IT operations management and IT support

SAP maintenance fee increase: What you need to know

SAP has written to its customers informing them of a price increase on annual maintenance fees. What are your options? Continue Reading

Nominations closing soon for annual cyber awards

Nominations for the annual Security Serious Unsung Heroes Awards closes 16 September Continue Reading

Organisations failing to account for digital trust

The vast majority of businesses are well aware of the importance of digital trust, yet very few have a dedicated staff role responsible for it, report finds Continue Reading

Full-stack observability top priority for IT teams

Annual forecast reveals observability – the ability to see everything in the tech stack that could affect customer experience – has become a board-level imperative, but only a quarter of organisations have achieved it Continue Reading

FormBook knocks Emotet off top of malware chart

FormBook emerged as the most widely seen malware in August, according to Check Point’s latest data Continue Reading

Microsoft patches 64 vulnerabilities on September Patch Tuesday

Microsoft drops fixes for five critical vulnerabilities and one zero-day in its latest monthly update Continue Reading

Cloud compromise a doddle for threat actors as victims attest

Two separate studies into the state of public cloud security reveal insight into the ease with which threat actors can compromise vast numbers of targets, and some of the challenges security teams are facing in the cloud Continue Reading

JP Morgan acquires fintech for payments modernisation

JP Morgan acquires cloud-native payments technology as it modernises its IT infrastructure Continue Reading

Blancco works with charity to provide IT for African schools

Blancco is providing data sanitisation and erasure software to The Turing Trust so that old IT equipment can be securely reused by school children in Sub-Saharan Africa, instead of adding to world’s growing e-waste problem Continue Reading

Mistakenly transferred $504m to be returned to Citigroup

Judge rules that creditors should return $504m that was accidentally transferred to them by Citigroup Continue Reading

CISOs should spend on critical apps, cloud, zero-trust, in 2023

Faced with a global recession next year, security buyers should try to direct investment towards technology that protects customer-facing and revenue-generating workloads, say analysts Continue Reading

RPA’s day has come – the intelligent evolution of a productivity bot

By trying to emulate humans for tasks such as data entry, robotic process automation has found a niche home in many an enterprise back office Continue Reading

Third of IT decision-makers rely on gut feel when choosing network operator

Study from customer experience technology provider shows lack of transparency is cited as the most consistent quality failure of network providers Continue Reading

Interview: Keeping an IT business going during the Russian invasion

After heading home and discovering that his country had been invaded, Konstantin Klyagin was forced to make life-changing family and business decisions Continue Reading

CW Europe: Why Russia could become the world’s biggest market for illegal IT

Faced with international sanctions and the departure of many global IT suppliers from Russia, companies there are seeking alternative, and sometimes illegal, routes to access IT products. Also read how new requirements are driving scientists and engineers in Europe back to the lab to start developing 6G technology. Continue Reading

Chinese APT using PlugX malware on espionage targets

China’s Bronze President APT is once again targeting government officials of interest to its paymasters, this time using forged diplomatic correspondence, according to the Secureworks Counter Threat Unit Continue Reading

The changing role of CIO in Sweden

New technologies and evolving business models are changing the missions of IT leaders around the world – and in most cases, the result is slightly different from one country to another Continue Reading

August ’22 a bumper month for high-impact vulnerabilities

Bugs in products from Apple, Google, Microsoft and VMware dominated the threat landscape in August, says Recorded Future Continue Reading

Prince’s Trust teams with threat management specialist in skills push

Prince’s Trust hopes to address shortfall in cyber professionals and improve diversity in the industry Continue Reading

Hotel group IHG confirms cyber attack after two-day outage

IHG, the operator of hotel chains Crowne Plaza, Holiday Inn, Intercontinental and Kimpton, says it has been targeted by an unknown threat actor Continue Reading

Cyber threats to Europe’s grid: Utilities rethink strategy

The separation of operational and information technology at utilities across Europe is opening doors for cyber criminals Continue Reading

Bus company Go-Ahead fighting off cyber attack

Go-Ahead Group, which operates bus companies around the UK, says it is in the process of dealing with a cyber attack that may cause disruption to services Continue Reading

How Okta is regaining customer trust after a cyber attack

In early 2022, cyber firm Okta was among several tech companies hit by the Lapsus$ gang. Vice-president of customer trust Ben King talks about how he has been working behind the scenes to rebuild confidence after the incident Continue Reading

Dutch government finally allowed to use public cloud

Public cloud is finally within reach for Dutch public services. Previously, the Dutch government was only allowed to use private clouds due to risks concerning privacy and security Continue Reading

Security Think Tank: Shift left, shift right. What about shift everywhere?

The concepts of shift left and shift right are highly effective in securing the development process, but for those who want to take things that step further there is shift everywhere Continue Reading

New (ISC)² cyber careers schemes go live

(ISC)² has opened up two new global cyber careers schemes to applicants to try to help organisations fill 2.7 million vacant roles worldwide Continue Reading

Security Think Tank: Effective DevSecOps requires collaboration

Application security and effective DevSecOps can only be achieved through collaboration with the business – the ultimate goal is to make it safer to do business, which requires considering integrated risk management and identity and access management alongside cyber security and application security Continue Reading

Singapore to expand 5G coverage to seaport

The maritime hub will be testing the use of 5G in a range of maritime operations, including remote pilotage of vessels and drone delivery of components to ships Continue Reading

Norway has NOK200m plan to bolster cyber defences

Norway is investing heavily in its cyber defences amid heightened threat from Russia Continue Reading

NHS staff fall further behind amid ransomware attack

While some NHS bodies are now recovering their services after the ransomware attack on a crucial software supplier, others are still being forced to rely on pen and paper, and some will be waiting months to recover Continue Reading

Four years into GDPR, Norway hopes for safer data transfer to US

Much of the data on the internet ends up on US servers at some point, and that is not always compatible with the General Data Protection Regulation, says Norwegian data protection authority Continue Reading

IAM house Okta confirms 0ktapus/Scatter Swine attack

Following last week’s disclosureby Group-IB researchers of a major phishing campaign, Okta has warned its customers to be on their guard Continue Reading

Confronting the unique challenges of hiring IT professionals in Saudi Arabia

As Saudi Arabia undergoes an economic transformation, new mandates are being implemented to help Saudi nationals keep up with global talent requirements Continue Reading

CIOs: Geopolitics impacts your IT strategy

Research from analyst Gartner illustrates how geopolitics is influencing IT strategies Continue Reading

Security pros fret about stress and promotion over cyber attacks

CIISec’s annual report on the state of the security profession reveals some home truths for security leaders Continue Reading

DevSecOps: Software developers lack sufficient security focus

GitLab survey shows developers want to produce high-quality code, but ‘shifting’ security left is hard to achieve Continue Reading

NCSC shares cyber guidance for large infrastructure builds

Balfour Beatty and McAlpine are among the large construction firms to have input into latest NCSC guidance for ensuring the security of major infrastructure projects Continue Reading

Kaspersky threat data added to Microsoft Sentinel service

Microsoft and Kaspersky have agreed a collaboration to integrate Kaspersky’s threat data feeds into Microsoft’s cloud-native SIEM/SOAR service Continue Reading

Cozy Bear targets MS 365 environments with new tactics

Cozy Bear, or APT29, is trying out new tricks as it seeks access to its targets’ Microsoft 365 environments Continue Reading

Growing MFA use spurs ‘pass-the-cookie’ attacks

The exploitation of stolen session cookies by cyber criminals is once again back on the agenda, thanks to the growing popularity of multifactor authentication tools Continue Reading

It takes a breach to force boards to take notice of cyber, says UK government

Too often, it takes a major incident for business leadership to pay attention to cyber issues, according to a government-commissioned study of victims Continue Reading

Ukraine war drives DDoS attack volumes ever higher

There has been a boom in distributed denial-of-service attacks in the first six months of 2022, according to a report, with Russia’s war on Ukraine helping to drive activity Continue Reading

Why organisations need to harmonise their CIO and CISO roles

Unless properly managed, conflicting responsibilities between the chief information officer and the chief information security officer can cause project delays and budget overruns, says Netskope’s Mike Anderson Continue Reading

Microsoft doles out $13.7m in bug bounties

Microsoft’s Bug Bounty programme has paid a total of $13.7m to more than 300 researchers in almost 50 countries Continue Reading

Online Safety Bill ‘not fit for purpose’, say tech experts

IT specialists lack confidence that legislation compelling tech firms to tackle online harms will work as intended, with only a small minority believing ‘harmful but legal’ content can be effectively and proportionately policed by internet platforms Continue Reading

Researcher finds 10 vulnerabilities in Cisco firewalls

At Black Hat USA, Rapid7 researchers report on 10 security issues in popular Cisco firewall products, many of which do not yet have patches Continue Reading

NHS may take a month to recover from supply chain attack

Ransomware attack victim Advanced warns its NHS customers they could be waiting until early September to fully recover their operations Continue Reading

Microsoft fixes two-year-old MSDT vulnerability in August update

August’s Patch Tuesday drop fixes more than 120 CVEs, including another MSDT RCE zero-day that is being actively exploited. Continue Reading

‘Coopetition’ a growing trend among ransomware gangs

Sophos shares data from its new X-Ops unit at Black Hat in Las Vegas, revealing a growing number of ransomware victims being attacked by multiple gangs at the same time Continue Reading

Icelandic datacentres may lead the way to green IT

Iceland may soon become even more attractive to companies wanting to minimise their carbon footprint while using high-performance computing services Continue Reading

Internet giants in favour as Ireland tightens rules on datacentres

Irish premier Michael Martin has insisted its temporary squeeze on datacentre construction is not a moratorium on the industry Continue Reading

Podcast: How storage AIOps is revolutionising hybrid cloud ops

We talk to Tintri about storage and AIOps, which is the application of AI and machine learning-based software to monitor storage infrastructure to be able to detect patterns and predict failure, the need to upgrade, and so on Continue Reading

SBRC to administer NCSC training across Scotland

The Scottish Business Resilience Centre has been awarded a £500,000 contract to extend cyber resilience training across more than 250 at-risk organisations Continue Reading

Spyware activity particularly impactful in July

After a quiet June, vulnerability exploitation ramped up in July, with intrusions linked to spyware seeing unusually high volumes of activity, according to a report Continue Reading

Financial Ombudsman Service mining for gold in cloud HR and finance

The Financial Ombudsman Service is reaping the benefits of the cloud-based human resources and finance system it implemented last year Continue Reading

Shipyard workers don smart glasses in 5G testbed

Shipyard workers at Singapore’s Keppel Offshore and Marine can view work instructions on their smart glasses, pull out real-time data about their equipment and receive remote guidance in a range of operational tasks Continue Reading

New EU due diligence law needs amending to stop tech sector abuse

European corporate due diligence directive seeking to transform how companies approach their human rights and environmental risk is welcome, but without further changes, it will fail to effectively curb tech firms’ harmful practices, claims international non-profit Continue Reading

DrayTek patches SOHO router bug that left thousands exposed

Network hardware supplier has fixed an unauthenticated RCE vulnerability in multiple routers in its Vigor line, after being alerted by Trellix researchers Continue Reading

How worsening economic climate impacts IT spending

As inflation rises, purse strings are tightening at the tech giants, which will have a material impact on chipmakers and providers of IT equipment Continue Reading

Austrian data firm accused of selling malware, conducting cyber attacks

Microsoft has accused DSIRF, an Austrian data services firm, of involvement in a string of cyber attacks Continue Reading

Ex-youth footballers kick-start cyber careers

New programme aims to find fresh careers for former youth footballers in cyber security Continue Reading

Home Office selects CGI as strategic delivery partner

IT services supplier will act as strategic delivery partner for the Home Office’s plans to modernise and join up UK law enforcement’s digital capabilities Continue Reading

Cyber criminals pivot away from macros as Microsoft changes bite

As Microsoft resumes blocking macros by default in its Office application suite, reversing a temporary reversal, analysis from Proofpoint suggests the action has had a remarkable effect Continue Reading

Microsoft anticipates $3.3bn savings by extending server life

Thanks to new software tools and better hardware, Microsoft plans to upgrade servers and network equipment every six years Continue Reading

Cyber security training ‘boring’ and largely ignored

Two-thirds of employees don’t bother to pay attention to cyber security training – and the fault does not lie with them Continue Reading

Security Think Tank: Don’t rely on insurance alone

Cyber insurance is a useful addition to the cyber protection toolbox. However, it cannot be regarded as a replacement for the controls that should be in operation, says Turnkey Consulting’s Tom Venables Continue Reading

No More Ransom initiative helps 1.5 million people in six years

One and a half million people have now taken advantage of free ransomware decryption tools offered by a joint European project Continue Reading

Post Office attacked subpostmasters who questioned Horizon, say victims

When the Post Office’s lie about the Horizon system failed to silence subpostmaster critics, it took more extreme measures, say victims of the scandal Continue Reading

Ducktail infostealer targets Facebook Business users

Newly uncovered Ducktail operation targets individuals with access to Facebook Business service and tries to steal their accounts Continue Reading

Six more subpostmaster convictions overturned in Horizon scandal

More former subpostmasters have their wrongful convictions for theft and fraud overturned in the Court of Appeal Continue Reading

NCSC seeks community input for Cyber Advisor service

The NCSC is proposing to establish a new Cyber Advisor service to train up experts in security guidance, and is inviting interested parties to come forward Continue Reading

Latest Atlassian Confluence vulnerability raises concerns

CVE-2022-26138 is the second major vulnerability disclosure made for Atlassian’s Confluence collaboration platform in recent months Continue Reading

The Security Interviews: Why you need to protect abandoned digital assets

The war in Ukraine and subsequent boycott of Russia resulted in a swathe of digital infrastructure being abandoned, becoming a potential vulnerability for many organisations, says Cyberpion’s Ran Nahmias Continue Reading

SSEN partners with Icebreaker One to break energy data silos

Better access to, and sharing of, energy data will help direct the installation of new electric vehicle charging points, as well as help network operators to better understand the electricity grid’s capacity for the introduction of more renewables Continue Reading

Digital drives workplace trends in the Nordics

Workplaces are rapidly changing in Nordic countries, driven by digital technologies such as artificial intelligence Continue Reading

Estonia calls on tech experts to develop its Siri-like civil servant

Estonian government opens up applications to tech experts across the world, offering them the chance to work on a world first for digital government services Continue Reading

Starling Bank withdraws application for licence in Ireland

App-based bank decides against completing its application for a banking licence in Ireland after concluding it did not offer enough value Continue Reading

Barnet Council to bring work outsourced to Capita back in-house by 2026

London borough is bringing swathes of outsourced services back in-house next year, with more to follow by 2026 Continue Reading

MPs slam FCSA for declining to answer questions on umbrella companies withholding holiday pay

Freelance and Contractor Services Association under fire from MPs for declining to answer questions about the umbrella companies that make up its membership and their stance on ensuring contractors receive their holiday pay entitlements Continue Reading

US cyber agency CISA to open London office

The US Cybersecurity and Infrastructure Security Agency has chosen London to host its first office outside America Continue Reading

Data and tech platforms helping finance regulator spot problems earlier

The UK financial services regulator is increasingly using data platforms to proactively regulate the finance sector Continue Reading

Log4Shell on its way to becoming ‘endemic’

US government report concludes that, like Covid, Log4Shell will be with us for a long time to come Continue Reading

Videogame maker Bandai Namco confirms cyber attack

Bandai Namco, developer of videogames including Pac-Man, Tekken and Dark Souls, has broken days of silence to confirm it has been hit by a cyber attack Continue Reading

Global IT services market shows signs of slowing

Spending on IT and business process services could be set to reduce over the coming months as the latest ISG figures show early signs of decline Continue Reading

Enterprise employees worry that poor collaboration tools result in lost revenue

Survey shows firms are facing a collaboration crisis, with failure to adjust to new hybrid and remote work costing them revenue and stunting business growth Continue Reading

Gartner: Software sales defy economic outlook

With spending on IT going up, there is no better time to be a head of IT as software drives new revenue-making opportunities Continue Reading

July Patch Tuesday brings more than 80 fixes, one zero-day

While some admins can put their feet up and let Windows Autopatch do the hard work of updating their Microsoft estates, for the rest of us, the Patch Tuesday bandwagon keeps on keeping on Continue Reading

Goldman Sachs hires Google incubator founder

Bank recruits co-founder of Google’s incubator as it continues to transform its business through digital technology Continue Reading

ICO calls for review into government use of private email and WhatsApp messages

Information Commissioner’s Office reprimands Department of Health and Social Care after ministers and officials conducted government business on their own email accounts and messaging apps Continue Reading

Is time running out for legacy payments technology used by banks?

The company bringing Google-like processing to core banking for banks has added the same proposition in payments Continue Reading

Microsoft Windows Autopatch now generally available

Microsoft customers with Windows Enterprise E3 and E5 licences can now take full advantage of its new automated patching service Continue Reading

Microsoft VBA macro block will return

Microsoft provides more details about its sudden decision to rollback a landmark security policy, and reassures users it is a temporary measure Continue Reading

SMEs lagging on multifactor authentication

Only 46% of small business owners say they have implemented multifactor authentication, and just 13% mandate its use, according to a report Continue Reading

Cyber insurance: An effective use of your scant security budget?

The ISF’s Paul Watts asks if cyber insurance is a must-have item, an expensive luxury, or the emperor’s new clothes Continue Reading

Stop telling clients to pay ransomware gangs, solicitors told

The NCSC and the ICO are calling on solicitors to help tackle the rising number of ransomware payments being made, and to stop giving erroneous advice to victims Continue Reading

Sweden and GDPR – four years on

Swedish data protection coordinator talks to Computer Weekly four years into the General Data Protection Regulation Continue Reading

Microsoft appears to reverse VBA macro-blocking

Microsoft quietly reverses VBA macro-blocking across its Office portfolio in a move that has left security experts puzzled Continue Reading

Lots to consider when buying cyber insurance, so do your homework

When considering implementing a cyber insurance policy, due diligence should be your watchword, says Paddy Francis of Airbus CyberSecurity Continue Reading

MI5, FBI chiefs warn of Chinese cyber espionage threat

In a joint appearance in London, MI5 director general Ken McCallum and FBI director Chris Wray warn of the growing threat posed by the Chinese government to UK and US interests Continue Reading

Security Think Tank: Cyber insurance – A nice safety blanket, but don’t count on it

In the second instalment of this month’s Security Think Tank, Mike Gillespie argues that cyber insurance should be thought of like car insurance – you don’t start driving recklessly because you’re covered Continue Reading