News

Privacy and data protection

• June 27, 2022 27 Jun'22

  Commercial cyber products must be used responsibly, says NCSC CEO

  NCSC’s Lindy Cameron is to speak out on responsible regulation of cyber capabilities at an event in Tel Aviv, Israel

• June 23, 2022 23 Jun'22

  FCA seeks more tech expertise in fight against fraud

  UK financial services regulator wants technology professionals to join its team fighting online fraud

• June 22, 2022 22 Jun'22

  Uber drivers strike over pay issues and algorithmic transparency

  Unionised Uber drivers take industrial action against the company over its failure to pay workers in line with a Supreme Court decision and inflation, as well as the lack of transparency around how it uses their data

• June 22, 2022 22 Jun'22

  NatWest files under whistleblower’s bed contain live customer data

  Former Royal Bank of Scotland worker wants bank to take back customer files and provide an ‘adequate receipt’

• June 22, 2022 22 Jun'22

  How TDCX is building a people-centric business

  Every digital tool deployed by the Singapore-based services firm is aimed at augmenting the performance and experience of its employees, says TDCX’s group CIO, Byron Fernandez

• June 21, 2022 21 Jun'22

  Microsoft Office 365 has ability to ‘spy’ on workers

  Microsoft faces calls for ‘transparency’ over tools in Office 365 that allow employers to read staff emails and monitor their computer use at work

• June 17, 2022 17 Jun'22

  Government responds to Data Reform Bill consultation

  Westminster claims its new data laws will boost British benefits, protect consumers, and seize the ‘benefits’ of Brexit

• June 16, 2022 16 Jun'22

  TalkTalk hacker Daniel Kelley gives up his black hat for good

  After serving a four-year prison sentence for his role in the 2015 TalkTalk hack and other cyber offences, Daniel Kelley now wants to pursue a legitimate cyber security career

• June 16, 2022 16 Jun'22

  Dundee security research centre opens with support from SBRC

  An £18m hub at Abertay University in Dundee forms the centrepiece of Scotland’s first security research cluster

• June 16, 2022 16 Jun'22

  Office 365 loophole may give ransomware an easy shot at your files

  Researchers at Proofpoint have discovered potentially dangerous Microsoft Office 365 functionality that they believe may give ransomware a clear shot at files stored on SharePoint and OneDrive

• June 16, 2022 16 Jun'22

  Interpol arrests thousands in global cyber fraud crackdown

  A two-month operation saw law enforcement agencies in 76 countries crack down on organised cyber fraud

• June 13, 2022 13 Jun'22

  UK, US prepare to launch PET project

  A transatlantic prize challenge to accelerate development of privacy-enhancing technologies is set to begin

• June 13, 2022 13 Jun'22

  New UK digital strategy aims to secure future growth for £150bn digital economy

  Government publishes plan that brings together existing and new initiatives intended to expand the digital sector and help to establish the UK as a ‘superpower’ in science and tech

• June 13, 2022 13 Jun'22

  New warning over tech suppliers in thrall to hostile governments

  Ukraine war could lead to shakeup of dual-use tech exports, says former UK intelligence officer

• June 13, 2022 13 Jun'22

  Health data strategy to exorcise ghosts of GPDPR

  Government publishes a revised data in health strategy, with an emphasis firmly on preserving the integrity and privacy of patients’ confidential information

• June 13, 2022 13 Jun'22

  Qatar bolsters cyber security in preparation for World Cup

  With hackers honing their cyber weapons to target the upcoming football World Cup, Qatar is busy developing countermeasures and raising awareness

• June 10, 2022 10 Jun'22

  ICO fails to disclose majority of reprimands issued under GDPR

  London law firm Mishcon de Reya forces disclosure of reprimands issued to organisations by the Information Commissioner’s Office for contraventions of UK data protection law

• June 10, 2022 10 Jun'22

  Researchers find eight CVEs in single building access system

  A series of eight vulnerabilities in Carrier LenelS2 building access panels could enable malicious actors to obtain physical access to their targets

• June 09, 2022 09 Jun'22

  Trade body calls for public-private sector collab on digital ID

  TechUK has published a report outlining 10 key recommendations it believes are urgently needed to enable the rapid creation of an effectively regulated digital identity marketplace

• June 09, 2022 09 Jun'22

  Cyber researchers step in to fill Patch Tuesday’s shoes

  Afraid you’ll miss Patch Tuesday when it’s gone? You’re not alone, but security analysts at Recorded Future are taking action to help the community come to terms with its loss

• June 07, 2022 07 Jun'22

  Weak IT and SecOps collaboration in ANZ opens doors to cyber attacks

  The weak collaboration between IT and security teams in Australia and New Zealand is exposing their organisations to data loss, business disruption and other potential consequences of cyber attacks

• May 31, 2022 31 May'22

  Industrial systems not safe for the future, say Dutch ethical hackers

  Ethical hackers in the Netherlands say operational technology and IT networks need to be integrated to prevent cyber attacks penetrating their operations

• May 31, 2022 31 May'22

  Singapore doubles down on quantum technology

  The city-state is shoring up its quantum talent and quantum device manufacturing capabilities in a bid to advance its knowhow in the emerging technology

• May 30, 2022 30 May'22

  ICO calls for police to end ‘excessive collection’ of personal data from rape and assault victims

  The UK’s information commissioner, John Edwards, has called for prosecutors and police to end the excessive collection of personal data from victims of rape and serious sexual assault

• May 26, 2022 26 May'22

  Two-thirds of UK organisations defrauded since start of pandemic

  Nearly two out of three UK companies say they have experienced some form of fraud or economic crime in the past two years, according to a report

• May 25, 2022 25 May'22

  Rubrik charts data security path

  Backup and recovery software provider Rubrik now sees itself as a cyber security company that helps organisations recover from ransomware and other data security threats

• May 24, 2022 24 May'22

  ICO orders facial recognition firm Clearview AI to delete all data about UK residents

  UK data watchdog fines facial recognition company Clearview AI £7.5m for multiple privacy breaches. The firm, which offers services to law enforcement, faces growing pressure from regulators and legal action around the world

• May 23, 2022 23 May'22

  How Ivanti views patch management with a security lens

  Bringing development, operations and security teams together will help organisations to improve their visibility of IT assets and vulnerabilities while keeping threat actors at bay

• May 20, 2022 20 May'22

  Chinese cyber spooks exploit western sanctions on Russia

  The actor behind an ongoing Chinese espionage campaign targeting Russian defence research bodies is taking advantage of the Ukraine war in their phishing lures

• May 19, 2022 19 May'22

  Defensive cyber attacks may be justified, says attorney general

  Speaking ahead of a speech at the Chatham House think tank, the UK’s attorney general has suggested defensive cyber attacks against hostile countries may be legally justifiable

• May 19, 2022 19 May'22

  Nature of cyber war evolving in real time, says Microsoft president

  The past three months have seen the rapid evolution of the very nature warfare to incorporate cyber attacks, Microsoft’s Brad Smith tells the audience at its Envision conference in London

• May 19, 2022 19 May'22

  Red teaming will be standard in Dutch governmental organisations by 2025

  The Dutch government wants to include the testing of the digital security of systems, processes and people – also known as red teaming – in all of its governmental organisations’ test planning and budgeting by 2025 at the latest

• May 18, 2022 18 May'22

  Mastercard biometric programme will allow payment authentication by smile

  Mastercard is inviting banks and merchants to join a programme to set standards for biometric payments technology

• May 17, 2022 17 May'22

  Veeam outlines data protection vision

  Veeam is looking to achieve an “outsized market leading position” by tapping its strengths in data protection and doubling down on innovation to help enterprises secure emerging workloads

• May 16, 2022 16 May'22

  Europol gears up to collect big data on European citizens after MEPs vote to expand policing power

  The European Parliament has voted to expand Europol’s role, legalising its processing of bulk datasets containing personal information and endorsing research into predictive policing technologies

• May 12, 2022 12 May'22

  GPDPR data scrape a ‘mistake’, says leading scientist

  Giving evidence to the Science and Technology Committee, academic, physician and science writer Ben Goldacre has expressed serious misgivings about the on-hold GPDPR NHS data scrape

• May 11, 2022 11 May'22

  Nerbian RAT enjoys using Covid-19 phishing lures

  The world is slowly coming to terms with Covid-19, but fear of the coronavirus is no less useful to cyber criminals because of it, as Proofpoint researchers have discovered

• May 11, 2022 11 May'22

  Emotet has commanding lead on Check Point monthly threat chart

  Emotet remains by some margin the most prevalent malware, according to Check Point’s latest monthly statistics

• May 11, 2022 11 May'22

  CyberUK 22: Data-sharing service to protect public from scams

  A new data-sharing service set up by the NCSC and industry partners will give ISPs access to real-time threat data that they can use to block fraudulent websites

• May 11, 2022 11 May'22

  EU plans to police child abuse raise fresh fears over encryption and privacy rights

  Draft regulation unveiled today will require internet and messaging firms to use algorithms to identify grooming and child abuse or face heavy fines

• May 10, 2022 10 May'22

  ‘Spy cops’ inquiry delves into police relationship with MI5

  There was ‘no filter’ on the information that undercover police officers were collecting on activists throughout the 1970s, despite senior managers and officials involved in directing the surveillance questioning the appropriateness of the ...

• May 10, 2022 10 May'22

  CyberUK 22: Cyber leaders affirm UK’s whole-of-society strategy

  On the opening day of CyberUK 2022, GCHQ director Jeremy Fleming and NCSC CEO Lindy Cameron have spoken of their commitment to the government’s ambition for a whole-of-society cyber strategy

• May 10, 2022 10 May'22

  CyberUK 22: NCSC refreshes cloud security guidance

  The National Cyber Security Centre is revising its cloud guidance as increasing uptake of potentially vulnerable cloud services puts more organisations at risk of compromise

• May 09, 2022 09 May'22

  CyberUK 22: NCSC’s ACD programme blocks 2.7 million scams

  On the opening day of its annual CyberUK event, the NCSC reveals how organisations around the country have used its Active Cyber Defence programme to their advantage

• May 06, 2022 06 May'22

  UK digital markets regulator to be given statutory powers

  Digital Markets Unit will be put on statutory footing by UK government to ensure technology giants do not abuse market power, but announcement comes with no clear indication of when legislation will be introduced

• May 06, 2022 06 May'22

  IT infrastructure used to launch DDoS attack on Russian targets

  Organisations could unwittingly be participating in hostile activity against the Russian government as compromised IT infrastructure is used without their knowledge to launch denial of service attacks

• May 04, 2022 04 May'22

  NHS email accounts hijacked for phishing campaign

  Microsoft credentials targeted in phishing operation using hijacked NHSMail accounts

• May 04, 2022 04 May'22

  Intellectual property theft operation attributed to Winnti group

  Winnti conducted a prolonged cyber espionage campaign that went undetected for years, allowing it to exfiltrate massive amounts of corporate data and intellectual property

• May 03, 2022 03 May'22

  Five TLS comms vulnerabilities hit Aruba, Avaya switching kit

  Five new vulnerabilities in the implementation of transport layer security communications leave several popular switches vulnerable to remote code execution

• April 28, 2022 28 Apr'22

  Manufacturer sues JPMorgan after cyber criminals stole $272m

  Manufacturer files lawsuit alleging that US bank failed to inform it of suspicious transaction activity