News

Privacy and data protection

• November 08, 2023 08 Nov'23

  King’s Speech misses the mark on cyber law reform, says campaign

  A group of activists who want to reform the UK’s computer misuse laws to protect bona fide cyber pros from prosecution have been left disappointed by a lack of legislative progress

• November 07, 2023 07 Nov'23

  Unesco unveils seven-point anti-disinformation plan

  United Nations body outlines seven proposals for civil society, governments, regulators and tech platforms to adopt to combat the source of disinformation

• November 02, 2023 02 Nov'23

  UK workers exhibit poor security behaviours, report reveals

  Report by KnowBe4 has found that four in five UK workers do not make security-conscious choices, whether in-office, remote or hybrid working

• November 02, 2023 02 Nov'23

  How the UK crime agency repurposed Amazon cloud platform to analyse EncroChat cryptophone data

  UK crime agency repurposed AWS-based analytics platform to triage EncroChat data and identify threats to life in messages sent on encrypted phone network

• November 02, 2023 02 Nov'23

  EU digital ID reforms should be ‘actively resisted’, say experts

  Over 300 cyber security experts have called for the EU to rethink its proposals for eIDAS digital identity reforms, saying some of the provisions risk damaging user privacy and security

• November 01, 2023 01 Nov'23

  Darktrace CEO Poppy Gustafsson on her AI Safety Summit goals

  As the AI Safety Summit at Bletchley Park takes place, Computer Weekly caught up with Darktrace CEO Poppy Gustafsson to find out what one of the UK’s most prominent AI advocates wants from proceedings

• October 31, 2023 31 Oct'23

  Biden’s AI plans focus on US workers’ protection

  The US president has issued an Executive Order that sets out his administration’s strategy for AI safety and security

• October 30, 2023 30 Oct'23

  Frontier AI Taskforce starts recruitment drive

  The second progress report from the Frontier AI Taskforce reveals new hires plus vacancy posts for software and research engineers

• October 27, 2023 27 Oct'23

  Tech firms cite risk to end-to-end encryption as Online Safety Bill gets royal assent

  Tech firms continue to be concerned that the Online Safety Bill could undermine end-to-end encryption despite government reassurances

• October 27, 2023 27 Oct'23

  Domestic abuse charities surface fresh worries over NHS data sharing

  With new NHS data access options coming into effect at the end of October, a group of campaigners including womens' charities and the BMA have warned that the revived GP-patient data sharing scheme risks putting vulnerable people at risk

• October 27, 2023 27 Oct'23

  How Elastic manages cyber security threats

  Mandy Andress, CISO at Elastic, highlights the company’s approach to tackling evolving cyber threats through the use of AI tools and enhanced security measures while strengthening the capabilities of its security offerings

• October 27, 2023 27 Oct'23

  Germany: European Court opinion kicks questions over EncroChat back to national courts

  Germany lawfully obtained data on German EncroChat users from France, but whether the evidence is legally admissible is a matter for national courts

• October 26, 2023 26 Oct'23

  Sunak sets scene for upcoming AI Safety Summit

  Prime minister Rishi Sunak has outlined how the UK will approach making AI safe, but experts say there is still too big a focus on catastrophic but speculative risks over real harms the technology is already causing

• October 26, 2023 26 Oct'23

  Boardrooms losing control in generative AI takeover, says Kaspersky

  C-suite executives are increasingly fretful about what they perceive as a ‘silent infiltration’ of generative AI tools across their organisations

• October 25, 2023 25 Oct'23

  UK Finance paints mixed picture of fraud as losses top £500m

  UK losses to fraud in the first six months of the year topped £500m, but a slight decline in overall crime rates was observed, according to UK Finance’s latest data

• October 25, 2023 25 Oct'23

  1Password caught up in Okta support breach

  After breaches at BeyondTrust and Cloudflare, 1Password, a third customer of Okta operating in the same space, has revealed that it too was impacted in a breach of the IAM house’s support systems

• October 24, 2023 24 Oct'23

  Kaspersky opens up over spyware campaign targeting its staffers

  Kaspersky has shared more details of the TriangleDB spyware that was used against its own workforce by an unknown APT group

• October 23, 2023 23 Oct'23

  How Ensign is leading the charge in cyber security

  Lee Fook Sun, chairman of Ensign InfoSecurity, traces the company’s journey and how it is leading the charge in cyber security by doing things differently, investing in R&D and engaging with the wider ecosystem

• October 20, 2023 20 Oct'23

  Computer Weekly contributor named Godfather of UK Security

  Advent IM founder Mike Gillespie was among those honoured at the eighth annual Security Serious Unsung Heroes Awards

• October 20, 2023 20 Oct'23

  Five Eyes chiefs warn of Chinese spying campaign to steal high-tech secrets

  Intelligence chiefs warn high-tech companies and universities they may be the target of attempts by the Chinese Communist Party to steal technology secrets

• October 19, 2023 19 Oct'23

  Fears grow over extent of Cisco IOS XE zero-day

  Researchers have identified spiking numbers of victims of a recently disclosed Cisco zero-day, as users of the networking supplier’s IOS XE software are urged to take defensive measures

• October 19, 2023 19 Oct'23

  Sellafield local authority unsure if data was stolen six years on from North Korea ransomware attack

  Senior managers at an ‘Achilles heel’ local authority for Europe’s biggest nuclear site ‘still don’t know what was lost’ in a 2017 cyber attack, according to a council source

• October 18, 2023 18 Oct'23

  What are the cyber risks from the latest Middle Eastern conflict?

  The outbreak of war between Hamas and Israel in October 2023 has seen a wide variety of accompanying cyber attacks from hacktivists and other groups. We look at the risks to organisations

• October 17, 2023 17 Oct'23

  Five Eyes issues five tips on thwarting nation state threats

  Intelligence chiefs from the UK, Australia, Canada, New Zealand and the US have published guidance on building resilience against nation state cyber threats

• October 17, 2023 17 Oct'23

  Hacktivist attacks against Israeli websites mirror attacks following Russian invasion of Ukraine

  Hacktivists supporting Gaza and Palestine have launched hundreds of website defacement attacks against Israeli websites, mirroring the pattern of attacks that occurred after Russia’s invasion of Ukraine

• October 17, 2023 17 Oct'23

  What it takes to succeed in DevSecOps

  Providing engineering leadership and balancing between speed and security are some areas that organisations will need to focus on in their DevSecOps journey

• October 13, 2023 13 Oct'23

  US SEC launches probe into mass MOVEit breach

  Progress Software is facing an investigation from the SEC for the breach of its MOVEit tool, as well as dozens of legal battles resulting from the exfiltration of personal data from the roughly 2,000 organisations affected

• October 12, 2023 12 Oct'23

  Scottish biometrics watchdog outlines police cloud concerns

  Police Scotland’s response to the biometrics commissioner’s formal information notice ‘did not ameliorate’ his concerns about the sovereignty and security of the sensitive biometric information being uploaded to cloud infrastructure that is subject ...

• October 11, 2023 11 Oct'23

  Why only 1% of the Snowden Archive will ever be published

  Speaking to Computer Weekly after we published new revelations from the Snowden archive, the Guardian’s Pulitzer Prize winner, Ewen MacAskill, explains why more of the Snowden trove is unlikely to see the light of day

• October 10, 2023 10 Oct'23

  MGM faces £100m loss from cyber attack on its casinos

  MGM Resorts has provided further details on the fallout of the hack targeting its casinos in early September, confirming that a range of personal information has been stolen and that it will likely cost the firm around $100m

• October 05, 2023 05 Oct'23

  Microsoft: Nation-state cyber espionage on rise in 2023

  Microsoft’s latest Digital Defence Report outlines how nation-state cyber activity has largely moved from destructive attacks to espionage and intelligence gathering

• October 05, 2023 05 Oct'23

  Policing minister wants to use UK passport data in facial recognition

  The policing minister’s plans to integrate the UK’s passport database with police facial-recognition systems have been met with criticism from campaigners, academics, and the biometrics commissioner for England and Wales

• October 04, 2023 04 Oct'23

  Lloyds Bank launches digital identity app

  Lloyds Bank has launched a digital identity app with tech startup Yoti, after it invested £10m in the firm

• October 03, 2023 03 Oct'23

  Cyber experts urge EU to rethink vulnerability disclosure plans

  The European Union’s proposed cyber security vulnerability disclosure measures are well-intentioned but ultimately counterproductive, as making unmitigated vulnerabilities public knowledge increases the risk of their exploitation by various actors, ...

• October 03, 2023 03 Oct'23

  CIISec scores DSIT funding to expand successful CyberEPQ scheme

  DSIT has committed to enhanced funding to expand CIISec’s CyberEPQ education programme after recording excellent results to date

• October 03, 2023 03 Oct'23

  Top science journal faced secret attacks from Covid conspiracy theory group

  A conspiratorial group of extreme Brexit lobbyists mounted an extraordinary campaign against one of the world’s most prestigious science journals – part of a series of joint investigations between Byline Times and Computer Weekly

• September 28, 2023 28 Sep'23

  Strasbourg court condemns Turkey for jailing teacher for using ByLock encrypted messaging app

  The case is expected to have implications for the use of digital evidence in prosecutions against users of other encrypted phone apps

• September 28, 2023 28 Sep'23

  Security and risk management spending to grow 14% next year

  Growth in public cloud services will stand out over the next 12 months, as Gartner projects an overall 14% increase in cyber spending in 2024

• September 28, 2023 28 Sep'23

  Yahoo picks Intigriti to run crowdsourced bug bounty programme

  Digital media brand Yahoo is setting up a crowdsourced bug bounty programme with ethical hacking specialist Intigriti, and is reaching out to the Capture the Flag community to participate

• September 25, 2023 25 Sep'23

  Apple fixes three vulnerabilities found by spyware researchers

  Apple has patched three more vulnerabilities uncovered by spyware and surveillance researchers at The Citizen Lab

• September 22, 2023 22 Sep'23

  UK-US data bridge to open to traffic on 12 October

  Government forges ahead with the implementation of the UK-US data bridge, which will come into effect for real just under three weeks from now

• September 22, 2023 22 Sep'23

  Cyber experts set out plan to secure future US elections

  A group of experts are setting out to enhance election cyber security in the United States, and restore public faith in a process tainted by interference and misinformation in the past

• September 21, 2023 21 Sep'23

  ‘Top’ ransomware gangs favour smaller businesses

  Despite high-profile attacks on prominent organisations, the world’s most prolific ransomware operations tend to target smaller businesses

• September 21, 2023 21 Sep'23

  Poor digital experience a blocker for cyber resilience

  Organisations that neglect the digital employee experience are not only vulnerable to employee attrition, but putting themselves at increased cyber risk, an Ivanti report finds

• September 20, 2023 20 Sep'23

  Parliament passes sweeping Online Safety Bill but tech companies still concerned over encryption

  Ofcom will consult on standards to enforce new powers, but tech companies remain concerned about the impact of the bill’s ‘spy clause’, which could require them to scan encrypted messages

• September 20, 2023 20 Sep'23

  Organisations failing to proactively address insider cyber risk

  Organisations are spending less than 10% of their annual security budgets on trying to solve one of the costliest problems in cyber: insider risk

• September 20, 2023 20 Sep'23

  Multi-agency pilot aims to help innovators navigate regulatory landscape

  Regulators join forces in pilot scheme to help businesses deploy new technologies in a way that complies with cross-industry regulations

• September 19, 2023 19 Sep'23

  Braverman puts pressure on Meta to pause end-to-end encryption plans

  The home secretary is calling on Meta to halt its plans to introduce encrypted messaging services on Facebook and Instagram until the company puts measures in place to detect abuse

• September 19, 2023 19 Sep'23

  New revelations from the Snowden archive surface

  A decade after Snowden exposed NSA’s mass surveillance in cooperation with the British GCHQ, only about 1% of the documents have been published – but three major facts can finally be revealed thanks to a doctoral thesis in applied cryptography by ...

• September 19, 2023 19 Sep'23

  Okta confirms link to cyber attacks on Las Vegas casinos

  Okta CISO David Bradbury confirms widespread speculation about the high-profile cyber attacks on two Las Vegas casino operators, revealing that the threat actors responsible had indeed abused its services as they earlier claimed