News

IT for telecoms and internet organisations

• March 02, 2022 02 Mar'22

  Middle East IT spending to recover to at least pre-pandemic levels

  Middle East IT leaders expect budgets to increase this year, with spending to match or exceed pre-Covid levels

• March 01, 2022 01 Mar'22

  BBC blasted with millions of malicious emails

  Responding to an FoI request, the BBC has revealed it receives more than 300,000 malicious email attacks every day

• February 28, 2022 28 Feb'22

  Ukraine cyber attacks seen spiking, but no destructive cyber war yet

  While cyber attacks linked to Russia’s war on Ukraine are taking place, they are having little impact beyond the region

• February 28, 2022 28 Feb'22

  Online Safety Bill updated to deal with anonymous abuse

  Social media companies will be forced to deal with anonymous abuse online by the introduction of new measures in the Online Safety Bill

• February 24, 2022 24 Feb'22

  KnowBe4 cyber drama tackles Colonial Pipeline in fourth season

  KnowBe4’s ongoing cyber security training drama, The Inside Man, reaches its fourth season with a plot drawing inspiration from one of the most impactful cyber attacks of 2021

• February 24, 2022 24 Feb'22

  Russia behind dangerous Cyclops Blink malware

  Joint NCSC CISA advisory attributes a dangerous malware, dubbed Cyclops Blink, to Russia’s Sandworm APT, likely a GRU unit, with WatchGuard users at particular risk

• February 23, 2022 23 Feb'22

  Paid-for advertising still not covered in Online Safety Bill

  Consumer group Which? calls again for government to include measures against scam paid-for advertising in the Online Safety Bill

• February 23, 2022 23 Feb'22

  Backups ‘no longer effective’ for stopping ransomware attacks

  Traditional methods of mitigating ransomware are less efficacious thanks to the rise in double and triple extortion techniques

• February 23, 2022 23 Feb'22

  Microsoft extends Defender umbrella to Google Cloud Platform

  Redmond says extending Defender for Cloud native capabilities to the Google Cloud Platform will help simplify security for organisations pursuing multicloud strategies by eliminating the gaps where the bad guys can get in

• February 23, 2022 23 Feb'22

  No imminent cyber threat to UK from Russia

  Intelligence officials say they have no evidence or indication that Russian cyber attackers are preparing offensive assaults on infrastructure or organisations in Britain

• February 22, 2022 22 Feb'22

  UK organisations swift to chide phishing victims

  While UK organisations are doing better at security training, many are quick to punish employees who fall victim to phishing attacks, whether real or simulated

• February 18, 2022 18 Feb'22

  UK organisations untroubled by Trickbot surge

  A surge in Trickbot infections is targeting some of the world’s most prominent brands, but UK organisations seem thankfully unaffected

• February 16, 2022 16 Feb'22

  2021 another record year for UK cyber investment

  Total revenue generated by the UK’s cyber sector was up 14% last year, and UK-registered security firms raised over £1bn in investment

• February 16, 2022 16 Feb'22

  Nordic countries lack a unified approach to AI

  Nordic countries need to work together on a pan-regional artificial intelligence strategy

• February 15, 2022 15 Feb'22

  China emerges as leader in vulnerability exploitation

  Threat actors linked to China are emerging as a significant force in the weaponisation of newly discovered CVEs

• February 11, 2022 11 Feb'22

  CMA secures final Privacy Sandbox guarantees from Google

  The CMA has secured a final set of Privacy Sandbox commitments from Google relating to the proposed removal of third-party cookies from its Chrome browser

• February 11, 2022 11 Feb'22

  Why security professionals should pay attention to what Russia is doing

  Even though the average organisation is an unlikely target for a Russian state cyber attack, here's why security teams still need to watch what Russian threat groups are up to

• February 09, 2022 09 Feb'22

  Linux-based clouds an open door for attackers, says VMware

  Its prevalence as a cloud operating system means Linux is becoming a meal ticket for malicious actors, but the security industry does not seem to have cottoned on to this yet, says VMware

• February 09, 2022 09 Feb'22

  Ransomware ever more sophisticated and impactful, warns NCSC

  UK’s National Cyber Security Centre teams up with US and Australian partners in a joint advisory warning organisations of the increasing sophistication exhibited by criminal ransomware gangs

• February 09, 2022 09 Feb'22

  Microsoft stomps on 48 bugs in February Patch Tuesday update

  It’s a light Patch Tuesday for February 2022, as Microsoft issues fixes for just 48 CVEs, including a solitary zero-day

• February 09, 2022 09 Feb'22

  Tech companies risk being compelled by law to protect children, says online safety expert

  John Carr, a child safety campaigner backing a government-funded campaign on the dangers of end-to-end encryption to children, says tech companies have no choice but to act

• February 08, 2022 08 Feb'22

  Microsoft to start blocking macros to thwart malware

  Microsoft is making changes to web macro permissions across multiple Office apps to help improve user security

• February 08, 2022 08 Feb'22

  The Security Interviews: Building the UK’s future cyber ecosystem

  As the government lays out the next iteration of its Cyber Security Strategy, we speak to Plexal and Lorca’s Saj Huq about his work building a cyber ecosystem to support the UK’s future ambitions

• February 08, 2022 08 Feb'22

  Porn sites will be legally required to verify users’ ages

  Porn sites could be legally obliged to verify that their users are 18 or over under proposed online safety rules, in UK government’s second attempt to prevent children from accessing pornography online

• February 03, 2022 03 Feb'22

  French Supreme Court raises constitutional questions over EncroChat hacking secrecy

  Conseil Constitutionnel to decide whether ‘defence secrecy’ over state EncroChat cryptophone hacking breaches French constitution

• February 02, 2022 02 Feb'22

  Zero-trust to soar in 2022, but dogged by implementation challenges

  IT leaders are keen to invest in zero-trust, but face issues around a lack of expertise, and selling the concept into the C-suite

• February 02, 2022 02 Feb'22

  Saudi Arabia to invest billions of dollars in technology and startups

  Saudi Arabia announces $6.4bn investment in its tech sector as part of plans to diversify its economy

• February 01, 2022 01 Feb'22

  Check Point buys Spectral to safeguard cloud development

  Check Point’s latest acquisition of Israel-based startup Spectral expands its developer-centric security toolset

• January 28, 2022 28 Jan'22

  Cyber skills gap affecting data privacy practice, finds ISACA

  Organisations are struggling to fill both legal and technical privacy roles, with potentially damaging consequences, according to a report

• January 27, 2022 27 Jan'22

  CISOs must get out in front of Ukraine cyber crisis, says NCSC

  The National Cyber Security Centre is urging UK organisations to take steps to bolster their cyber security resilience in response to the ongoing Ukraine crisis

• January 27, 2022 27 Jan'22

  Novel phishing campaign highlights need for MFA, says Microsoft

  Microsoft details a new multi-stage phishing campaign that only affects victims without multifactor authentication in place

• January 27, 2022 27 Jan'22

  Nightmare Log4Shell scenario averted by prompt, professional action

  Prompt and professional community response to the Log4Shell disclosure means the dangerous and widespread vulnerability has not been exploited to the extent many had feared

• January 26, 2022 26 Jan'22

  More intel emerges on WhisperGate malware that hit Ukraine

  Security experts have been poring over the WhisperGate malware with which alleged Russia-backed entities targeted Ukrainian government websites

• January 26, 2022 26 Jan'22

  PwnKit bug endangers Linux distributions worldwide

  Qualys researchers share intel on a memory corruption vulnerability in a program installed by default on every major Linux distribution

• January 25, 2022 25 Jan'22

  Prepare, but don’t panic, over supposed Russian cyber threat

  A fresh alert from the US Department of Homeland Security may have IT security teams jumpy over the possibility that their organisations could be targeted by Russian state actors

• January 24, 2022 24 Jan'22

  MPs say Online Safety Bill fails to tackle full range of harms

  A DCMS select committee has warned that the Online Safety Bill should be expanded to cover more types of harmful content, such as child abuse material designed to circumvent content removal

• January 21, 2022 21 Jan'22

  Tinder algorithm charging users more based on age

  Popular dating app Tinder could have broken data protection and equality laws by using personal data about people’s age to set different prices

• January 21, 2022 21 Jan'22

  ICO criticises government-backed campaign to delay end-to-end encryption

  Data protection watchdog warns that delaying end-to-end encryption will put children at risk

• January 20, 2022 20 Jan'22

  MoonBounce firmware bootkit shows advances in malicious implants

  MoonBounce firmware bootkit shows evident technical improvements over others, making it a more dangerous threat to organisations. It is being used by Chinese state-backed actors

• January 19, 2022 19 Jan'22

  Government funds charity campaign to warn big tech over the risks of encryption to children

  Barnardo’s and other charities begin a government-backed PR campaign to warn of the dangers end-to-end encryption poses to child safety, which has been criticised as being ‘one-sided’

• January 19, 2022 19 Jan'22

  Danish digitisation partnership delivers plan to government

  Public-private collaboration submits plan setting out “how Denmark can take advantage of the opportunities presented by digitisation moving forward into the future”

• January 19, 2022 19 Jan'22

  Content removal will not stop misinformation, says Royal Society

  Censorship of scientific misinformation online could exacerbate feelings of distrust, so government should look at information literacy and funding fact checkers instead, says report

• January 19, 2022 19 Jan'22

  Twelve million jobs to be lost to automation in Europe by 2040

  Millions of current jobs in Europe will be carried out by robots as software robots automate processes

• January 17, 2022 17 Jan'22

  ‘Russian-backed’ hackers defaced Ukrainian websites as cover for dangerous malware attack

  Kiev claims that a hacking group in Belarus – a close ally of Russia – was responsible for hacking Ukrainian government websites amid threats of military action

• January 14, 2022 14 Jan'22

  Microsoft veteran turns her attention to levelling up IT industry for women

  Diversity goes beyond balancing the internal workforce and should include working with partners that also have diversity as a core objective, says Gavriella Schuster

• January 13, 2022 13 Jan'22

  Google forced to release documents about anti-union campaign

  New court documents reveal that Google attempted to keep details of its anti-union campaign confidential by claiming attorney-client privilege

• January 13, 2022 13 Jan'22

  NCSC sounds alarm over Russia-backed hacks

  The UK’s National Cyber Security Centre joins US calls to be wary of Russian state interference in critical national infrastructure IT systems

• January 12, 2022 12 Jan'22

  Microsoft fixes six zero-days in January Patch Tuesday update

  A larger than of late Patch Tuesday update from Microsoft comes as defenders continue to grapple with Log4Shell

• January 12, 2022 12 Jan'22

  Dutch cyber volunteers receive major funding boost

  The Dutch Institute for Vulnerability Disclosure has received a $100,000 donation to expand the scope of its work

• January 11, 2022 11 Jan'22

  Almost half of Log4j downloads still dangerously exposed

  Whether by error or design is unclear, but a great many IT teams are still exposing themselves by downloading outdated, insecure versions of Apache Log4j