News

IT security

• July 22, 2024 22 Jul'24

  NCA cracks digitalstress DDoS-for-hire operation

  The UK authorities have taken down a major component of the multinational DDoS cyber attack-for-hire ecosystem, hacking into the digitalstress.su service and exfiltrating data on its users, who now face arrest

• July 22, 2024 22 Jul'24

  NCSC: Beware of criminal CrowdStrike opportunists

  Financially motivated cyber criminals are already conducting opportunistic attacks on organisations that leverage the CrowdStrike incident, and more targeted attacks are sure to follow

• July 22, 2024 22 Jul'24

  CrowdStrike chaos shows risks of concentrated ‘big IT’

  The concentration of so much mission-critical technology in the hands of a few large suppliers makes incidents like the Microsoft-CrowdStrike outage all the more dangerous

• July 21, 2024 21 Jul'24

  CrowdStrike update snafu affected 8.5 million Windows devices

  About 8.5 million devices globally were hit by the botched CrowdStrike update, with a significant number now back online and operational

• July 19, 2024 19 Jul'24

  Global Microsoft outage hits NHS GP IT system

  The Emis Web IT system used by more than half of GP practices in the UK is down, following the worldwide Microsoft outage

• July 19, 2024 19 Jul'24

  CrowdStrike security update fails Windows PCs globally

  An update to the security firm’s Falcon service has led to many Windows users being unable to work this morning. Microsoft 365 is also affected

• July 18, 2024 18 Jul'24

  Lawyers and journalists seeking ‘payback’ over police phone surveillance, claims former detective

  Former Durham detective will be required to give evidence to a tribunal investigating allegations that police unlawfully monitored journalists’ phones

• July 18, 2024 18 Jul'24

  Growth in nude image sharing heightens cyber abuse risk

  The normalisation of sharing self-created intimate content with others is putting great numbers of people at risk of online abuse, says Kaspersky

• July 18, 2024 18 Jul'24

  Netscout expands network observability for the digital edge

  Network performance management firm announces business edge observability for networks, applications and user experience to mitigate risk and reduce mean time to respond

• July 17, 2024 17 Jul'24

  UK Cyber Bill teases mandatory ransomware reporting

  In the Cyber Security and Resilience Bill introduced in the King's Speech, the UK's new government pledges to give regulators more teeth to ensure compliance with security best practice and to mandate incident reporting

• July 17, 2024 17 Jul'24

  Hackney Council reprimanded over 2020 ransomware attack

  The London Borough of Hackney has been reprimanded by the ICO over a series of failures that led to a devastating cyber attack, but at the same time, the regulator praised the local authority for its response and commitment to making improvements

• July 17, 2024 17 Jul'24

  Labour government plans new laws around cyber security, data sharing and skills

  The King's Speech outlined the legislative agenda for the new Parliament, including several bills that will impact the tech community

• July 17, 2024 17 Jul'24

  How iProov is fending off deepfake fraud

  Facial biometrics and controlled illumination can detect liveness, verify identities and help prevent deepfake attacks

• July 16, 2024 16 Jul'24

  Strategic Defence Review must emphasise cyber security, says industry

  Cyber security leaders say the new government's Strategic Defence Review needs to put digital security front and centre

• July 16, 2024 16 Jul'24

  Incubator Plexal heads to Singapore for CyberBoost

  Cyber startup hub Plexal expands its presence to Singapore through a new initiative, and sets its sights on helping new UK businesses break into the booming Asia-Pacific market

• July 16, 2024 16 Jul'24

  Cloud spend trumps AI but data, security and cost a common headache

  Nasuni-sponsored survey finds cloud projects higher on the to do list than AI, but data management, security and cost reduction are common themes in all areas of investment

• July 15, 2024 15 Jul'24

  NHS Trusts cancelled over 6,000 appointments after Qilin cyber attack

  The two NHS Trusts most heavily impacted by the Qilin ransomware attack on pathology services provider Synnovis have cancelled over 6,000 appointments and procedures in the past five weeks

• July 15, 2024 15 Jul'24

  How Snowflake is tackling AI challenges

  Snowflake’s regional leader Sanjay Deshmukh outlines how the company is helping customers to tackle the security, skills and cost challenges of AI implementations

• July 12, 2024 12 Jul'24

  AT&T loses ‘nearly all’ phone records in Snowflake breach

  Hackers have stolen records of virtually every call made by AT&T's customers during a six-month period in 2022, after compromising the US telco's Snowflake data environment

• July 12, 2024 12 Jul'24

  Public awareness of ID security grows, but big obstacles remain

  Consumers are improving their awareness of the issues around digital identity security, but there are still some big issues preventing many from doing better, according to an Okta report

• July 11, 2024 11 Jul'24

  Dutch research firm TNO pictures the SOC of the future

  In only a few years, security operations centres will have a different design and layout, and far fewer will remain

• July 11, 2024 11 Jul'24

  Inside Israel’s cyber security operations

  An emergency phone line allows cyber security analysts at the Israel Computer Emergency Response Team to map threats against national infrastructure

• July 10, 2024 10 Jul'24

  The security interview: Managing the ‘no’ mindset

  Matt Riley, data protection and information security officer at Sharp Europe, discusses balancing cyber risks with business leaders’ goals

• July 09, 2024 09 Jul'24

  Hyper-V zero-day stands out on a busy Patch Tuesday

  Microsoft has fixed almost 140 vulnerabilities in its latest monthly update, with a Hyper-V zero-day singled out for urgent attention

• July 09, 2024 09 Jul'24

  Chinese spies target vulnerable home office kit to run cyber attacks

  China’s APT40 is ramping up targeting of victims using vulnerable small and home office networking kit as command and control infrastructure, according to an international alert

• July 09, 2024 09 Jul'24

  Lessons from war: How Israel is fighting Iranian state-backed hacking

  The general director of the Israel National Cyber Directorate talks about the rise in cyber attacks and what lessons the country has gleaned to defend against hacking from foreign parties

• July 09, 2024 09 Jul'24

  Atos jumps on ‘moving train’ for Euro 2024

  Atos provides the IT supporting major recurring sporting events including Uefa’s European Football Championship

• July 08, 2024 08 Jul'24

  Synnovis attack highlights degraded, outdated state of NHS IT

  More cyber attacks against the health service are likely, and will succeed if something isn’t done to address the increasingly elderly NHS IT estate, experts are warning

• July 03, 2024 03 Jul'24

  NCA’s Operation Morpheus targets illicit Cobalt Strike use

  International law enforcement operation targets cyber criminals using the Cobalt Strike penetration testing framework for dodgy purposes

• June 28, 2024 28 Jun'24

  How FWD is driving its digital strategy

  FWD’s group chief technology and operations officer talks up how the pan-Asian insurer is driving change faster and putting technology at the heart of its services

• June 28, 2024 28 Jun'24

  How Recorded Future is operationalising threat intelligence

  Recorded Future is investing in APIs to enable automated security workflows, among other measures, to help organisations overcome the hurdles of operationalising threat intelligence

• June 27, 2024 27 Jun'24

  Gulf Edge to operate Google Distributed Cloud in Thailand

  The Gulf Energy subsidiary will offer Google’s sovereign cloud service in Thailand with a focus on air-gapped configurations

• June 26, 2024 26 Jun'24

  Scottish Courts and Tribunal Service replaces legacy SD-WAN

  Contract awarded for the deployment of cross-Scotland software-defined wide area network designed to ensure efficient, secure and reliable administrative services to the judiciaries of Scotland

• June 26, 2024 26 Jun'24

  Israel’s cyber chief calls for international front against Iranian hackers

  Israel’s cyber chief has called for international action against Iran over state-backed hacking

• June 26, 2024 26 Jun'24

  Police Scotland did not consult ICO about high-risk cloud system

  Police Scotland chose not to formally consult with the data regulator about the risks identified with a cloud-based digital evidence sharing system, while the regulator itself did not follow up for nearly three months

• June 25, 2024 25 Jun'24

  WikiLeaks founder Julian Assange freed from prison

  A deal reached with US authorities will end the WikiLeaks founder’s years-long legal saga, setting him free if he pleads guilty to a criminal conspiracy charge

• June 25, 2024 25 Jun'24

  NHS experts raise warning over patient data breach risk in registries project

  Clinicians warn that the NHS England Outcome Registries Platform has poor security and is vulnerable to cyber attack, putting critical patient data at risk of being exposed

• June 24, 2024 24 Jun'24

  Sellafield pleads guilty to criminal charges over cyber security

  Nuclear Decommissioning Authority-backed organisation Sellafield Ltd pleads guilty to criminal charges brought over significant cyber security failings that could have compromised sensitive nuclear information

• June 24, 2024 24 Jun'24

  Tata Communications hosted SASE claims to redefine networking, security

  Tata Communications claims world-first implementation of unified SASE solution to deliver unified visibility and control of network traffic with context-led insights and enhanced user experience

• June 24, 2024 24 Jun'24

  Hybrid work prompts spike in network security threats

  Survey shows more than two-thirds of organisations have seen an increase in network security threats over the past 18 months, with remote and hybrid working the biggest contributor to heightened threat levels

• June 21, 2024 21 Jun'24

  Sellafield whistleblower ordered to pay costs after email tampering claims

  A former consultant at Sellafield has been ordered to pay costs for having ‘acted unreasonably’ in claiming the nuclear facility tampered with metadata in letters used against her in court

• June 21, 2024 21 Jun'24

  Qilin ransomware gang publishes stolen NHS data online

  The ransomware gang behind a major cyber attack on NHS supplier Synnovis has published a 400GB trove of private healthcare data online

• June 21, 2024 21 Jun'24

  Executive interview: Open models pros and cons

  We speak to Meta’s vice-president of AI research about recent publicly released research and models, and the role of closed AI models

• June 21, 2024 21 Jun'24

  Kaspersky says it can continue to sell cyber threat intelligence in spite of US ban

  The US government is stopping Kaspersky Lab from offering its antivirus software and cyber security tools to US firms and citizens

• June 21, 2024 21 Jun'24

  ICO police cloud guidance released under FOI

  Long-awaited guidance from the UK data regulator on police cloud deployments highlights some potential data transfer mechanisms it thinks can clear up ongoing legal issues, but tells forces it’s up to them to decide if the measures would work

• June 20, 2024 20 Jun'24

  Sir Alan Bates hits out at Post Office ‘incompetence’ after data breach

  Victims of the scandal react with anger at news the Post Office published a document containing their names and addresses on its website

• June 19, 2024 19 Jun'24

  Microsoft admits no guarantee of sovereignty for UK policing data

  Documents show Microsoft’s lawyers admitted to Scottish policing bodies that the company cannot guarantee sensitive law enforcement data will remain in the UK, despite long-standing public claims to the contrary

• June 13, 2024 13 Jun'24

  Black Basta ransomware crew may be exploiting Microsoft zero-day

  A Microsoft vulnerability that was addressed without fanfare in March may in fact have been exploited as a zero-day by the notorious Black Basta ransomware gang, threat hunters warn

• June 12, 2024 12 Jun'24

  RCE flaw and DNS zero-day top list of Patch Tuesday bugs

  An RCE vulnerability in a Microsoft messaging feature and a third-party flaw in a DNS authentication protocol are the most pressing issues to address in Microsoft’s latest Patch Tuesday

• June 11, 2024 11 Jun'24

  PSNI ran secret unit to monitor journalists’ and lawyers’ phones, claims former senior officer

  The Police Service of Northern Ireland denies claims that its anti-corruption unit used a standalone computer to ‘avoid scrutiny and control’