News

IT for telecoms and internet organisations

• April 21, 2023 21 Apr'23

  Prototype cyber tech has revolutionary potential

  The so-called CHERI protection model developed at the University of Cambridge is showing great promise for future cyber security technologies

• April 20, 2023 20 Apr'23

  UK Emergency Alert Test sparks cyber fraud warning

  Fraudsters and scammers are likely to use the upcoming test of the UK's new mobile Emergency Alert system as bait in their attacks, while misinformation and conspiracy theories spread

• April 20, 2023 20 Apr'23

  3CX incident may be world’s first double supply chain attack

  It’s supply chain attacks all the way down as Mandiant publishes information suggesting that the 3CX software supply chain compromise was initiated via a prior software supply chain compromise

• April 19, 2023 19 Apr'23

  IT Priorities 2023: Budget optimism among EMEA IT leaders

  IT leaders across the EMEA region are optimistic that their budgets will increase over the coming year

• April 19, 2023 19 Apr'23

  CyberUK 23: Alert over mercenary Russian threat to CNI

  Russian hacktivists supportive of their government’s war on Ukraine are turning their attention to disruptive or destructive attacks on critical infrastructure in the UK, the NCSC has warned

• April 18, 2023 18 Apr'23

  Reduced spending on cloud services weighs European IT services market down

  Reduced spending on cloud services in the EMEA region meant a year-on-year drop in total IT and BPO services spend

• April 18, 2023 18 Apr'23

  Tech companies and NGOs urge rewrite of Online Safety Bill to protect encrypted comms

  The Online Safety Bill faces amendments in the House of Lords amid concerns that it could weaken the security of end-to-end encrypted communications for UK citizens

• April 13, 2023 13 Apr'23

  Thousands at risk from critical RCE bug in legacy MS service

  Thousands of organisations worldwide are at risk from three vulnerabilities – one critical – in a legacy Microsoft service that they may not be aware they are running

• April 13, 2023 13 Apr'23

  UK joins key allies to launch secure-by-design guidelines

  The UK has joined international partners in sharing new advice to help technology companies embed security into the product design and development process

• April 12, 2023 12 Apr'23

  April Patch Tuesday fixes zero-day used to deliver ransomware

  A zero-day in the Microsoft Common Log File System that has been abused by the operator of the Nokoyawa ransomware is among 97 vulnerabilities fixed in April’s Patch Tuesday update

• April 12, 2023 12 Apr'23

  Gartner: Rebalance cyber investment towards human-centric elements

  Security decision-makers need to reprioritise their investment outlooks towards people, rather than technology, according to the latest market forecast from Gartner

• April 11, 2023 11 Apr'23

  UKtech50 2023: Help us find the most influential people in UK IT

  Computer Weekly’s annual search for the 50 most influential people in UK IT is back – let us know who you would like to nominate for this year’s list

• April 05, 2023 05 Apr'23

  Quick-acting Rorschach ransomware appears out of nowhere

  Emergent Rorschach ransomware strain is highly advanced and quite unusual in its capabilities, warn researchers, who say they have been unable to link it to any other known strains

• April 05, 2023 05 Apr'23

  Italy’s ChatGPT ban: Sober precaution or chilling overreaction?

  Italy’s data protection authority issued a temporary ban on ChatGPT citing data protection concerns and alleged breaches of the GDPR. Is this a reasonable precaution, or a chilling restriction on personal freedoms?

• April 05, 2023 05 Apr'23

  Scottish police tech piloted despite major data protection issues

  Scottish policing bodies are pressing ahead with a data sharing pilot despite data protection issues around the use of US cloud providers, placing sensitive personal data of tens of thousands of people at risk

• April 04, 2023 04 Apr'23

  TikTok fined in UK over unlawful use of children’s data

  The ICO has fined TikTok £12.7m for breaches of data protection law, including unlawfully collecting data on children under 13

• April 04, 2023 04 Apr'23

  Threat researchers dissect anatomy of a Royal ransomware attack

  Trellix researchers share the inside track on a Royal ransomware attack that hit one of its customers in late 2022

• April 04, 2023 04 Apr'23

  Over 90% of organisations find threat hunting a challenge

  Understaffed security teams and high levels of background noise are making basic security operations tasks a chore for defenders, according to a report

• March 31, 2023 31 Mar'23

  Mounting Russian disinformation campaign targeting Arab world

  Researchers have found evidence of a broad Russian disinformation campaign targeting Arabic-speakers in the Middle East and North Africa

• March 31, 2023 31 Mar'23

  Generative AI central to Accenture’s tech vision

  Generative AI will play a central role over the next 10 years as the digital and physical world become more and more integrated

• March 30, 2023 30 Mar'23

  OSC&R supply chain security framework goes live on Github

  The OSC&R framework for understanding and evaluating threats to supply chain security has made its debut on Github to allow anybody to contribute to the framework

• March 30, 2023 30 Mar'23

  NCSC issues revised security Board Toolkit for business leaders

  National Cyber Security Centre calls on CEOs and senior business leaders to take a more hands-on approach to cyber resilience with the launch of revised board-level tools

• March 28, 2023 28 Mar'23

  Apple security updates fix 33 iPhone vulnerabilities

  A larger-than-usual update to Apple’s mobile operating system fixes more than 30 distinct vulnerabilities, including two serious issues that may potentially affect device kernels

• March 28, 2023 28 Mar'23

  Ransomware attacks up 45% in February, LockBit responsible

  NCC Group says it observed a surge in ransomware attacks in February, with LockBit, BlackCat and BianLian all highly active

• March 24, 2023 24 Mar'23

  National Crime Agency sting operation infiltrates cyber crime market

  The UK National Crime Agency has tricked thousands of potential cyber criminals into registering with a fake website pretending to offer tools for creating DDoS attacks

• March 21, 2023 21 Mar'23

  Ransomware gangs harass victims to ‘bypass’ backups

  Analysis reveals how cyber criminal gangs are turning to extensive, targeted harassment campaigns to force victims to pay up, even if their backups are in good order

• March 20, 2023 20 Mar'23

  BBC cracks down on TikTok after review

  The BBC is asking staff not to install TikTok on corporate-owned devices without a justified business purpose, although its use will still be allowed to share media content with its audiences

• March 17, 2023 17 Mar'23

  UK TikTok ban gives us all cause to consider social media security

  The UK government’s ban on TikTok should give all organisations cause to look into what information social media platforms are collecting on us, and what they are using it for

• March 16, 2023 16 Mar'23

  BEC attacks doubled in 2022, outstripping ransomware

  Massive growth in the volume of Business Email Compromise or BEC attacks was linked to a surge in successful phishing campaigns, according to data from Secureworks

• March 16, 2023 16 Mar'23

  Mandiant: Dangerous MS Outlook zero-day widely used against Ukraine

  A zero-day vulnerability in Microsoft Outlook that was fixed in the March Patch Tuesday update has likely been actively exploited by Russian actors for a year or more, and its use will now spread rapidly

• March 15, 2023 15 Mar'23

  Chinese Silkloader cyber attack tool falls into Russian hands

  A loader tool used by Chinese cyber criminals seems to have been enthusiastically taken up in recent weeks by Russian ransomware operators

• March 15, 2023 15 Mar'23

  Microsoft patches Outlook zero-day for March Patch Tuesday

  A highly dangerous privilege escalation bug in Outlook is among 80 different vulnerabilities patched in Microsoft’s March Patch Tuesday update

• March 13, 2023 13 Mar'23

  MI5 to oversee new National Protective Security Authority

  The new National Protective Security Authority will address various national security threats including state-sponsored cyber espionage against UK targets

• March 10, 2023 10 Mar'23

  Technology minister Michelle Donelan defends data reforms

  Secretary of state Michelle Donelan has defended the government’s new data reforms as providing certainty for businesses while simultaneously retaining high standards of data protection, but industry figures are having mixed reactions

• March 08, 2023 08 Mar'23

  UK government introduces revised data reform bill to Parliament

  Designed in close collaboration with technology businesses, the UK government is re-introducing an updated version of its Data Protection and Digital Information Bill to Parliament, which civil society groups say upends key safeguards

• March 03, 2023 03 Mar'23

  White House unveils National Cybersecurity Strategy

  The strategy will focus on ensuring closer collaboration on cyber security between government and industry, while giving software and other tech companies a bigger role in combatting threats due to their resources and expertise

• February 23, 2023 23 Feb'23

  WithSecure proposes ‘undo’ button for ransomware

  WithSecure’s Activity Monitor technology supposedly overcomes the shortcomings of sandbox test environments, and may be able to stop ransomware attacks from ever happening

• February 23, 2023 23 Feb'23

  Santander SME platform harnesses Salesforce

  Bank platform that helps UK small and medium-sized enterprises expand export opportunities is built on cloud technology from Salesforce

• February 22, 2023 22 Feb'23

  UK forces lead live-fire cyber war exercise

  The seven-day Defence Cyber Marvel 2 exercise put cyber responders from 11 countries through their paces

• February 22, 2023 22 Feb'23

  Researchers find new bug ‘class’ in Apple devices

  A group of vulnerabilities in Apple products that stem from the ForcedEntry exploit used by spyware firm NSO constitutes a whole new class of bug, say researchers at Trellix

• February 22, 2023 22 Feb'23

  Dutch cyber security professionals experience stress akin to soldiers in war zone, claims expert

  Cyber attacks are taking a heavy toll on Dutch IT professionals, with over a third reporting that their mental health suffers as a result

• February 22, 2023 22 Feb'23

  Half of cyber leaders to switch jobs by 2025, citing stress

  A substantial number of cyber security leaders are plotting their great escape, saying the industry is leaving them too stressed to go on, according to a study

• February 21, 2023 21 Feb'23

  US government Strike Force aims to prevent adversaries from accessing disruptive tech

  The US Strike Force law enforcement initiative will target rogue nation-states that pose a national security threat

• February 20, 2023 20 Feb'23

  Twitter 2FA changes bring more risks than benefits

  Twitter’s approach to nudging users away from insecure SMS-based 2FA is being questioned over its logic

• February 15, 2023 15 Feb'23

  Multi-purpose malwares can use more than 20 MITRE ATT&CK TTPs

  Report warns of the development of increasingly sophisticated, multi-purpose malwares, and calls on defenders to play close attention to the MITRE ATT&CK framework to ward them off

• February 15, 2023 15 Feb'23

  Microsoft fixes three zero-days in February update

  February’s Patch Tuesday update contains fixes for three previously unpublicised zero-days in Microsoft Office, Windows Graphics Component and Windows Common Log File System Driver

• February 14, 2023 14 Feb'23

  Vidar, nJRAT re-emerge as prominent malware threats in January

  Trojans and infostealers once again dominate the list of most commonly observed threats, according to Check Point’s latest telemetry

• February 14, 2023 14 Feb'23

  Researcher exposes crypto scam network exploiting YouTube

  A massive network of fake YouTube videos promoted by automated sock puppet accounts is reeling in hundreds of cryptocurrency enthusiasts and persuading them to hand over their money, WithSecure researchers found

• February 13, 2023 13 Feb'23

  KPMG launches metaverse and digital twin hub in Saudi Arabia

  The Saudi Arabian government’s commitment to investing in metaverse technology has attracted a KPMG centre of excellence to its shores

• February 13, 2023 13 Feb'23

  Security buyers lack insight into threats, attackers, report finds

  The majority of cyber security purchasing decisions are made without proper insight into the attackers organisations are facing, according to a Mandiant report