News

IT security

July 11, 2022 11 Jul'22
Microsoft VBA macro block will return

Microsoft provides more details about its sudden decision to rollback a landmark security policy, and reassures users it is a temporary measure
July 11, 2022 11 Jul'22
SMEs lagging on multifactor authentication

Only 46% of small business owners say they have implemented multifactor authentication, and just 13% mandate its use, according to a report
July 08, 2022 08 Jul'22
Stop telling clients to pay ransomware gangs, solicitors told

The NCSC and the ICO are calling on solicitors to help tackle the rising number of ransomware payments being made, and to stop giving erroneous advice to victims
July 08, 2022 08 Jul'22
Sweden and GDPR – four years on

Swedish data protection coordinator talks to Computer Weekly four years into the General Data Protection Regulation

July 08, 2022 08 Jul'22
Microsoft appears to reverse VBA macro-blocking

Microsoft quietly reverses VBA macro-blocking across its Office portfolio in a move that has left security experts puzzled
July 07, 2022 07 Jul'22
UK government does not yet understand threat of technology to foreign policy

Select committee chair warns government that the threat posed to global security by malign actors influencing tech standards is no ‘dystopian fantasy’
July 07, 2022 07 Jul'22
MI5, FBI chiefs warn of Chinese cyber espionage threat

In a joint appearance in London, MI5 director general Ken McCallum and FBI director Chris Wray warn of the growing threat posed by the Chinese government to UK and US interests
July 07, 2022 07 Jul'22
UK signs ‘in principle’ data adequacy agreement with South Korea

Bilateral adequacy agreement will allow businesses to conduct cross-border data transfers with minimal restrictions
July 07, 2022 07 Jul'22
Amid NSO lawsuit, Apple expands spyware protections

Apple previews a new feature called Lockdown Mode to protect iPhone and iPad users from ‘mercenary spyware’
July 07, 2022 07 Jul'22
Latest Marriott data breach not as serious as others

Questions are again being raised over Marriott’s cyber security practices following yet another incident, but fortunately it seems limited in its scope, and the company is responding appropriately

July 07, 2022 07 Jul'22
Tech companies face pressure over end-to-end encryption in Online Safety Bill

An amendment to the Online Safety Bill, currently going through Parliament, will put pressure on tech companies over end-to-end encrypted messaging services
July 07, 2022 07 Jul'22
The Security Interviews: Inside Russia’s Ukraine information operation

Computer Weekly speaks to Craig Terron of Recorded Future about delving deep inside the Russian disinformation machine, and how the Kremlin’s strategy is set to evolve
July 06, 2022 06 Jul'22
Plexal seeks new scaleups for next phase of Cyber Runway

Established security startups looking to grow and scale their operations are being invited to join the next phase of Plexal’s Cyber Runway programme
July 06, 2022 06 Jul'22
ESET: Lazarus APT hit aero, defence sector with fake job ads

ESET researchers present new findings into a series of cyber attacks on the aerospace and defence sectors by North Korea’s Lazarus crime syndicate
July 05, 2022 05 Jul'22
Prepare for long-term cyber threat from Ukraine war, says NCSC

The NCSC has published refreshed guidance on cyber preparedness as the war on Ukraine continues, urging organisations to pay attention to the state of their security teams
July 05, 2022 05 Jul'22
LogRhythm bullish on growth in APAC

LogRhythm expects its business in the region to grow by over 20% this year thanks to demand from emerging economies where cyber security investments have not kept pace with cyber threats
July 05, 2022 05 Jul'22
NCSC CEO: Why we should run towards crises to elevate cyber security

National Cyber Security Centre CEO Lindy Cameron, the 2022 Computer Weekly UKtech50 Most Influential Person in UK IT, reflects on a career immersed in crisis management, and how she is using this to elevate cyber security standards across the country
July 04, 2022 04 Jul'22
MPs call for ban on Chinese surveillance camera technology

Nearly 70 MPs have called on the government to ban Chinese camera technology that is widely used by UK government agencies despite links to human rights abuses in China
July 04, 2022 04 Jul'22
Government rejects Lords police tech inquiry recommendations

The government has largely rejected the findings and recommendations of a House of Lords inquiry into police tech, which called for an overhaul of how police deploy artificial intelligence and algorithmic technologies
July 04, 2022 04 Jul'22
Assange appeals against Priti Patel’s extradition order

WikiLeaks founder is expected to raise concerns over the political nature of his prosecution, the likelihood of him receiving a fair trial, and the risk of a coercive plea bargain
June 30, 2022 30 Jun'22
ICO to cut back on fines for public sector data breaches

Information commissioner John Edwards sets out a revised approach to how the ICO handles data breaches in the public sector, saying fining victims risks punishing the public twice over
June 29, 2022 29 Jun'22
Urgent need for new laws to govern biometrics, legal review finds

Independent review says new framework is needed to clear up legal and ethical concerns over the use of biometric data and technologies, which can impact privacy, freedom of expression and other human rights
June 29, 2022 29 Jun'22
New cyber extortion op appears to have hit AMD

Semiconductor specialist AMD has confirmed it is investigating reports that a ‘bad actor’ has stolen hundreds of gigabytes of its data
June 29, 2022 29 Jun'22
Romance scammers exploit Ukraine war in cynical campaign

Romance scammers can make easy money exploiting people looking for love, but in this newly observed campaign linked to the Ukraine war they are playing on deeper emotions
June 29, 2022 29 Jun'22
Spy agencies need ‘independent authorisation’ to access telecoms data, say judges

The High Court has ruled that UK intelligence agencies should seek independent authorisation before accessing phone and internet records during criminal investigations
June 28, 2022 28 Jun'22
Proposed changes to copyright law open doors for AI data mining

Update to copyright law will mean researchers who already have access to data will not require extra permission from copyright owner to run data mining algorithms, removing barriers to artificial intelligence research and development
June 28, 2022 28 Jun'22
Avast uncovers ‘thieves’ kitchen’ of malware-writing teens

Researchers stumble across online community of 11 to 18-year-olds constructing, exchanging and spreading malware
June 28, 2022 28 Jun'22
Russia-aligned hacktivists behind Lithuania DDoS attack

Killnet hacktivist collective targeted Lithuania with distributed denial of service attacks after its government angered the Kremlin
June 28, 2022 28 Jun'22
Veritas aims at autonomous backup discovery and provisioning

Veritas bets on a backup platform that can discover all enterprise data – on-premise and in the cloud – and make its own decisions about the optimal place to store copies
June 27, 2022 27 Jun'22
Commercial cyber products must be used responsibly, says NCSC CEO

NCSC’s Lindy Cameron is to speak out on responsible regulation of cyber capabilities at an event in Tel Aviv, Israel
June 27, 2022 27 Jun'22
Brexit a net negative for UK cyber, say CISOs

Six years on from the UK’s Brexit vote, the majority of security professionals say leaving the EU has raised concerns over their ability to keep their organisations safe
June 27, 2022 27 Jun'22
LockBit ransomware gang launches bug bounty programme

A bug bounty programme is among a number of features LockBit’s developers have added to ‘version 3.0’ of the ransomware
June 24, 2022 24 Jun'22
Black Basta ransomware crew aiming for ‘big leagues’

Emergent Black Basta ransomware gang has hit more than 50 countries since bursting onto the scene earlier this year, says Cybereason
June 24, 2022 24 Jun'22
US cyber agency in fresh warning over Log4Shell risk to VMware

Many VMware Horizon and UAG servers remain defenceless against Log4Shell, and organisations continue to fall victim to the vulnerability
June 24, 2022 24 Jun'22
Developers grapple with open source software security

Software developers are taking longer to fix vulnerabilities and many do not know about the dependencies of open source software components they are using, study finds
June 23, 2022 23 Jun'22
Ukraine cyber agency enlists Radware to protect government networks

Ukraine’s State Service of Special Communications and Information Protection is using Radware cloud DDoS protection and web application firewall services to protect the government from persistent Russian attacks
June 23, 2022 23 Jun'22
FCA seeks more tech expertise in fight against fraud

UK financial services regulator wants technology professionals to join its team fighting online fraud
June 23, 2022 23 Jun'22
SolarWinds unveils new development model to avoid a repeat of Sunburst

SolarWinds has unveiled a new, secure-by-design software development model to protect itself from a repeat of the infamous 2020 cyber attack on its systems, and serve as a blueprint for the industry
June 22, 2022 22 Jun'22
Uber drivers strike over pay issues and algorithmic transparency

Unionised Uber drivers take industrial action against the company over its failure to pay workers in line with a Supreme Court decision and inflation, as well as the lack of transparency around how it uses their data
June 22, 2022 22 Jun'22
NatWest files under whistleblower’s bed contain live customer data

Former Royal Bank of Scotland worker wants bank to take back customer files and provide an ‘adequate receipt’
June 22, 2022 22 Jun'22
How TDCX is building a people-centric business

Every digital tool deployed by the Singapore-based services firm is aimed at augmenting the performance and experience of its employees, says TDCX’s group CIO, Byron Fernandez
June 21, 2022 21 Jun'22
Government won’t regulate on professional cyber standards

The government has elected not to proceed with regulatory intervention to embed standards and pathways across the cyber profession
June 21, 2022 21 Jun'22
CNI leaders’ attitude to ransomware lackadaisical at best

A survey of security decision-makers in sectors regarded as critical national infrastructure reveals a disappointing attitude to ransomware threats
June 21, 2022 21 Jun'22
Microsoft Office 365 has ability to ‘spy’ on workers

Microsoft faces calls for ‘transparency’ over tools in Office 365 that allow employers to read staff emails and monitor their computer use at work
June 20, 2022 20 Jun'22
Lords move to protect cyber researchers from prosecution

A cross-party group in the House of Lords has proposed an amendment to the Product Security and Telecommunications Infrastructure Bill that would address concerns about security researchers or ethical hackers being prosecuted in the course of their ...
June 20, 2022 20 Jun'22
Complex Russian cyber threat requires we go back to basics

The situation in Russia is anything but simple, but it is the fundamentals of cyber security hygiene that pose the best defence against the country’s digital threat, as Mandiant’s Jamie Collier explains
June 19, 2022 19 Jun'22
Aussie mobile users most vulnerable to security threats

Australia has the highest percentage of mobile app threats detected on a per-device basis, with iPhone users more likely to download a risky app than an Android user, study finds
June 17, 2022 17 Jun'22
Government responds to Data Reform Bill consultation

Westminster claims its new data laws will boost British benefits, protect consumers, and seize the ‘benefits’ of Brexit
June 17, 2022 17 Jun'22
MoD sets out strategy to develop military AI with private sector

The UK Ministry of Defence has outlined its intention to work closely with the private sector to develop and deploy a range of artificial intelligence-powered technologies, committing to ‘lawful and ethical AI use’
June 16, 2022 16 Jun'22
TalkTalk hacker Daniel Kelley gives up his black hat for good

After serving a four-year prison sentence for his role in the 2015 TalkTalk hack and other cyber offences, Daniel Kelley now wants to pursue a legitimate cyber security career