News

IT governance

February 03, 2023 03 Feb'23
LockBit gang confirms Ion cyber attack as disruption continues

The LockBit ransomware cartel has taken responsibility for this week’s attack on financial software firm Ion, and is threatening to leak stolen data on Saturday 4 February
February 03, 2023 03 Feb'23
FCA cracks down on misleading promos by social media influencers

Social media is becoming a major part of the FCA’s work in clamping down on misleading financial advertising and promotions, with multiple influencers rapped for their behaviour
February 03, 2023 03 Feb'23
MEPs vote to amend platform worker directive

MEPs have voted in favour of amendments to the European Commission’s platform worker directive that would introduce a presumption of employment and increase algorithmic transparency
February 02, 2023 02 Feb'23
Goodbye NHS Digital – a new era of NHS technology is upon us

As NHS Digital is officially merged into NHS England, Computer Weekly takes a look at the history of the organisation and what the merger could mean for the future of NHS IT

February 02, 2023 02 Feb'23
Suspected LockBit ransomware attack causes havoc in City of London

A suspected LockBit ransomware attack on trading software firm Ion has caused chaos for City of London traders
February 02, 2023 02 Feb'23
Arnold Clark customer data was stolen in Play ransomware attack

Arnold Clark confirms data leaked on dark web was stolen from its systems in ransomware attack
February 01, 2023 01 Feb'23
Cisco fixes two bugs that could have led to supply chain attacks on users

Two vulnerabilities uncovered in Cisco hardware could have opened the door to serious supply chain cyber attacks, according to the Trellix researchers who found them
February 01, 2023 01 Feb'23
Cloud security top risk to enterprises in 2023, says study

A PwC study finds senior executives expect cyber attacks on cloud services to increase significantly this year
February 01, 2023 01 Feb'23
Malware variant can block contactless payments

Kaspersky warns that the latest variant of the Prilex malware can block contactless payments to force people to insert cards, enabling criminals to steal money
February 01, 2023 01 Feb'23
UK Cyber Council and ISACA launch audit, assurance programme

The UK Cyber Security Council has teamed up with ISACA to partner on a new audit and assurance programme for security pros

January 31, 2023 31 Jan'23
GitHub warns Desktop, Atom users after code-signing certificates pinched

Threat actors stole encrypted code-signing certificates for GitHub’s Desktop and Atom applications in December 2022, prompting warnings for users
January 31, 2023 31 Jan'23
MI5 unlawfully collected and held millions of people’s data

Secretive court finds MI5 knowingly acted unlawfully in use of bulk surveillance warrants, and the Home Office continued granting warrants despite information the agency was operating outside the law
January 31, 2023 31 Jan'23
MPs warned of AI arms race to the bottom

Expert tells Parliamentary committee that tech companies developing artificial intelligence are cutting corners and placing safety on the backburner, opening up ‘enormous risks’ for the future of AI
January 30, 2023 30 Jan'23
Data of 10 million JD Sports customers accessed in cyber attack

Data on 10 million people who shopped online at JD Sports over a two-year period was accessed and potentially stolen in a cyber attack
January 27, 2023 27 Jan'23
Lords question ‘extensive’ government online safety powers

Digital minister Paul Scully defends government Online Safety plans to give secretary of state powers to direct Ofcom
January 25, 2023 25 Jan'23
NCSC exposes Iranian, Russian spear-phishing campaign targeting UK

Spear-phishing campaigns likely linked to Iranian and Russian espionage activity are targeting persons of interest in the UK, warns the NCSC
January 25, 2023 25 Jan'23
Arnold Clark cyber attack claimed by Play ransomware gang

A cyber attack that struck car dealer Arnold Clark prior to Christmas has been claimed as the work of the Play ransomware cartel
January 25, 2023 25 Jan'23
Boards struggle to resolve cyber risk in digital supply chains

Accelerated digitisation of supply chains is introducing more cyber risk for which many organisations seem unprepared, according to the BSI’s annual report on supply chain risk
January 24, 2023 24 Jan'23
UK insurers need to up their game on cyber gaps, says PRA

Gaps and limitations in how insurers respond to cyber risk need to be addressed, according to the Bank of England regulator, the Prudential Regulation Authority
January 24, 2023 24 Jan'23
Nationwide Building Society CIO to join Co-operative Bank

Gary Delooze to join Co-operative Bank as CIO after six years heading up Nationwide Building Society’s IT department
January 24, 2023 24 Jan'23
SSRF attacks hit 100,000 businesses globally since November

There has been a dramatic increase in attacks exploiting the ProxyNotShell/OWASSRF exploit chains to target Microsoft Exchange servers
January 24, 2023 24 Jan'23
Fake online contest makes Yahoo! most phished brand of Q4 2022

Yahoo! was the most frequently phished brand during the last three months of 2022, according to a report
January 23, 2023 23 Jan'23
CIO interview: Ed Higgs, group director of IT shared services, Rentokil Initial

The pest control provider has consolidated 77 datacentres globally to just three – but with a corporate culture of acquisitions, there’s still a lot more to do
January 23, 2023 23 Jan'23
Trellix automates patching for 62,000 vulnerable open source projects

Since revealing startling statistics about the prevalence of a 15-year-old Python vulnerability, Trellix says it has helped fix almost 62,000 vulnerable projects in the past four months
January 23, 2023 23 Jan'23
Royal Society calls on public sector to pilot privacy tech

The Royal Society says public sector bodies should lead the way in piloting privacy-enhancing technologies to unlock the value of data without compromising privacy and data rights, but lack of standards and incentives mean adoption is slow
January 23, 2023 23 Jan'23
NCSC warning over cyber risk to charity sector

Cash-strapped charities without the resource to tackle their resilience deficit are increasingly at risk from malicious actors, says the NCSC
January 22, 2023 22 Jan'23
Royal Mail making limited progress on ransomware recovery

Royal Mail asks customers to hold back from sending post overseas as some services get back on track, while a report warns that disruptive attacks on critical infrastructure are set to become more common
January 20, 2023 20 Jan'23
Veeam survey finds ransomware blocks digital transformation

Annual report shows secular trend to the cloud and increased use of containers, but prevalence of ransomware attacks means digital transformation is hindered
January 19, 2023 19 Jan'23
International post resumes thanks to Royal Mail ‘workarounds’

Royal Mail has resumed limited international services after putting in place operational workarounds to bypass the impact of a ransomware attack
January 19, 2023 19 Jan'23
KFC, Pizza Hut parent shuts UK restaurants after cyber attack

A ransomware attack on Yum! Brands, the parent organisation of restaurants including KFC and Pizza Hut, was forced to shut approximately 300 outlets in the UK following a ransomware attack by an unspecified group
January 19, 2023 19 Jan'23
Mailchimp suffers third breach in 12 months

Email marketing service Mailchimp has suffered its third data breach in a year, but has been praised for being open about its latest attack
January 19, 2023 19 Jan'23
UK seeks to ban sharing ‘positive’ Channel crossing videos online

Under UK government amendments to the Online Safety Bill, video footage that shows people crossing the Channel in a ‘positive light’ could be added to a list of illegal content that all tech platforms must proactively prevent from reaching users, ...
January 19, 2023 19 Jan'23
Newham Council rejects use of live facial-recognition tech by police

Live facial-recognition technology should not be used by police in Newham until biometric and anti-discrimination safeguards are in place, according to a motion passed unanimously by the council, but the Met Police and the Home Office have indicated...
January 19, 2023 19 Jan'23
Outdated IT infrastructure poses growing risk to UK Security Vetting

Delays to UKSV’s important work in safeguarding the country’s national security are in part down to a legacy IT estate in dire need of modernisation, says the NAO
January 18, 2023 18 Jan'23
Ukraine CERT leaders touch down in London for talks

The UK’s NCSC has been hosting Ukrainian cyber security leaders for a round of bilateral talks on improving resilience
January 18, 2023 18 Jan'23
Ukraine cyber teams responded to more than 2,000 attacks in 2022

The Ukrainian authorities responded to more than 2,000 major cyber incidents during 2022, and are blocking thousands more potential attacks every day
January 17, 2023 17 Jan'23
Benelux CIO interview: Richard Ventre, SHV Holdings

In his role at Netherlands-based SHV Holdings, Richard Ventre is tackling the challenge of enabling a diverse set of digital transformations across a range of industries
January 17, 2023 17 Jan'23
Cloudflare urged to clamp down on pirates, counterfeiters

A whitepaper produced by brand protection specialist Corsearch calls on Cloudflare to do more to stop online content piracy and sales of counterfeit goods
January 17, 2023 17 Jan'23
Crest throws support behind CyberUp CMA reform campaign

Cyber accreditation association Crest International has lent its support to the CyberUp campaign for reform to the Computer Misuse Act of 1990
January 17, 2023 17 Jan'23
Royal Mail promises ‘workarounds’ to restore services after ransomware attack

Royal Mail CEO Simon Thompson apologises to customers whose businesses are being disrupted by a ransomware attack and promises a ‘workaround’ will be in place in the near future
January 16, 2023 16 Jan'23
The Security Interviews: Protecting your digital self

Our digital self – the virtual presence of who we are online – has a pervasive influence in the real world. People make judgements based on these digital depictions, so what can be done to ensure positive representation?
January 14, 2023 14 Jan'23
Experts concerned over silence around government obligation to review UK surveillance laws

The government is required to review the UK’s surveillance law, the Investigatory Powers Act, but experts say they are in the dark about its plans. The National Crime Agency’s operation Venetic has highlighted the need for urgent reforms
January 13, 2023 13 Jan'23
LockBit cartel suspected of Royal Mail cyber attack

The still-developing cyber incident at Royal Mail may be the work of the infamous LockBit ransomware operation
January 12, 2023 12 Jan'23
Companies warned to step up cyber security to become ‘insurable’

Investing in better IT security to protect against cyber crime will make businesses more resilient against other risks
January 12, 2023 12 Jan'23
Guardian confirms Christmas 2022 cyber attack was ransomware

Guardian Media Group bosses confirm the 20 December cyber attack that left staff locked out of its London office and disrupted several key systems was an untargeted ransomware attack
January 11, 2023 11 Jan'23
Royal Mail services hit by major cyber attack

UK postal service Royal Mail is asking customers not to send any overseas letters or parcels while it deals with the impact of an ongoing cyber attack
January 11, 2023 11 Jan'23
Internet shutdowns cost global economy $24bn in 2022

Deliberate disruption of people’s access to the internet by governments is having a substantial economic impact and contributing to a range of human rights abuses, primarily against protestors
January 11, 2023 11 Jan'23
Microsoft fixes EoP zero-day on January Patch Tuesday

On the first Patch Tuesday of 2023, Microsoft fixed an elevation of privilege vulnerability in Windows Advanced Local Procedure Call, which has been actively exploited in the wild and may be co-opted into ransomware campaigns
January 10, 2023 10 Jan'23
Insurer Beazley introduces catastrophe bond to ease cyber risk

Insurance company Beazley says that its $45m cyber catastrophe bond will help to protect its balance sheet and enable it to offer more cyber insurance cover
January 10, 2023 10 Jan'23
Former subpostmaster Alan Bates, who ‘pulled up trees and moved mountains’, turns down OBE offer

Alan Bates, who fought for decades to expose the Post Office Horizon IT scandal, says it would be inappropriate to accept an OBE when former Post Office CEO Paula Vennells still holds her CBE