News

Identity and access management products

• January 15, 2024 15 Jan'24

  NCA director sacked after WhatsApp and email security breaches

  Nikki Holland, former director of investigations at the NCA, was sacked for “misconduct” after sending sensitive NCA information over personal email and WhatsApp

• January 12, 2024 12 Jan'24

  UK government seeks public views on impacts of AI-generated porn

  The government’s Pornography Review will look in part at the use of AI throughout the industry to generate sexually explicit content without people’s consent

• January 10, 2024 10 Jan'24

  SEC social media hack highlights value of MFA

  The US SEC briefly appeared to approve new bitcoin trading rules after a social media account was targeted by troublemakers, proving the value of MFA once again

• January 10, 2024 10 Jan'24

  Scotland ‘sleepwalking’ to mass surveillance with DPDI Bill

  The independent checks and balances over biometrics and biometric-enabled surveillance must be strengthened to prevent Scotland from sliding into a surveillance state along with the rest of the UK

• December 27, 2023 27 Dec'23

  Top 10 police technology stories of 2023

  Here are Computer Weekly’s top 10 police technology stories of 2023

• December 21, 2023 21 Dec'23

  Top 10 cyber crime stories of 2023

  Ransomware gangs dominated the cyber criminal underworld in 2023, a year that will prove notable for significant evolutionary trends in their tactics

• December 14, 2023 14 Dec'23

  The Security Interviews: Talking identity with Microsoft’s Joy Chik

  Microsoft’s president of identity and network access, Joy Chik, joins Computer Weekly to discuss the evolving threat landscape in identity security, using innovations in artificial intelligence to stay ahead, and advocating for the coming ...

• December 12, 2023 12 Dec'23

  Top IT predictions in APAC in 2024

  Generative AI will continue to leave its mark on many areas in business and IT, along with other trends such as sustainability, cyber security and smart factories that are expected to shape the region’s technology landscape in 2024

• December 01, 2023 01 Dec'23

  Human augmentation tech requires dual use oversight

  Researchers investigating human augmentation technologies must acknowledge the potential military applications of their work, and military bodies cannot be allowed to dismiss ethical concerns in their pursuit of national security interests, says NGO...

• December 01, 2023 01 Dec'23

  The Security Interviews: Mark McClain, SailPoint Technologies

  SailPoint founder and CEO Mark McClain reflects on how the concept of identity has evolved over the past 20 years, and points to rapid evolution still to come

• November 29, 2023 29 Nov'23

  Scope of Okta helpdesk breach widens to impact all users

  Okta has widened the scope of the October breach of its systems to include every customer that has used its helpdesk service, after new information came to light

• November 24, 2023 24 Nov'23

  UK police plan national roll-out of facial-recognition phone app

  UK police chiefs plan to expand use of facial-recognition technology through a nationwide roll-out of mobile-based tools and increases in retrospective facial-recognition, but oversight problems persist

• November 23, 2023 23 Nov'23

  Australia ups ante on cyber security

  Australia’s new cyber security strategy will focus on building threat-blocking capabilities, protecting critical infrastructure and improving the cyber workforce, among other priorities

• November 22, 2023 22 Nov'23

  An inside look at a Scattered Spider cyber attack

  Threat researchers at ReliaQuest share the inside track on a Scattered Spider cyber attack they investigated

• November 21, 2023 21 Nov'23

  Canada’s Mounties among government employees hit by LockBit

  A LockBit attack on a specialist supplier of relocation services has engulfed multiple government agencies in Canada

• November 16, 2023 16 Nov'23

  Outgoing police tech watchdog warns of declining oversight

  The outgoing biometrics and surveillance camera commissioner for England and Wales discusses police deployment of powerful new surveillance technologies, and the declining state of oversight in this area

• November 06, 2023 06 Nov'23

  Shadow IT use at Okta behind series of damaging breaches

  Okta now believes the initial access vector in a series of damaging breaches was one of its own employees who used a corporate device to sign into their personal Google account

• November 02, 2023 02 Nov'23

  EU digital ID reforms should be ‘actively resisted’, say experts

  Over 300 cyber security experts have called for the EU to rethink its proposals for eIDAS digital identity reforms, saying some of the provisions risk damaging user privacy and security

• October 27, 2023 27 Oct'23

  Microsoft warns over growing threat from Octo Tempest gang

  The English-speaking Octo Tempest extortion gang – which became an ALPHV/BlackCat affiliate recently – presents one of the most significant and rapidly growing threats to large organisations at this time, says Microsoft

• October 25, 2023 25 Oct'23

  Demystifying the top five OT security myths

  Goh Eng Choon, president of ST Engineering’s cyber business, outlines the common myths around OT security in a bid to raise awareness of the security challenges confronting OT systems

• October 25, 2023 25 Oct'23

  1Password caught up in Okta support breach

  After breaches at BeyondTrust and Cloudflare, 1Password, a third customer of Okta operating in the same space, has revealed that it too was impacted in a breach of the IAM house’s support systems

• October 19, 2023 19 Oct'23

  Loughborough Uni to create five cyber AI research posts

  Supported by Darktrace, Loughborough University is to recruit five doctoral researchers focusing on cross-disciplinary research in AI and cyber security

• October 10, 2023 10 Oct'23

  MGM faces £100m loss from cyber attack on its casinos

  MGM Resorts has provided further details on the fallout of the hack targeting its casinos in early September, confirming that a range of personal information has been stolen and that it will likely cost the firm around $100m

• October 05, 2023 05 Oct'23

  Policing minister wants to use UK passport data in facial recognition

  The policing minister’s plans to integrate the UK’s passport database with police facial-recognition systems have been met with criticism from campaigners, academics, and the biometrics commissioner for England and Wales

• October 04, 2023 04 Oct'23

  Lloyds Bank launches digital identity app

  Lloyds Bank has launched a digital identity app with tech startup Yoti, after it invested £10m in the firm

• September 28, 2023 28 Sep'23

  Strasbourg court condemns Turkey for jailing teacher for using ByLock encrypted messaging app

  The case is expected to have implications for the use of digital evidence in prosecutions against users of other encrypted phone apps

• September 28, 2023 28 Sep'23

  Security and risk management spending to grow 14% next year

  Growth in public cloud services will stand out over the next 12 months, as Gartner projects an overall 14% increase in cyber spending in 2024

• September 26, 2023 26 Sep'23

  Cover-ups still the norm in the wake of a cyber incident

  Almost half of organisations that have experienced a cyber incident did not report it to the appropriate authorities, according to a report

• September 19, 2023 19 Sep'23

  Okta confirms link to cyber attacks on Las Vegas casinos

  Okta CISO David Bradbury confirms widespread speculation about the high-profile cyber attacks on two Las Vegas casino operators, revealing that the threat actors responsible had indeed abused its services as they earlier claimed

• September 19, 2023 19 Sep'23

  38TB Microsoft data leak highlights risks of oversharing

  An accidentally disclosed SAS token with excessive privileges enabled researchers to access nearly 40TB of Microsoft’s data, highlighting the risks of privilege mismanagement and oversharing

• September 15, 2023 15 Sep'23

  Las Vegas mainstay Caesars Palace likely paid off ransomware crew

  Caesars Entertainment, owner of the lavish Roman Empire-themed Caesars Palace casino in Las Vegas, has revealed it also suffered a ransomware attack, and appears to have paid off its hackers

• September 15, 2023 15 Sep'23

  Manchester police data breach a classic supply chain incident

  The developing data breach at Greater Manchester Police follows a cyber attack on the systems of a key supplier of ID services to the force

• September 13, 2023 13 Sep'23

  Storm-0324 gathers over Microsoft Teams

  An initial access broker associated with several different ransomware operations is now conducting Microsoft Teams phishing attacks

• September 13, 2023 13 Sep'23

  How DocuSign is extending its capabilities beyond e-signatures

  DocuSign is harnessing large language models to help individuals make sense of agreements and employing AI-based biometrics to verify the identity of signers, as part of its broader efforts to expand its capabilities beyond electronic signatures

• September 08, 2023 08 Sep'23

  Sensitive NatWest customer files set to be returned after High Court agreement

  Sensitive NatWest customer files set to be secured by bank after years in the home of a data breach whistleblower

• September 08, 2023 08 Sep'23

  HGS to provide contact centre support for One Login

  The partnership between the Government Digital Service and Hinduja Global Solutions will see the supplier provide contact centre services for the digital identity platform

• September 07, 2023 07 Sep'23

  Finnish government to bolster spending on cyber-AI defences

  Finland’s government will increase spending on cyber security amid heightened threats from artificial intelligence-based attacks

• September 06, 2023 06 Sep'23

  Meet the professional BEC op that targeted Microsoft 365 users for years

  The so-called W3LL cyber crime operation ran a phishing empire that has played a large role in compromising Microsoft 365 accounts for years. Its activities are now coming to light thanks to Group-IB researchers

• September 06, 2023 06 Sep'23

  Okta customers targeted in new wave of social engineering attacks

  Authentication specialist Okta has warned customers to be on alert for a campaign of social engineering attacks exploiting highly privileged users

• September 05, 2023 05 Sep'23

  Researchers find flaw in Mend.io security platform

  WithSecure’s research team uncovered an authentication flaw in an application security platform developed by Mend.io, which has now been fixed

• August 31, 2023 31 Aug'23

  Home Office and MoD seeking new facial-recognition tech

  The UK’s Defence and Security Accelerator is running a ‘market exploration’ exercise on behalf of the Home Office to identify new facial-recognition capabilities for security and policing bodies in the UK

• August 31, 2023 31 Aug'23

  Post Office to provide in-person identity checks for One Login

  Partnership between the Government Digital Service and the Post Office will see postmasters and staff provide face-to-face identity checks for those unable to use the One Login app or website

• August 24, 2023 24 Aug'23

  Google bets on AI-backed cyber controls for Workspace users

  Zero-trust and digital sovereignty controls are the focus of a series of enhancements being made for Google Workspace users

• August 18, 2023 18 Aug'23

  NatWest customer calls bank’s handling of breach of his data ‘disgusting’

  A second NatWest customer has contacted Computer Weekly after finding out from a whistleblower that his sensitive personal data has been in her home for 14 years

• August 16, 2023 16 Aug'23

  CyberArk eyes growth beyond PAM

  CyberArk is seeing exponential growth in the broader identity security market as the company expands its capabilities beyond privileged access management

• August 14, 2023 14 Aug'23

  NatWest offers compensation to customer affected by data breach exposed by whistleblower

  NatWest bank has offered compensation to a former customer affected by a data breach alongside around 1,600 other former and current customers

• August 08, 2023 08 Aug'23

  MPs warn about growing prevalence of tech-enabled domestic abuse

  The UK government must take action to prevent perpetrators from being able to use connected or smart technologies to conduct their domestic abuse, a select committee has warned

• August 08, 2023 08 Aug'23

  Workplace monitoring needs worker consent, says select committee

  Employers looking to monitor their employees through connected devices should only to so with the consent of those affected due to negative impacts such surveillance can have on work intensification and mental health

• August 03, 2023 03 Aug'23

  Cozy Bear hijacks SME Microsoft 365 tenants in latest campaign

  Microsoft shares intelligence on a newly observed Cozy Bear campaign that saw the APT take over genuine Microsoft 365 tenants and subvert them to try to phish its victims

• July 28, 2023 28 Jul'23

  How Indian organisations are keeping pace with cyber security

  Indian organisations are shoring up their defences to improve their cyber resilience amid intensifying cyber threats targeted at key sectors such as healthcare and logistics