News

IT security

• May 14, 2024 14 May'24

  CyberUK 24: UK insurance industry gets tough on ransomware

  Three of the UK’s largest insurance associations have signed on to a new initiative spearheaded by the NCSC to try to bring down the number of ransomware payments being made

• May 14, 2024 14 May'24

  NHS trust dismisses governors who questioned allegations of email tampering

  Two NHS trust governors who raised questions in a dispute over allegations of email tampering concerning whistleblower Peter Duffy have been dismissed after an investigation that followed their suspension

• May 10, 2024 10 May'24

  Major breach of customer information developing at Dell

  Almost 50 million data records relating to Dell customers appear to have been compromised in a major cyber breach

• May 10, 2024 10 May'24

  Over 5.3 billion data records exposed in April 2024

  The number of data records breached in April 2024 hit over five billion, a staggering year-on-year increase

• May 09, 2024 09 May'24

  Cyber attack victims need to speak up, says ICO

  The Information Commissioner’s Office is urging organisations to be transparent and learn from each other’s mistakes as it reveals most of the cyber attacks it responds to stem from the same core errors

• May 09, 2024 09 May'24

  Wales gets UK’s first national SOC

  The first national security operations centre of its kind in the UK has opened in the south of Wales to safeguard public sector bodies across the country

• May 09, 2024 09 May'24

  Ofcom publishes draft online child safety rules for tech firms

  In the draft codes, Ofcom calls on technology firms to use ‘robust’ age-checking and content moderation systems to keep harmful material away from children online

• May 08, 2024 08 May'24

  Police accessed phone records of ‘trouble-making journalists’

  The Police Service of Northern Ireland ran a rolling programme to monitor phone records of journalists to identify the source of police leaks, it was claimed today

• May 08, 2024 08 May'24

  Cyber attack ruled out as source of UK Border Force outage

  An IT outage that caused automated passport control e-gates to crash across the UK has been resolved, with a cyber attack ruled out as the cause

• May 08, 2024 08 May'24

  Germany: European Court of Justice ruling on EncroChat could lead to new legal challenges

  A ruling by the European Court of Justice could prompt legal challenges in EncroChat prosecutions in Germany and other EU states

• May 07, 2024 07 May'24

  Chinese APT suspected of Ministry of Defence hack

  A cyber attack on the Ministry of Defence is suspected to be the work of threat actors working on behalf of Chinese intelligence

• May 07, 2024 07 May'24

  NCA unmasks LockBitSupp cyber gangster who toyed with pursuers

  The NCA and its partners have named the administrator of the LockBit ransomware gang, LockBitSupp, as Dmitry Khoroshev, who now faces sanctions and criminal charges

• May 07, 2024 07 May'24

  Versa Networks adds AI capabilities to SASE platform

  Artificial intelligence and machine learning-based secure access service edge provider enhances core solution to include GenAI firewall for threat detection and data protection

• May 06, 2024 06 May'24

  Microsoft beefs up cyber initiative after hard-hitting US report

  Microsoft is expanding its recently launched Secure Future Initiative in the wake of a hard-hitting US government report on recent nation state intrusions into its systems

• May 03, 2024 03 May'24

  Adobe expands bug bounty programme to account for GenAI

  Adobe has expanded the scope of its HackerOne-driven bug bounty scheme to incorporate flaws and risks arising from the development of generative artificial intelligence

• May 03, 2024 03 May'24

  Patch GitLab vuln without delay, users warned

  The addition of a serious vulnerability in the GitLab open source platform to CISA’s KEV catalogue prompts a flurry of concern

• May 03, 2024 03 May'24

  EU calls out Fancy Bear over attacks on Czech, German governments

  The European Union, alongside member states Czechia and Germany, have accused Russian government APT Fancy Bear of being behind a series of attacks on political parties and government bodies

• May 03, 2024 03 May'24

  Optimising application connections, improving security posture top SD-WAN priorities

  Research looking into key drivers behind global SD-WAN investments find deployments are mainly driven by need to optimise network connections to cloud-based applications and improve overall security posture

• May 03, 2024 03 May'24

  Why IAM is central to cyber security

  BeyondTrust’s chief security strategist talks up the importance of identity and access management, and the role of cyber insurance in driving security improvements

• May 02, 2024 02 May'24

  Palo Alto Networks claims to raise bar on SASE

  Palo Alto Networks releases version 3.0 of SASE tech designed to extend zero trust to unmanaged devices, secure data with artificial intelligence and boosts application performance for partners and customers

• May 02, 2024 02 May'24

  NCSC updates warning over hacktivist threat to CNI

  The NCSC and CISA have warned about the evolving threat from Russia-backed hacktivist threat actors targeting critical national infrastructure, after a number of American utilities were attacked

• May 02, 2024 02 May'24

  Ukrainian national sentenced over REvil ransomware spree

  A 24-year-old Ukrainian man has been sentenced to more than 13 years in prison after being convicted of his role in the REvil ransomware attacks

• May 02, 2024 02 May'24

  Dropbox Sign user information accessed in data breach

  Account data belonging to Dropbox Sign users was accessed by an unknown threat actor after they hacked into the organisation’s backend infrastructure

• May 02, 2024 02 May'24

  BBC instructs lawyers over allegations of police surveillance of journalist

  Lawyers for the BBC have written to the Investigatory Powers Tribunal over allegations that the Police Service of Northern Ireland spied on investigative journalist Vincent Kearney

• May 02, 2024 02 May'24

  How Okta is fending off identity-based attacks

  Okta has been bolstering the security of its own infrastructure and building new tools to scan customer environments for vulnerable identities, among other efforts to fend off identity-based attacks

• May 01, 2024 01 May'24

  EMEA CISOs must address human factors behind cyber incidents

  The 17th annual Verizon report on data breaches makes for sobering reading for security pros, urging them to do more to address the human factors involved in cyber incidents, and highlighting ongoing issues with zero-day patching

• May 01, 2024 01 May'24

  Australia’s Qantas apologises for mobile app data breach

  Australian flag carrier Qantas has apologised after a glitch in its mobile application temporarily enabled some customers to view the flights and booking details of other frequent fliers on two separate occasions

• May 01, 2024 01 May'24

  Secure coding benchmark to increase standards among developers

  Developer security advocate Secure Code Warrior has launched what it claims is the industry’s first benchmark designed to quantify the security competence of its customers’ software developer teams

• May 01, 2024 01 May'24

  DWP anti-fraud measures will allow monitoring of bank accounts of landlords, carers and parents

  Parliamentarians raise concerns that a proposed law to require banks to monitor the accounts of millions of people receiving state benefits could lead to those on welfare being denied accommodation or bank accounts

• May 01, 2024 01 May'24

  Autonomous weapons reduce moral agency and devalue human life

  Military technology experts gathered in Vienna have warned about the detrimental psychological effects of AI-powered weapons, arguing that implementing systems of algorithmic-enabled killing dehumanises both the user and the target

• April 30, 2024 30 Apr'24

  Persistent data breaches deny people with HIV dignity and privacy

  The ICO has urged charities and healthcare organisations that work with people living with HIV to do better when it comes to protecting their personal data, after the HIV status of more than 100 people was accidentally disclosed by London’s Central ...

• April 30, 2024 30 Apr'24

  Keeper to help Williams F1 keep up with cyber challenges

  Keeper Security signs up to support F1 team Williams Racing with credential management ahead of the 2024 Miami Grand Prix

• April 30, 2024 30 Apr'24

  Global majority united on multilateral regulation of AI weapons

  Foreign ministers and civil society representatives say that multilateralism is key to controlling the proliferation and use of AI-powered autonomous weapons, but that a small number of powerful countries are holding back progress

• April 30, 2024 30 Apr'24

  Bad bot traffic in Australia grew 23% in 2023

  Traffic from bad bots that perform malicious tasks accounted for 30.2% of Australia’s internet traffic in 2023

• April 29, 2024 29 Apr'24

  UK’s long-awaited device security law kicks in

  The Product Security and Telecommunications Infrastructure Act has become law across the UK, enforcing basic cyber security standards across connected products sold to the public

• April 29, 2024 29 Apr'24

  Cradlepoint unveils 5G-optimised SASE to deliver agile enterprises

  Ericsson division unveils SASE solution said to enable lean IT teams to establish zero-trust networks in as little as six minutes securing environments such as roaming vehicles, IoT devices and pop-up locations

• April 26, 2024 26 Apr'24

  Post Office ‘lied’ to subpostmasters when forced to meet them, says former federation representative

  Post Office executives were forced to meet subpostmasters to discuss an unexplained error in their branch, then misled the branch managers over remote access

• April 25, 2024 25 Apr'24

  Progress being made on gender diversity in cyber

  Women make up a higher percentage of new entrants to the cyber security profession, particularly among younger age groups, and are increasingly taking up leadership positions and hiring roles, but challenges still persist

• April 25, 2024 25 Apr'24

  Zero trust is a strategy, not a technology

  Zero-trust security should be seen as a strategy to protect high-value assets and is not tied to a specific technology or product, says the model’s creator John Kindervag

• April 24, 2024 24 Apr'24

  Mandatory MFA pays off for GitHub and OSS community

  Mandating multifactor authentication for select developers has been a huge success for GitHub, the platform reports, and now it wants to go further

• April 24, 2024 24 Apr'24

  Cyber training leader KnowBe4 to buy email security firm Egress

  Security awareness training and phishing simulation specialist KnowBe4 is to buy email security expert Egress

• April 24, 2024 24 Apr'24

  TikTok ban sails through US Senate

  A law that will ban TikTok in the US unless its owner sells up pronto passed the US Senate by a landslide majority after being included in a package of military aid

• April 24, 2024 24 Apr'24

  Education will be key to good AI regulation: A view from the USA

  Computer Weekly sat down with Salesforce’s vice-president of federal government affairs, Hugh Gamble, to find out how the US is forging a path towards AI regulation, and how things look from Capitol Hill

• April 23, 2024 23 Apr'24

  GooseEgg proves golden for Fancy Bear, says Microsoft

  Microsoft’s threat researchers have uncovered GooseEgg, a never-before-seen tool being used by Forest Blizzard, or Fancy Bear, in conjunction with vulnerabilities in Windows Print Spooler

• April 23, 2024 23 Apr'24

  Lords split over UK government approach to autonomous weapons

  During a debate on autonomous weapons systems, Lords expressed mixed opinions towards the UK government’s current position, including its reluctance to adopt a working definition and commit to international legal instruments controlling their use

• April 22, 2024 22 Apr'24

  Former Sellafield consultant claims the nuclear complex tampered with evidence

  Whistleblower Alison McDermott claims former employer Sellafield tampered with metadata in letters used in evidence during an employment tribunal

• April 22, 2024 22 Apr'24

  Fujifilm plans to ‘make tape easy’ with Kangaroo SME appliance

  Fujifilm to add 100TB SME-focused Kangaroo tape infrastructure in a box to existing 1PB offer, as energy efficiency and security of tape make it alluring to customers

• April 22, 2024 22 Apr'24

  NCSC announces PwC’s Richard Horne as CEO

  Former PwC and Barclays cyber chief Richard Horne set to join UK’s National Cyber Security Centre as CEO

• April 22, 2024 22 Apr'24

  Digital Edge punching above its weight in Asia datacentre market

  Fast-growing datacentre provider Digital Edge is eyeing business from hyperscalers and counting on its strengths in datacentre operations and local partnerships to stand out from rivals

• April 22, 2024 22 Apr'24

  IT leaders hiring CISOs aplenty, but don’t fully understand the role

  Most businesses now have a CISO, but perceptions of what CISOs are supposed to do, and confusion over the value they offer, may be holding back harmonious relations, according to a report