the public, the UK’s most secret court heard yesterday Continue Reading
-
News
26 Jul 2022
No More Ransom initiative helps 1.5 million people in six years
One and a half million people have now taken advantage of free ransomware decryption tools offered by a joint European project Continue Reading
-
News
26 Jul 2022
Ducktail infostealer targets Facebook Business users
Newly uncovered Ducktail operation targets individuals with access to Facebook Business service and tries to steal their accounts Continue Reading
-
Definition
26 Jul 2022
data loss prevention (DLP)
Data loss prevention (DLP) -- sometimes referred to as data leak prevention, information loss prevention and extrusion prevention -- is a strategy to mitigate threats to critical data. Continue Reading
-
25 Jul 2022
Inside Russia’s Ukraine information ops
We speak to Craig Terron of Recorded Future about delving deep inside the Russian disinformation machine’s operations, and how the Kremlin’s strategy is likely to evolve as the Ukraine war drags on. Continue Reading
-
News
25 Jul 2022
Home Office ‘unlawfully’ approved MI5 bulk surveillance warrants
MI5 provided ‘false information’ to the Home Office to secure bulk surveillance warrants, the Investigatory Powers Tribunal heard Continue Reading
-
News
25 Jul 2022
Latest Atlassian Confluence vulnerability raises concerns
CVE-2022-26138 is the second major vulnerability disclosure made for Atlassian’s Confluence collaboration platform in recent months Continue Reading
-
News
22 Jul 2022
LinkedIn most impersonated brand in phishing attacks
Social network LinkedIn, along with Microsoft and DHL, are just some of the brands that are most frequently imitated by cyber criminals conducting phishing attacks Continue Reading
-
News
21 Jul 2022
GCHQ experts back scanning of encrypted phone messages to fight child abuse
Ian Levy, technical director of the NCSC, and Crispin Robinson, technical director of GCHQ, back client-side scanning software on mobile phones to detect child abuse Continue Reading
-
News
21 Jul 2022
Russia-linked APTs targeted fleeing Ukrainian civilians
Mandiant and the US authorities have shared details of a phishing campaign that spoofed humanitarian information on evacuation procedures to target Ukrainians fleeing Russian bombardment Continue Reading
-
News
21 Jul 2022
UK government introduces data reforms legislation to Parliament
Proposed changes to UK’s data protection regime include new grounds for data processing, significant powers for the secretary of state to direct the regime’s application, and fewer restrictions on law enforcement’s use of data Continue Reading
-
News
20 Jul 2022
(ISC)² expands entry-level cyber programme after UK success
Flush with success from a UK certification programme, reaching 100k in the UK, (ISC)² now wants to provide free security certification to a million people worldwide Continue Reading
-
News
20 Jul 2022
Transatlantic PET contest open for entries
A joint UK-US innovation prize challenge for developers of privacy-enhancing technologies has opened for entries Continue Reading
-
News
20 Jul 2022
Russia’s Cozy Bear abusing Dropbox, Google Drive to target victims
Russian APT known as Cozy Bear has become adept at quickly incorporating popular cloud storage services into its attack chain to avoid detection Continue Reading
-
News
14 Jul 2022
How hostile government APTs target journalists for cyber intrusions
Proofpoint shares data on multiple campaigns of cyber intrusions against journalists originating from threat actors aligned to the governments of China, Iran, North Korea and Turkey Continue Reading
-
News
14 Jul 2022
Government pauses Online Safety Bill’s progress
The government has paused the Online Safety Bill’s journey towards becoming law, amid timetable pressure Continue Reading
-
News
14 Jul 2022
ICO wants to ‘empower people through information’
Information Commissioner’s Office sets out commitment to safeguard the information rights of the most vulnerable people in UK society Continue Reading
-
News
13 Jul 2022
Slippery phish wriggles around MFA protections, says Microsoft
Microsoft’s threat researchers share details of a phishing campaign that hit 10,000 organisations, against which standard multifactor authentication provides little defence Continue Reading
-
News
13 Jul 2022
Digital break-up kit to help women get out of bad relationships safely
Domestic abuse charity Refuge teams up with Avast to equip women with the knowledge to effectively and safely end a relationship digitally Continue Reading
-
News
13 Jul 2022
ICO calls for review into government use of private email and WhatsApp messages
Information Commissioner’s Office reprimands Department of Health and Social Care after ministers and officials conducted government business on their own email accounts and messaging apps Continue Reading
-
News
12 Jul 2022
Brits say social media must do more to block harmful content
UK citizens want social media companies to do more to prevent harmful content appearing on their platforms Continue Reading
-
News
12 Jul 2022
MaliBot Android malware spreading fast, says Check Point
The MaliBot malware is becoming a persistent and widespread problem, and Android users should be on their guard, says Check Point Continue Reading
-
Feature
12 Jul 2022
Ransomware and backup: Overcoming the challenges
Ransomware attacks that exfiltrate data don’t nullify the value of backups to restore from, but the challenges – such as not restoring corrupted data – require careful planning Continue Reading
-
News
08 Jul 2022
Sweden and GDPR – four years on
Swedish data protection coordinator talks to Computer Weekly four years into the General Data Protection Regulation Continue Reading
-
News
07 Jul 2022
MI5, FBI chiefs warn of Chinese cyber espionage threat
In a joint appearance in London, MI5 director general Ken McCallum and FBI director Chris Wray warn of the growing threat posed by the Chinese government to UK and US interests Continue Reading
-
News
07 Jul 2022
UK signs ‘in principle’ data adequacy agreement with South Korea
Bilateral adequacy agreement will allow businesses to conduct cross-border data transfers with minimal restrictions Continue Reading
-
News
07 Jul 2022
Amid NSO lawsuit, Apple expands spyware protections
Apple previews a new feature called Lockdown Mode to protect iPhone and iPad users from ‘mercenary spyware’ Continue Reading
-
News
07 Jul 2022
Latest Marriott data breach not as serious as others
Questions are again being raised over Marriott’s cyber security practices following yet another incident, but fortunately it seems limited in its scope, and the company is responding appropriately Continue Reading
-
News
07 Jul 2022
Tech companies face pressure over end-to-end encryption in Online Safety Bill
An amendment to the Online Safety Bill, currently going through Parliament, will put pressure on tech companies over end-to-end encrypted messaging services Continue Reading
-
News
07 Jul 2022
The Security Interviews: Inside Russia’s Ukraine information operation
Computer Weekly speaks to Craig Terron of Recorded Future about delving deep inside the Russian disinformation machine, and how the Kremlin’s strategy is set to evolve Continue Reading
-
News
06 Jul 2022
Plexal seeks new scaleups for next phase of Cyber Runway
Established security startups looking to grow and scale their operations are being invited to join the next phase of Plexal’s Cyber Runway programme Continue Reading
-
News
06 Jul 2022
ESET: Lazarus APT hit aero, defence sector with fake job ads
ESET researchers present new findings into a series of cyber attacks on the aerospace and defence sectors by North Korea’s Lazarus crime syndicate Continue Reading
-
News
05 Jul 2022
NCSC CEO: Why we should run towards crises to elevate cyber security
National Cyber Security Centre CEO Lindy Cameron, the 2022 Computer Weekly UKtech50 Most Influential Person in UK IT, reflects on a career immersed in crisis management, and how she is using this to elevate cyber security standards across the country Continue Reading
-
E-Zine
05 Jul 2022
How to get the right level of cyber insurance
In this week’s Computer Weekly, we look at how the market for cyber insurance is evolving and how to avoid buying the wrong level of cover. We find out what role hydrogen technologies could play in reducing datacentre carbon emissions. And we hear how a 125-year-old bicycle maker is embracing digital innovation. Read the issue now. Continue Reading
-
News
04 Jul 2022
MPs call for ban on Chinese surveillance camera technology
Nearly 70 MPs have called on the government to ban Chinese camera technology that is widely used by UK government agencies despite links to human rights abuses in China Continue Reading
-
News
04 Jul 2022
Government rejects Lords police tech inquiry recommendations
The government has largely rejected the findings and recommendations of a House of Lords inquiry into police tech, which called for an overhaul of how police deploy artificial intelligence and algorithmic technologies Continue Reading
-
News
04 Jul 2022
Assange appeals against Priti Patel’s extradition order
WikiLeaks founder is expected to raise concerns over the political nature of his prosecution, the likelihood of him receiving a fair trial, and the risk of a coercive plea bargain Continue Reading
-
News
30 Jun 2022
ICO to cut back on fines for public sector data breaches
Information commissioner John Edwards sets out a revised approach to how the ICO handles data breaches in the public sector, saying fining victims risks punishing the public twice over Continue Reading
-
News
29 Jun 2022
Urgent need for new laws to govern biometrics, legal review finds
Independent review says new framework is needed to clear up legal and ethical concerns over the use of biometric data and technologies, which can impact privacy, freedom of expression and other human rights Continue Reading
-
News
29 Jun 2022
New cyber extortion op appears to have hit AMD
Semiconductor specialist AMD has confirmed it is investigating reports that a ‘bad actor’ has stolen hundreds of gigabytes of its data Continue Reading
-
Feature
29 Jun 2022
Backup maintenance: Five key points to consider
Effective backups need to ensure all data is protected, and to track media and software changes. We look at five key things to consider Continue Reading
-
News
29 Jun 2022
Romance scammers exploit Ukraine war in cynical campaign
Romance scammers can make easy money exploiting people looking for love, but in this newly observed campaign linked to the Ukraine war they are playing on deeper emotions Continue Reading
-
News
29 Jun 2022
Spy agencies need ‘independent authorisation’ to access telecoms data, say judges
The High Court has ruled that UK intelligence agencies should seek independent authorisation before accessing phone and internet records during criminal investigations Continue Reading
-
News
28 Jun 2022
Proposed changes to copyright law open doors for AI data mining
Update to copyright law will mean researchers who already have access to data will not require extra permission from copyright owner to run data mining algorithms, removing barriers to artificial intelligence research and development Continue Reading
-
News
28 Jun 2022
Veritas aims at autonomous backup discovery and provisioning
Veritas bets on a backup platform that can discover all enterprise data – on-premise and in the cloud – and make its own decisions about the optimal place to store copies Continue Reading
-
E-Zine
28 Jun 2022
Collaboration key to IT sector sustainability
In this week’s Computer Weekly, as sustainability rises up the corporate agenda, IT leaders say more collaboration is needed to meet climate goals. Microsoft faces further calls for greater transparency over software tools used to monitor employees. And the cyber security industry warns over an increasing loss of talent. Read the issue now. Continue Reading
-
News
27 Jun 2022
Commercial cyber products must be used responsibly, says NCSC CEO
NCSC’s Lindy Cameron is to speak out on responsible regulation of cyber capabilities at an event in Tel Aviv, Israel Continue Reading
-
Feature
27 Jun 2022
The cyber security impact of Operation Russia by Anonymous
The campaign against the Russian government by Anonymous surprised many with the depth and scale of the cyber attacks. What can we learn from this online war? Continue Reading
-
E-Zine
24 Jun 2022
CW APAC: Tech career guide to cyber security
The demands placed on those fighting against hackers are constantly evolving. In this handbook, focused on cyber security in the Asia-Pacific region, Computer Weekly looks at the skills required to make it in the industry, how Singapore’s critical systems remain protected, the short-term options for tech stack management and how organisations can support cyber professionals’ mental health. Continue Reading
-
Opinion
23 Jun 2022
Finding the balance between innovation and data security in healthcare
As the government launches its data strategy for health and social care, a fine line must be trodden between innovating through privacy-enhancing technologies, and retaining data security for patients Continue Reading
-
Opinion
23 Jun 2022
What will the Data Reform Bill mean for UK businesses operating in the EU?
Following the government’s response to the Data Reform Bill consultation, Peter Galdies of DQM GRC looks at what might lie ahead for UK organisations working in the European Union Continue Reading