Security

Vodafone: Personal data might become new currency by 2030
Society and communication network concept
Data & insights

Vodafone: Personal data might become new currency by 2030

Businesses will be forced to provide customers with a better experience in exchange for personal data in order to retain them
26 Jan 2022
12-year-old Linux root privilege flaw has been "hiding in plain sight"
Linux on a blue background with a circuit-board-like graphic
Linux

12-year-old Linux root privilege flaw has been "hiding in plain sight"

Researchers were quick to highlight how easy it was to exploit the vulnerability, recommending urgent patches
26 Jan 2022
NCSC project will help UK businesses identify security vulnerabilities
An image showing the NCSC logo on its website under a magnifying glass
National Cyber Security Centre (NCSC)

NCSC project will help UK businesses identify security vulnerabilities

The scripts will be developed and reviewed regularly to target the most pervasive issues in enterprise security
26 Jan 2022
DDoS attacks are still a key weapon for corporate extortion
Visual representation of an active botnet, with several black nodes connected with white strands
distributed denial of service (DDOS)

DDoS attacks are still a key weapon for corporate extortion

Ransomware isn’t the only rotten fruit, with DDoS attacks deployed both as an extra twist of the knife – and on their own
26 Jan 2022
Microsoft warns of phishing campaign targeting OAuth tokens
Email sign with a fish hook on blue digital background
phishing

Microsoft warns of phishing campaign targeting OAuth tokens

The attack, which gives hackers persistent access to email accounts, has targeted hundreds of organizations
26 Jan 2022
UK's first government cyber strategy aims to bolster public sector defences
Cabinet Office and Whitehall street entrance
cyber security

UK's first government cyber strategy aims to bolster public sector defences

The NCSC found that almost half of all cyber incidents recorded between 2020 and 2021 were aimed at the public sector
25 Jan 2022
Dark Souls servers taken offline after RCE flaw identified
Dark Souls Remastered artwork
vulnerability

Dark Souls servers taken offline after RCE flaw identified

Experts say PowerShell scripts could have been launched on other players' machines as a result
25 Jan 2022
Belarusian hacktivists target railway in bid to halt Russian military
A hacker against a red background
hacking

Belarusian hacktivists target railway in bid to halt Russian military

The incident is thought to be one of the first times ransomware has been used in hacktivism
25 Jan 2022
NCSC Cyber Essentials overhaul takes effect
Screenshot of the NCSC website homepage in a browser
National Cyber Security Centre (NCSC)

NCSC Cyber Essentials overhaul takes effect

Changes to the scope of the government-backed cyber security certification represent the biggest change since the scheme's launch in 2014
24 Jan 2022
UK Online Safety Bill a "missed opportunity", MPs claim
Laptop computer open and on at night
social media

UK Online Safety Bill a "missed opportunity", MPs claim

A DCMS report says the "unclear" draft legislation doesn't do enough to tackle child abuse and violence against women and girls
24 Jan 2022
Datto's cyber security team catalysed recent Infocyte acquisition
Datto logo on a laptop display
mergers and acquisitions

Datto's cyber security team catalysed recent Infocyte acquisition

Datto said it will take its time integrating Infocyte's endpoint and cloud environment security technology
24 Jan 2022
Crypto.com confirms $34 million hack caused by 2FA bypass exploit
A collection of various coins with cryptocurrency logos embedded onto them
cryptocurrencies

Crypto.com confirms $34 million hack caused by 2FA bypass exploit

The cryptocurrency exchange previously denied that any customers lost funds despite numerous reports from customers and analysts
21 Jan 2022
IT Pro News In Review: UK four-day working week, cyber crime in schools, GDPR fines of €1bn in 2021
IT Pro News In Review: UK four-day working week, cyber crime in schools, EU GDPR fines of €1bnvideo
Business strategy

IT Pro News In Review: UK four-day working week, cyber crime in schools, GDPR fines of €1bn in 2021

Catch up on the biggest headlines of the week in just two minutes
21 Jan 2022
CISA warns organizations to isolate Ukranian traffic
A zoomed in photo of a world map showing Ukraine
cyber security

CISA warns organizations to isolate Ukranian traffic

Security agency tells IT staff to be on alert following cyber attacks on Ukraine
20 Jan 2022
UK and Australia partner on cyber security investment
Marise Payne and Liz Truss greet each other
Policy & legislation

UK and Australia partner on cyber security investment

The countries are set to invest in infrastructure for Indo-Pacific states as well, in the areas of energy, investment, and technology
20 Jan 2022
Red Cross "appalled" by data breach targeting 515,000 vulnerable people
Red Cross officers assist in Yemen after attack kills many locals
data breaches

Red Cross "appalled" by data breach targeting 515,000 vulnerable people

The charitable organisation has begged cyber attackers not to leak the data online in emotional plea
20 Jan 2022
White House issues memorandum to bolster national security systems
US president Joe Biden speaking to press at the White House while sat in front of the US flag
cyber security

White House issues memorandum to bolster national security systems

Agencies must now implement multi-factor authentication within 180 days, along with encryption for data at rest and in transit
20 Jan 2022
Skills 'deficit' forces Student Loans Company to spend heavily on temp staff
An unidentified person coding on a laptop placed on a bright desk
Careers & training

Skills 'deficit' forces Student Loans Company to spend heavily on temp staff

The organisation has spent £2.6 million on agency staff as it struggles to retain technical employees
19 Jan 2022
Cyber incident strikes Gloucester City Council as residents suffer service outages
A cyber attack depicted in binary code
cyber security

Cyber incident strikes Gloucester City Council as residents suffer service outages

The Council has been hit with so-called 'sleeper' malware in what could be the second major cyber incident in the past decade
19 Jan 2022
IOC defends China Olympics app after 'devastating flaw' revealed
An image of a health worker standing in front of a Beijing 2022 sign
Security

IOC defends China Olympics app after 'devastating flaw' revealed

The app may even be breaking Google and Apple’s app store policies when it comes to privacy, according to Citizen Lab
19 Jan 2022
Windows Server admins agree to forgo broken patches
Image of a server rack
Microsoft Windows Server

Windows Server admins agree to forgo broken patches

Many administrators have agreed to wait until February's round of patches to avoid operational disruption caused by broken fixes
19 Jan 2022
FireEye and McAfee Enterprise relaunch as Trellix
The FireEye logo as seen on a smartphone
mergers and acquisitions

FireEye and McAfee Enterprise relaunch as Trellix

The new pure-play cyber security firm’s platform combines automation, machine learning, and threat intelligence
19 Jan 2022
The UK's IoT proposals are riddled with ‘astonishing’ gaps
Image of small robots connected to represent a botnet
Internet of Things (IoT)

The UK's IoT proposals are riddled with ‘astonishing’ gaps

The Product Security and Telecommunications Infrastructure (PTSI) Bill aims to address the connected devices security nightmare, but experts agree it …
19 Jan 2022