News

IT for telecoms and internet organisations

• February 10, 2023 10 Feb'23

  Social media platform Reddit breached in phishing attack

  An unspecified threat actor obtained access to internal documents, code and business systems at Reddit after stealing employee credentials in a phishing attack

• February 08, 2023 08 Feb'23

  Campaigners lament lack of movement on Computer Misuse Act reform

  Westminster has opened a new consultation on proposed reforms to the Computer Misuse Act of 1990, but campaigners who want the law changed to protect cyber professionals have been left disappointed

• February 08, 2023 08 Feb'23

  Rakuten targets big edge deployments with Symworld Cloud

  Japanese giant Rakuten bought Kubernetes management platform Robin.io and put it in 50,000-plus telco antennas. Now it aims Symworld Cloud at enterprise edge deployments

• February 06, 2023 06 Feb'23

  Cops make arrests and seize drugs after hacking Exclu encrypted messaging app

  Police in the Netherlands, Belgium and Poland raided 80 addresses after covertly intercepting messages from the Exclu encrypted messaging app

• February 06, 2023 06 Feb'23

  The Security Interviews: How to overcome data protection compliance challenges

  Complying with the vast swathe of data protection legislation around the world is complex, especially for smaller organisations without the necessary expertise. Could the compliance process be simplified, and if so, how?

• February 03, 2023 03 Feb'23

  FCA cracks down on misleading promos by social media influencers

  Social media is becoming a major part of the FCA’s work in clamping down on misleading financial advertising and promotions, with multiple influencers rapped for their behaviour

• February 01, 2023 01 Feb'23

  Romance fraudsters stole £65m from Brits since 2020

  Online romance fraudsters have scammed Brits out of £65m in the past three years, according to retail bank TSB

• February 01, 2023 01 Feb'23

  Cloud security top risk to enterprises in 2023, says study

  A PwC study finds senior executives expect cyber attacks on cloud services to increase significantly this year

• February 01, 2023 01 Feb'23

  UK Cyber Council and ISACA launch audit, assurance programme

  The UK Cyber Security Council has teamed up with ISACA to partner on a new audit and assurance programme for security pros

• January 31, 2023 31 Jan'23

  MPs warned of AI arms race to the bottom

  Expert tells Parliamentary committee that tech companies developing artificial intelligence are cutting corners and placing safety on the backburner, opening up ‘enormous risks’ for the future of AI

• January 27, 2023 27 Jan'23

  Lords question ‘extensive’ government online safety powers

  Digital minister Paul Scully defends government Online Safety plans to give secretary of state powers to direct Ofcom

• January 27, 2023 27 Jan'23

  Hive ransomware gang taken down after FBI hacks back

  The FBI hacked into Hive’s servers, stole its decryption keys and then took down its servers in a major action that has successfully disrupted a prolific and dangerous ransomware operation

• January 25, 2023 25 Jan'23

  Boards struggle to resolve cyber risk in digital supply chains

  Accelerated digitisation of supply chains is introducing more cyber risk for which many organisations seem unprepared, according to the BSI’s annual report on supply chain risk

• January 24, 2023 24 Jan'23

  Chinese IoT suppliers expose UK businesses to espionage and data theft

  Chinese companies supplying network components, known as IoT modules, post a greater long-term threat to UK security than the now banned 5G supplier Huawei, according to a study by a Chinese expert and former diplomat

• January 24, 2023 24 Jan'23

  UK insurers need to up their game on cyber gaps, says PRA

  Gaps and limitations in how insurers respond to cyber risk need to be addressed, according to the Bank of England regulator, the Prudential Regulation Authority

• January 24, 2023 24 Jan'23

  SSRF attacks hit 100,000 businesses globally since November

  There has been a dramatic increase in attacks exploiting the ProxyNotShell/OWASSRF exploit chains to target Microsoft Exchange servers

• January 24, 2023 24 Jan'23

  Fake online contest makes Yahoo! most phished brand of Q4 2022

  Yahoo! was the most frequently phished brand during the last three months of 2022, according to a report

• January 20, 2023 20 Jan'23

  WhatsApp’s £4.8m fine raises questions for organisations using behavioural advertising

  The Irish Data Protection Commissioner has fined WhatsApp, owned by Meta, in a case that will raise questions for organisations that rely on contracts rather than consent to comply with GDPR when offering behavioural advertising

• January 19, 2023 19 Jan'23

  Mailchimp suffers third breach in 12 months

  Email marketing service Mailchimp has suffered its third data breach in a year, but has been praised for being open about its latest attack

• January 19, 2023 19 Jan'23

  UK seeks to ban sharing ‘positive’ Channel crossing videos online

  Under UK government amendments to the Online Safety Bill, video footage that shows people crossing the Channel in a ‘positive light’ could be added to a list of illegal content that all tech platforms must proactively prevent from reaching users, ...

• January 17, 2023 17 Jan'23

  Cloudflare urged to clamp down on pirates, counterfeiters

  A whitepaper produced by brand protection specialist Corsearch calls on Cloudflare to do more to stop online content piracy and sales of counterfeit goods

• January 17, 2023 17 Jan'23

  Crest throws support behind CyberUp CMA reform campaign

  Cyber accreditation association Crest International has lent its support to the CyberUp campaign for reform to the Computer Misuse Act of 1990

• January 17, 2023 17 Jan'23

  StarHub to undertake major network transformation

  Singapore telco StarHub is deploying a hybrid cloud architecture that will enable it to launch sovereign cloud services, among other capabilities

• January 16, 2023 16 Jan'23

  The Security Interviews: Protecting your digital self

  Our digital self – the virtual presence of who we are online – has a pervasive influence in the real world. People make judgements based on these digital depictions, so what can be done to ensure positive representation?

• January 13, 2023 13 Jan'23

  Unionised contract workers who train Google’s AI win pay rise

  Google contract workers employed at artificial intelligence training supplier RaterLabs have secured their first-ever pay rise, following collective demands that Google fulfil its own commitment to pay its extended workforce a minimum of $15 an hour

• January 11, 2023 11 Jan'23

  Internet shutdowns cost global economy $24bn in 2022

  Deliberate disruption of people’s access to the internet by governments is having a substantial economic impact and contributing to a range of human rights abuses, primarily against protestors

• January 11, 2023 11 Jan'23

  Microsoft fixes EoP zero-day on January Patch Tuesday

  On the first Patch Tuesday of 2023, Microsoft fixed an elevation of privilege vulnerability in Windows Advanced Local Procedure Call, which has been actively exploited in the wild and may be co-opted into ransomware campaigns

• January 10, 2023 10 Jan'23

  Insurer Beazley introduces catastrophe bond to ease cyber risk

  Insurance company Beazley says that its $45m cyber catastrophe bond will help to protect its balance sheet and enable it to offer more cyber insurance cover

• January 06, 2023 06 Jan'23

  Proposed digital fraud refund rules risk excluding many victims

  Proposals to establish a fraud refund mechanism in the UK risk excluding many victims of digitally enabled fraud, a major bank has warned

• January 06, 2023 06 Jan'23

  Meta to appeal £345m fine for Facebook and Instagram privacy breaches

  Social media company Meta is to appeal after the Irish Data Protection Commission fined the company for breaching GDPR

• January 05, 2023 05 Jan'23

  Cyber gang abused free trials to exploit public cloud CPU resources

  A South Africa-based cyber crime gang exploited free trials and introductory offers to run cryptominers via public cloud services, then did a runner without paying

• December 29, 2022 29 Dec'22

  Top 10 technology and ethics stories of 2022

  Here are Computer Weekly’s top 10 technology and ethics stories of 2022

• December 29, 2022 29 Dec'22

  Top 10 Nordic IT stories of 2022

  Here are Computer Weekly's top 10 Nordic IT articles of 2022

• December 28, 2022 28 Dec'22

  Complaints that NCA failed in duty of candour over EncroChat warrants ‘incredible’, court hears

  NCA lawyers argue that a decision by an NCA intelligence officer to disclose notes of a key meeting after two-and-a-half years boosts her credibility as a witness

• December 22, 2022 22 Dec'22

  NCA ‘wrong-footed’ defence lawyers after agreeing to take expert evidence on EncroChat ‘as read’

  The National Crime Agency argued at the Investigatory Powers Tribunal that expert evidence it agreed to ‘take as read’ is limited, flawed and often based on an incorrect interpretation of the law

• December 22, 2022 22 Dec'22

  Top 10 cyber security stories of 2022

  The war in Ukraine loomed large over the cyber security news agenda, but 2022 also saw growing awareness of open source security, discussion around cyber insurance, and more besides

• December 22, 2022 22 Dec'22

  Top 10 cyber crime stories of 2022

  Cyber crime continued to hit the headlines in 2022, with impactful cyber attacks abounding, digitally enabled fraud ever more widespread and plenty of ransomware incidents

• December 20, 2022 20 Dec'22

  Four-day working week set to stay at Atom bank

  Challenger bank Atom has formalised a four-day working week policy after a successful trial

• December 14, 2022 14 Dec'22

  Advanced Azov data wiper likely to become active threat

  Check Point deep dives into an emergent data wiper strain known as Azov, which is making waves with hundreds of new samples being submitted to VirusTotal daily

• December 14, 2022 14 Dec'22

  Ethical hackers flex their muscles in 2022

  Ethical hackers working through HackerOne programmes found 21% more vulnerabilities in 2022 than in 2021

• December 14, 2022 14 Dec'22

  Microsoft fixes two zero-days in final Patch Tuesday of 2022

  December’s Patch Tuesday is typically a light month for Microsoft, and this year proved no exception, but there are still several critical issues worth addressing, and two zero-days for defenders to pore over

• December 13, 2022 13 Dec'22

  EU issues draft data adequacy decision in favour of US

  The European Commission has concluded that the United States does ensure an adequate level of protection for personal data transferred from the European Union and will now launch the process towards the adoption of an adequacy decision

• December 13, 2022 13 Dec'22

  The nature of the CISO role will be in flux in 2023

  As cyber risk outpaces organisational defences, and cyber attacks and breaches cause more and more damage, the nature of the CISO role is entering a state of flux, according to a report

• December 13, 2022 13 Dec'22

  More Uber data exposed in possible supply chain attack

  A second incident affecting ride-sharing app Uber appears to have originated through a third party in a supply chain attack

• December 12, 2022 12 Dec'22

  Cloud-based fingerprint system for UK police nears completion

  Police Digital Service announces that a new cloud-based fingerprint system developed under its Transforming Forensics programme is nearly complete, but data protection concerns around the use of US-based cloud providers remain

• December 09, 2022 09 Dec'22

  Iranian APT seen exploiting GitHub repository as C2 mechanism

  A subgroup of the Iran-linked Cobalt Mirage APT group has been caught taking advantage of the GitHub open source project as a means to operate its latest custom malware

• December 09, 2022 09 Dec'22

  Online Safety Bill returns to Parliament

  MPs and online safety experts have expressed concern about encryption-breaking measures contained in the Online Safety Bill as it returns to Parliament for the first time since its passage was paused in July

• December 08, 2022 08 Dec'22

  Consumers to get new protections against dodgy apps

  Government’s new code of practice will impose new privacy and security measures on app store operators and developers

• December 08, 2022 08 Dec'22

  Apple to tap third party for physical security keys

  Apple is launching a number of new security protections, including the addition of third-party-provided hardware security keys

• December 07, 2022 07 Dec'22

  Google, MS, Oracle vulnerabilities make November ’22 a big month for patching

  Vulnerabilities affecting the likes of Google, Microsoft and Oracle proved particularly troublesome in November