News

IT security

June 16, 2022 16 Jun'22
Dundee security research centre opens with support from SBRC

An £18m hub at Abertay University in Dundee forms the centrepiece of Scotland’s first security research cluster
June 16, 2022 16 Jun'22
Office 365 loophole may give ransomware an easy shot at your files

Researchers at Proofpoint have discovered potentially dangerous Microsoft Office 365 functionality that they believe may give ransomware a clear shot at files stored on SharePoint and OneDrive
June 16, 2022 16 Jun'22
Interpol arrests thousands in global cyber fraud crackdown

A two-month operation saw law enforcement agencies in 76 countries crack down on organised cyber fraud
June 15, 2022 15 Jun'22
$2k to access your organisation on the dark web

Dark web brokers will sell access to company networks and systems for an average of $2,000 to $4,000

June 15, 2022 15 Jun'22
Patch Tuesday dogged by concerns over Microsoft vulnerability response

The last Patch Tuesday in its current form is overshadowed by persistent concerns about how Microsoft deals with vulnerability disclosure
June 14, 2022 14 Jun'22
MS Azure Synapse vulnerability fixed after six-month slog

Microsoft patched a critical Azure Synapse vulnerability twice, but each time the researcher who discovered it was able to bypass it with ease, leading to a lengthy saga
June 13, 2022 13 Jun'22
UK, US prepare to launch PET project

A transatlantic prize challenge to accelerate development of privacy-enhancing technologies is set to begin
June 13, 2022 13 Jun'22
Government recommits to UK’s cyber future in Digital Strategy

New strategy leans heavily on cyber security but stops short of announcing any initiatives that have not already been launched or heavily trailed
June 13, 2022 13 Jun'22
New UK digital strategy aims to secure future growth for £150bn digital economy

Government publishes plan that brings together existing and new initiatives intended to expand the digital sector and help to establish the UK as a ‘superpower’ in science and tech
June 13, 2022 13 Jun'22
New warning over tech suppliers in thrall to hostile governments

Ukraine war could lead to shakeup of dual-use tech exports, says former UK intelligence officer

June 13, 2022 13 Jun'22
Health data strategy to exorcise ghosts of GPDPR

Government publishes a revised data in health strategy, with an emphasis firmly on preserving the integrity and privacy of patients’ confidential information
June 13, 2022 13 Jun'22
Qatar bolsters cyber security in preparation for World Cup

With hackers honing their cyber weapons to target the upcoming football World Cup, Qatar is busy developing countermeasures and raising awareness
June 10, 2022 10 Jun'22
ICO fails to disclose majority of reprimands issued under GDPR

London law firm Mishcon de Reya forces disclosure of reprimands issued to organisations by the Information Commissioner’s Office for contraventions of UK data protection law
June 10, 2022 10 Jun'22
Snake Keylogger climbing malware charts, says Check Point

Cyber criminals behind Snake Keylogger campaigns have been switching up their tactics in the past few weeks, say researchers
June 10, 2022 10 Jun'22
Researchers find eight CVEs in single building access system

A series of eight vulnerabilities in Carrier LenelS2 building access panels could enable malicious actors to obtain physical access to their targets
June 10, 2022 10 Jun'22
Commercialising open source

Most software developed today takes advantage of open source, but there are still gaps in understanding what open source means in business
June 09, 2022 09 Jun'22
SolarWinds CEO offers to commit staffers to government cyber agencies

A new proposal from SolarWinds’ outspoken CEO, Sudhakar Ramakrishna, could see software companies commit key staff to work with government cyber agencies to improve cooperation and incident response
June 09, 2022 09 Jun'22
Trade body calls for public-private sector collab on digital ID

TechUK has published a report outlining 10 key recommendations it believes are urgently needed to enable the rapid creation of an effectively regulated digital identity marketplace
June 09, 2022 09 Jun'22
Cyber researchers step in to fill Patch Tuesday’s shoes

Afraid you’ll miss Patch Tuesday when it’s gone? You’re not alone, but security analysts at Recorded Future are taking action to help the community come to terms with its loss
June 08, 2022 08 Jun'22
China using top consumer routers to hack Western comms networks

An advisory from US cyber authorities shares details of multiple vulnerabilities exploited by Chinese state actors to hack into Western telecoms networks
June 08, 2022 08 Jun'22
ProxyLogon, ProxyShell may have driven increase in dwell times

The median network intruder dwell time was up 36% to 15 days last year, thanks to massive exploitation of the ProxyLogon and ProxyShell vulnerabilities by IABs, according to new Sophos data
June 07, 2022 07 Jun'22
Weak IT and SecOps collaboration in ANZ opens doors to cyber attacks

The weak collaboration between IT and security teams in Australia and New Zealand is exposing their organisations to data loss, business disruption and other potential consequences of cyber attacks
June 07, 2022 07 Jun'22
Software house Mega achieves holistic SaaS security with Synopsys

Mega International, a supplier of IT management software, turned to Synopsys’s Coverity and Black Duck products to reassure both itself and its customers that its software-as-a-service offerings were built to the best possible security standards
June 01, 2022 01 Jun'22
EU must stand ground on cyber security, says Finland’s WithSecure

Russian threat is serving to focus minds on cyber security across Europe, say executives at enterprise security company’s inaugural conference
June 01, 2022 01 Jun'22
Executive interview: Jeetu Patel, general manager of collaboration and security, Cisco

Anyone with an idea can help solve a problem if geography and distance don’t matter when bringing in talent, says Cisco’s collaboration and security chief
June 01, 2022 01 Jun'22
Security leaders call for more observability for cloud native apps

New research highlights the challenges CISOs face securing modern, cloud native applications
May 31, 2022 31 May'22
Researchers discover zero-day Microsoft vulnerability in Office

Malicious Word documents have been used to invoke a previously undisclosed vulnerability in Microsoft Office without user interaction through Windows utility functions
May 31, 2022 31 May'22
Industrial systems not safe for the future, say Dutch ethical hackers

Ethical hackers in the Netherlands say operational technology and IT networks need to be integrated to prevent cyber attacks penetrating their operations
May 31, 2022 31 May'22
Singapore doubles down on quantum technology

The city-state is shoring up its quantum talent and quantum device manufacturing capabilities in a bid to advance its knowhow in the emerging technology
May 30, 2022 30 May'22
ICO calls for police to end ‘excessive collection’ of personal data from rape and assault victims

The UK’s information commissioner, John Edwards, has called for prosecutors and police to end the excessive collection of personal data from victims of rape and serious sexual assault
May 26, 2022 26 May'22
Consultation launched on datacentre, cloud security

The government is seeking views on how to boost the security and resilience of the UK’s datacentres and online cloud platforms
May 26, 2022 26 May'22
Two-thirds of UK organisations defrauded since start of pandemic

Nearly two out of three UK companies say they have experienced some form of fraud or economic crime in the past two years, according to a report
May 26, 2022 26 May'22
Most CFOs being left out of ransomware conversations

Barely a tenth of CFOs are actively involved in planning for cyber attacks, according to a report
May 25, 2022 25 May'22
New inquiry looks at the state of UK chips

Foreign Affairs Committee is fishing for evidence in a new inquiry assessing skills, security and end-to-end semiconductor supply chain concerns
May 25, 2022 25 May'22
Rubrik charts data security path

Backup and recovery software provider Rubrik now sees itself as a cyber security company that helps organisations recover from ransomware and other data security threats
May 25, 2022 25 May'22
Building a pathway to commercial quantum computing

The shortage of expertise in quantum technologies will drive up salaries. A new report from TechUK assesses the route to commercialisation
May 24, 2022 24 May'22
ICO orders facial recognition firm Clearview AI to delete all data about UK residents

UK data watchdog fines facial recognition company Clearview AI £7.5m for multiple privacy breaches. The firm, which offers services to law enforcement, faces growing pressure from regulators and legal action around the world
May 24, 2022 24 May'22
Ransomware volumes grew faster than ever in 2021

Verizon’s annual DBIR assessment of the security landscape highlights an unprecedented boom in ransomware volumes, to the surprise of nobody
May 24, 2022 24 May'22
Bad bots make up a quarter of APAC’s web traffic

Bots that run automated tasks have been responsible for stealing personal information among other malicious activities in the Asia-Pacific region, study finds
May 23, 2022 23 May'22
Did the Conti ransomware crew orchestrate its own demise?

Analysts examining the shutdown of the Conti ransomware syndicate suggest the cyber crime collective orchestrated its own demise
May 23, 2022 23 May'22
How Ivanti views patch management with a security lens

Bringing development, operations and security teams together will help organisations to improve their visibility of IT assets and vulnerabilities while keeping threat actors at bay
May 20, 2022 20 May'22
Applying international law to cyber will be a tall order

Many in the security community have voiced their support for the UK government’s ambitions to work towards agreement with other countries on the application of international law to cyber space, but not without some reservations
May 20, 2022 20 May'22
Microsoft drops emergency patch after Patch Tuesday screw up

Microsoft fixed a certificate mapping issue that caused server authentication failures on domain controllers for users that had installed the most recent Patch Tuesday updates
May 20, 2022 20 May'22
Former Welsh steelworks becomes ‘living’ cyber lab

ResilientWorks security centre in Ebbw Vale provides an education hub for students and a testbed for industry
May 20, 2022 20 May'22
Chinese cyber spooks exploit western sanctions on Russia

The actor behind an ongoing Chinese espionage campaign targeting Russian defence research bodies is taking advantage of the Ukraine war in their phishing lures
May 19, 2022 19 May'22
Defensive cyber attacks may be justified, says attorney general

Speaking ahead of a speech at the Chatham House think tank, the UK’s attorney general has suggested defensive cyber attacks against hostile countries may be legally justifiable
May 19, 2022 19 May'22
Top cyber criminal earnings outpace those of business leaders

Cyber crime can pay significantly better than leading a FTSE 100 organisation, according to a report
May 19, 2022 19 May'22
Nature of cyber war evolving in real time, says Microsoft president

The past three months have seen the rapid evolution of the very nature warfare to incorporate cyber attacks, Microsoft’s Brad Smith tells the audience at its Envision conference in London
May 19, 2022 19 May'22
Deliveroo accused of ‘soft union busting’ with GMB deal

Smaller grassroots unions have criticised Deliveroo and GMB for making a “hollow” deal that will ultimately undermine workers’ self-organising efforts
May 19, 2022 19 May'22
Red teaming will be standard in Dutch governmental organisations by 2025

The Dutch government wants to include the testing of the digital security of systems, processes and people – also known as red teaming – in all of its governmental organisations’ test planning and budgeting by 2025 at the latest