News

IT security

• May 20, 2016 20 May'16

  NHS data security standards to be designed around technology, people and processes

  The Care Quality Commission’s delayed review of NHS data security standards will encourage NHS organisations to have senior information risk owners and Caldicott Guardians at board level

• May 19, 2016 19 May'16

  Lawmaker Vaizey hails UK role in resolving datacentre sovereignty issues

  Digital economy minister talks up government’s work in supporting the growth of the UK’s technology sector

• May 19, 2016 19 May'16

  Gov.uk Verify to go live 24 May 2016

  On 24 May 2016, the government’s identity assurance platform will move from beta to “fully live”, after missing its original April go-live target

• May 19, 2016 19 May'16

  Lessons from LinkedIn data breach revelations

  There are several important lessons to be learned from revelations about LinkedIn's 2012 data breach, say security experts

• May 18, 2016 18 May'16

  Cyber espionage campaign targets Ukraine separatists

  Security researchers discover a surveillance operation against separatists in Eastern Ukraine using spear phishing attacks to spread previously unknown malware

• May 17, 2016 17 May'16

  Police set for better engagement with UK tech firms

  The policing lead for digital investigation and intelligence says new structures will improve engagement and collaboration between the UK tech industry and police forces

• May 13, 2016 13 May'16

  Public cloud uptake rises, but Europe still lags behind the US

  Okta research finds the most popular cloud applications in all regions are mail, sales and marketing, social media and document storage

• May 13, 2016 13 May'16

  Time to shift information security focus away from prevention, says Swiss bank CISO

  Organisations need a new approach which recognises security is “breakable”, according to Michael Meli

• May 13, 2016 13 May'16

  10 key facts businesses need to note about the GDPR

  With less than two years before the new EU data protection rules come into force, there are key areas businesses need to focus on to ensure they will be compliant

• May 13, 2016 13 May'16

  Swift reports another Bangladesh central bank-style cyber attack

  Global financial messaging organisation Swift warns of a highly adaptive cyber criminal campaign targeting banks with user credentials to submit transfer requests

• May 12, 2016 12 May'16

  IAM central to Deutsche Bank’s digital transformation

  Deutsche Bank is using a centralised identity and access management (IAM) system and an application program interface (API) architecture for digital transformation

• May 10, 2016 10 May'16

  UK court rejects demands for Lauri Love to hand over encryption keys

  Court rules against an attempt by the National Crime Agency to force activist Lauri Love to disclose encryption keys by bypassing the Regulation of Investigatory Powers Act

• May 09, 2016 09 May'16

  Australian health sector an easy target for cyber criminals, says IBM

  A push to encourage greater adoption of electronic health records has raised the spectre of online record theft

• May 06, 2016 06 May'16

  Ransomware emerges as a top cyber threat to business

  Security researchers at Kasperky Lab and FireEye confirm that the upward trend of ransomware is continuing and has emerged as a top threat to business

• May 04, 2016 04 May'16

  D-Day for GDPR is 25 May 2018

  The European Parliament’s official publication of the General Data Protection Regulation means it will become enforceable on 25 May 2018

• May 03, 2016 03 May'16

  Gov.uk Verify misses April go-live target

  The Government Digital Service didn’t meet its target of taking identity assurance service Verify out of beta by the end of April, but is “nearly there”, according to programme director Janet Hughes

• April 29, 2016 29 Apr'16

  Cyber security in Belgium will gain prominence after terror attacks

  Belgium’s physical security has been branded inadequate, so how does the country’s cyber security measure up?

• April 28, 2016 28 Apr'16

  Payment card industry issues data security standard update

  PCI DSS version 3.2 introduces six new requirements for compliance, some additional guidance and a raft of clarifications

• April 28, 2016 28 Apr'16

  Technology moving too fast for governments to keep up, says former Darpa chief

  Former US defence technology chief supports encryption and privacy, despite intelligence services’ fears

• April 27, 2016 27 Apr'16

  IPv6 alone will not secure IoT, warns GE CISO

  It is important for all users of the internet of things to understand what they are getting into with IPv6, and to be aware of the risks and myths, says GE CISO Hanns Proenen

• April 26, 2016 26 Apr'16

  Business failing to learn lessons of past cyber attacks, report shows

  Organisations are still failing to address basic security issues and well-known attack methods, Verizon’s latest Data Breach Investigations Report reveals

• April 21, 2016 21 Apr'16

  GCHQ told analysts to assume surveillance 'bulk data' is legal

  Documents obtained by charity Privacy International reveal insights into GCHQ’s collection of sensitive bulk data, as lawyers question the impact of surveillance on legal privilege, fair trials and protection of whistleblowers

• April 19, 2016 19 Apr'16

  Employees’ use of personal devices puts firms at risk of malware infection, says report

  Downloaders care about their own security while grabbing pirated content, not that of their employers

• April 15, 2016 15 Apr'16

  Israeli volunteers ready their cyber defences as Anonymous affiliates attack

  Every April, Israel braces itself for an onslaught from pro-Palestinian hackers, but the occupants of a small conference room in Tel Aviv stand in their way

• April 15, 2016 15 Apr'16

  BBC turns micro:bit computers into IoT devices

  The BBC and Nominet demonstrate a new use case for the micro:bit computer and hope to turn Britain’s schoolchildren into internet of things pioneers

• April 13, 2016 13 Apr'16

  NCA attempts 'back door' access to obtain activist Lauri Love’s passwords

  Court told that use of civil proceedings to force disclosure of alleged hacker Lauri Love's passwords is disproportionate and would breach human rights law

• April 11, 2016 11 Apr'16

  QA launches cyber attack defence training facility in London

  Training firm QA launches a cyber attack simulation facility in London to enable organisations to test and learn cyber defence skills

• April 11, 2016 11 Apr'16

  Activist Lauri Love faces order to disclose encryption keys

  The UK’s National Crime Agency takes an unusual legal step to force a former university student accused of hacking to disclose encryption keys

• April 11, 2016 11 Apr'16

  IT specialist sentenced for stealing NHS computer equipment

  A former NHS IT worker is convicted of stealing hospital computer equipment from Doncaster and Bassetlaw Hospitals NHS Foundation trust and selling them on eBay

• April 06, 2016 06 Apr'16

  Panama Papers revealed by graph database visualisation software

  The 11.5 million files leaked from Panama-based law firm Mossack Fonseca are being interrogated by journalists using a combination of Neo4j’s graph database and data visualisation software Linkurious

• April 05, 2016 05 Apr'16

  'Citizens will be stripped naked' by Turkey’s data law

  Turkey's data protection law, introduced in March 2016, will make Turkey a near total surveillance state, yet the EU, apparently more concerned about securing Turkey's help in controlling immigration, is turning a blind eye

• April 04, 2016 04 Apr'16

  UK campaign launched against location data security risks

  UK consumers are unwittingly signing up to be location tracked and this data is being used and sold on for commercial benefit, warns privacy campaign

• March 31, 2016 31 Mar'16

  DDoS attacks on universities normally performed by “disgruntled” students or employees

  The majority of distributed denial of service attacks on universities are made by students or employees, says the head of infrastructure services at the University of London

• March 31, 2016 31 Mar'16

  Adwind at centre of cyber attack on Singapore bank

  Kaspersky Lab has revealed that the Adwind malware-as-a-service platform was at the centre of an attack on a Singapore bank

• March 30, 2016 30 Mar'16

  Security should be driven by business, says Corvid’s Andrew Nanson

  Information security should be business-driven and investments assessed for their effectiveness and business value, according to Corvid CTO

• March 29, 2016 29 Mar'16

  Cyber criminals use Microsoft PowerShell in ransomware attacks

  A newly discovered family of ransomware, dubbed PowerWare, uses Microsoft PowerShell to target organisations through macro-enabled documents

• March 29, 2016 29 Mar'16

  Apple vows to raise security as FBI breaks into iPhone

  Apple says it will help law enforcement with investigations, but will increase the security of its products after the FBI broke into an iPhone

• March 24, 2016 24 Mar'16

  Government warned of smart meter security threat back in 2012

  The government was warned four years ago that its plans for a nationwide smart meter roll-out represented a “potentially significant” security and privacy threat, Computer Weekly has learned

• March 24, 2016 24 Mar'16

  Businesses urged to update Apple software to dodge zero-day attacks

  Security experts are urging Apple Mac, iPhone and iPad users to update their operating systems to avoid data-stealing attacks that exploit a new zero-day vulnerability

• March 23, 2016 23 Mar'16

  Canadian Elizabeth Denham set for the UK's next information commissioner

  Canadian privacy commissioner Elizabeth Denham is to become the UK's next information commissioner as government pushes ahead with the snoopers' charter

• March 23, 2016 23 Mar'16

  US hospital claims to have fought off a ransomware attack

  A hospital in Kentucky claims to have regained control of its IT systems five days after cyber criminals hit it with a ransomware attack

• March 23, 2016 23 Mar'16

  Gov.uk Verify not secure enough for NHS, says HSCIC

  The government’s Verify identity verification platform isn’t secure enough for the NHS, so Liverpool Clinical Commissioning Group and HSCIC are working to add extra levels of security

• March 21, 2016 21 Mar'16

  Britain to pay billions for monster internet surveillance network

  New questions raised about Britain’s snoopers’ charter after Denmark abandons its own UK-style surveillance programme for a second time

• March 21, 2016 21 Mar'16

  National Cyber Security Centre to be UK authority on information security

  The UK’s National Cyber Security Centre (NCSC) is to be the UK's one-stop authority on infosec, based in London and led by GCHQ's Ciaran Martin

• March 18, 2016 18 Mar'16

  Australian girls believe online harassment is endemic

  There are clear signals that online threats against women and attempts to invade their privacy are becoming societal norms in Australia

• March 18, 2016 18 Mar'16

  Most students say cyber security is a growing threat

  Some 70% of higher education students say they are aware that cyber crime and attacks are a threat, but less than half think security is their responsibility

• March 11, 2016 11 Mar'16

  Royal Mail becomes eighth accredited Gov.uk Verify provider

  The Royal Mail is the latest provider to be accredited to support the government’s Gov.uk Verify identity assurance service

• March 11, 2016 11 Mar'16

  $1bn cyber bank heist thwarted by spelling error

  Cyber thieves made 30 requests for the New York Federal Reserve to transfer nearly $1bn from the Bangladesh central bank’s account, but a typo and the volume of requests alerted banking officials

• March 09, 2016 09 Mar'16

  Lack of security knowledge limiting business initiatives, survey shows

  Security concerns are limiting the adoption of cloud and mobility throughout organisations, according to the first Dell Data Security Survey

• March 04, 2016 04 Mar'16

  RSAC16: Cyber criminals are hiding in plain sight, says RSA report

  Cyber criminals are using social media as a communication and sales channel, not just for reconnaissance and phishing, an RSA study has revealed