IT operations management and IT support

Security Think Tank: Solving for complexity in the network

The modern-day abundance of IT platforms, apps and tools gives the bad guys ample opportunity to move rapidly through the network to hit critical assets. Security teams must understand these attack pathways better in order to fight back Continue Reading

Post Office scandal CEO could be stripped of CBE

Honours Forfeiture Committee to review Paula Vennells’ CBE in the light of Post Office scandal Continue Reading

Log4Shell, ProxyLogon, ProxyShell among most exploited bugs of 2021

These 15 CVEs were the most commonly exploited last year, and if you haven’t mitigated against them, now is the time Continue Reading

Ransomware victims paying out when they don’t need to

Sophos’s annual State of Ransomware report shows dramatic increases in the impact of ransomware attacks, but also finds many organisations are paying ransoms when they don’t need to Continue Reading

Government digital ignorance puts Dutch economy at risk

In this interview, Michiel Steltman, managing director of Digital Infrastructure Netherlands, tells Computer Weekly why the Dutch digital economy is at risk due to a lack of knowledge and understanding at government level Continue Reading

Police question former Fujitsu worker again in Post Office scandal perjury investigation

Police have interviewed a former Fujitsu employee for the third time in the investigation into potential perjury during trials of wrongfully convicted subpostmasters Continue Reading

Global digital wallet transactions set to soar

Payments using mobile phones are set to soar globally as suppliers expand the services available, according to research Continue Reading

Odense Robotics helps develop key export for Denmark

Robotics seen as a future export sector for Denmark as investment startups build their skills in public sector projects Continue Reading

Government appoints head of technology transfer unit

Government announces a CEO to lead its initiatives around commercialising its knowledge assets Continue Reading

Sophos soaks up SOC.OS

Sophos says acquisition of BAE spinout SOC.OS will enhance its managed threat and extended detection and response services Continue Reading

UAE bolsters cyber security

The United Arab Emirates has successfully improved its security posture amid mounting cyber threats Continue Reading

Finance regulator identifies challenger bank financial crime weaknesses

Financial Conduct Authority review finds challenger banks need to do more to prevent their platforms being used to commit financial crime, such as money laundering Continue Reading

Five Eyes in new Russia cyber warning

Latest cross-body alert warns of Russian threat to utilities and other core elements of national infrastructure Continue Reading

Tech to account for over half of regulatory compliance spending

By 2026, regtech will account for more than half of the money that businesses spend on compliance with regulations Continue Reading

European cities moving fast to change business of parking

German cities are using the latest smart parking technology to reduce traffic and car pollution while collecting more fees for parking Continue Reading

Dutch schools struggle with digitisation

Now is the time for schools in the Netherlands to determine how the opportunities of distance and digital learning resources can be made to work and how the risks involved can be mitigated Continue Reading

AWS fixes vulnerabilities in Log4Shell hot patch

AWS issues fixes for a series of Log4Shell hot patches after they turned out to leave its services vulnerable to further exploitation Continue Reading

Nationwide Building Society streamlines payment dispute process through software

Building society has speeded up the resolution of customer disputes over Visa payments by using Pegasystems software Continue Reading

Financial Ombudsman Service chooses TCS as digital transformation partner

Tata Consultancy Services will build and implement key systems as part the Financial Ombudsman Service’s digital transformation Continue Reading

Median threat actor ‘dwell time’ dropped during 2021

Security teams appear to be getting better at detecting attackers within their networks, according to a report Continue Reading

Windows 7 and XP still more popular than Windows 11

Lansweeper audit of Windows devices finds more people are running unsupported Windows operating systems than the newest release Continue Reading

Refugee support group works with tech startup on reporting system

Computer Weekly speaks to a refugee support group about its ongoing collaboration with an academic tech startup to develop a digital human rights reporting system for refugees Continue Reading

Zhadnost DDoS botnet deployed against Finland

A coordinated DDoS attack hit two government ministries in Finland at the same time as Ukrainian president Volodymyr Zelensky delivered a virtual address to the Finnish parliament Continue Reading

Incontroller ICS malware has ‘rare, dangerous’ capabilities, says Mandiant

Mandiant joins a growing chorus of warnings over novel nation state threats to ICS systems Continue Reading

Microsoft patches two zero-days, 10 critical bugs

Patch Tuesday is here once again. This month, security teams must fix two privilege escalation zero-days in the Windows Common Log File System Driver and the Windows User Profile Service Continue Reading

Criminals researched hacking TTPs post-breach in ‘messy’ cyber attack

Sophos shares details of a cyber attack that saw attackers hang out in their victim environment for five months while they prepared to sow further mischief Continue Reading

More ANZ organisations warm to DevSecOps

About four in 10 organisations in Australia and New Zealand are undertaking the transition to development, security and operations, while a further 36% plan to do so in 2022, study finds Continue Reading

Universal IAM policy failings put cloud environments at risk

Almost all organisations lack appropriate IAM policy controls to effectively secure their data in the cloud, according to a damning study Continue Reading

PassiveLogic to get more active in smart building tech with $15m funding

Global alternative asset manager partners with provider of autonomous building systems and foundation technology for smart cities to bring the first general-purpose autonomous platform to the building market Continue Reading

Sandworm rolls out Industroyer2 malware against Ukraine

A second generation of the Sandworm-linked Industroyer malware has been identified by ESET researchers and Ukraine’s national CERT Continue Reading

Border IT system fixed after 10-day outage

Post-Brexit border IT system failure fixed after going down at the start of April, allowing traders to once again file customs documents electronically rather than by hand Continue Reading

Open source CMS platform Directus patches XSS bug

A stored cross-site scripting vulnerability in the Directus platform could have enabled malicious actors to gain access to valuable data Continue Reading

Building distributed systems requires effective developer teams

Technologies edge computing and containerisation call for teams capable of building distributed systems Continue Reading

We must target a broad church to fill vacant cyber roles

The security industry focuses a lot on cyber-specific specialisms and technical skills, but it could really benefit from widening its search. Take it from a social anthropologist Continue Reading

Raspberry Pi Foundation ditches default username policy

Raspberry Pi owners will no longer be able to use the default ‘pi’ username, as the Raspberry Pi Foundation clamps down on insecure practices Continue Reading

The role of infrastructure as code in edge datacentre computing

As datacentre computing is pushed to the edge of the organisation’s network, IT has to address the overheads associated with remote server management Continue Reading

Was Spring4Shell a lot of hot air? No, but...

Find out why Spring4Shell was apparently not as impactful a security problem as many had at first feared, and why it’s on the cyber community as a whole to do better Continue Reading

US shuts down Russia’s Cyclops Blink botnet operation

Operation by US authorities has taken the Russia-attributed Cyclops Blink botnet ‘off the board’ Continue Reading

Banks should be able to integrate e-krona into existing systems, says Swedish regulator

Swedish financial services regulator says banks and service providers should be able to integrate a potential digital currency into existing systems Continue Reading

Apple criticised over unpatched CVEs in Catalina, Big Sur

Apple patched two zero-days in macOS Monterey last week, but did not address the same issue in Catalina or Big Sur, raising questions Continue Reading

Denonia malware may be first to target AWS Lambda

The newly discovered Denonia malware appears to be custom designed to target AWS Lambda environments, and may be the first of its kind Continue Reading

Structured decentralisation is the key to unlocking Nordic-level innovation

Finnish tech entrepreneurs will be taking the stage at the World Economic Forum to tell the world about the role of trust in Finnish startup success Continue Reading

Discount retailer The Works hit by cyber attack

A small number of The Works’ bricks-and-mortar stores were forced to close amid a cyber attack of an undisclosed nature Continue Reading

Triple-threat Borat malware no joke for victims

Unlike its namesake, the newly discovered Borat malware won’t raise a smile for IT security pros Continue Reading

Zopa bank profitable after just 21 months

The bank that emerged from peer-to-peer lending pioneer has hit its first profit after 21 months of operation Continue Reading

Saudi Arabian ICT sector hits $32.1bn after strong pandemic response

The Saudi Arabian IT and communications sector is recovering strongly from the Covid-19 pandemic Continue Reading

Office Wi-Fi may not cope with hybrid work

Continued growth of online meetings is triggering disruption across the employee productivity technology market, research from CCS Insight has found Continue Reading

Fujitsu bags £430m government contracts despite rising cost of Post Office Horizon scandal

Fujitsu has won two huge government IT contracts, worth over £400m, while taxpayers face footing the massive bill for the Post Office scandal caused by its software Continue Reading

Four moves to ‘checkmate’ critical assets thanks to lax cloud security

Malicious actors can compromise 94% of critical assets within four steps of the initial breach point, according to a report Continue Reading

EU Act ‘must empower those affected by AI systems to take action’

Ada Lovelace Institute publishes recommendations on how European institutions can improve the Artificial Intelligence Act by establishing a ‘comprehensive remedies framework’ around those affected by the deployment of AI systems Continue Reading

Bank fraud prevention scheme blocked £60m in fraud last year

Scheme to catch fraudsters, including online scammers, before they commit their crimes has reported a significant increase in crimes prevented Continue Reading

Spring4Shell zero-day sprung on security teams

Some are describing a newly disclosed Spring Java framework vulnerability as the next Log4Shell, but what is Spring4Shell, and what can we do about it? Continue Reading

Compensation goal finally in sight for 555 Post Office scandal victims

The subpostmaster campaign group which exposed the Post Office Horizon scandal could be close to achieving the objective it was established for, with fair compensation for its members in sight Continue Reading

One-third of UK firms suffer a cyber attack every week

New statistics from the annual DCMS Cyber security breaches survey reveal the extent and frequency with which UK organisations are being attacked by malicious actors Continue Reading

Recruitment risks: Avoiding the dangers of fraudulent candidates

Tech companies are seeing an increase in fraudulent job applications, with associated impacts on risk and cyber security. So how can organisations protect themselves from fraudulent applicants while ensuring they recruit the best talent? Continue Reading

Overhaul of UK police tech needed to prevent abuse

Lords inquiry finds UK police are deploying artificial intelligence and algorithmic technologies without a thorough examination of their efficacy or outcomes, and are essentially ‘making it up as they go along’ Continue Reading

Wave of Log4j-linked attacks targeting VMware Horizon

Sophos issues a new warning to organisations that have so far failed to patch their VMware Horizon servers against Log4Shell Continue Reading

HSBC chooses IBM support for its quantum leap

UK bank moves to the next stage of its work with quantum computers through a deal with IBM Continue Reading

Virgin Media O2 Business aims to ‘go beyond’ traditional broadband SLAs

Business arm of UK connectivity provider proposes new way of working, built on successful outcomes rather than service deliverables alone, with bespoke agreements offering flexible use, reduced dual running costs and next-level service for new large enterprise and public sector customers Continue Reading

European Commission proposes new cyber security regulations

New cyber and information security regulations have been proposed by the European Commission to create a minimum set of standards in both areas Continue Reading

NHS health and social care staff offered training on healthcare apps

Health service staff have free access to training courses to help them understand which digital healthcare apps and websites are best for their patients Continue Reading

The Security Interviews: Red gets automated

We speak to Jack Stockdale, CTO of Darktrace, about Cambridge’s strong data analytics and artificial intelligence links and the role of AI in cyber security Continue Reading

CW Innovation Awards: Plugging supply chain gaps

StratMed’s Integer platform is facilitating data exchanges between healthcare providers and their suppliers to improve transparency in India’s healthcare supply chain Continue Reading

CW Innovation Awards: How Telekom Malaysia scaled its RPA initiative

Telekom Malaysia has been driving automation efforts across the company, not only to serve customers more efficiently, but also to improve a slew of back office functions Continue Reading

CW Innovation Awards: Tracking cargo on the road

Through Geodis APAC’s One Road platform, supply chain companies have received fewer enquiries on cargo locations and improved on-time performance using roads as an alternative way to move cargo Continue Reading

Digital continues to deplete bank branch networks as Lloyds cuts 60 more

Lloyds Banking Group has stripped UK high streets of a further 60 branches as the take-up of digital banking continues Continue Reading

Japan’s Mizuho partners Google to accelerate tech transformation after a year to forget

Following a year when it hit the tech headlines for the wrong reasons, Mizuho is on a mission to modernise IT in collaboration with Google Continue Reading

NetApp Cloud Insights gets AI monitoring and ransomware detection

Cloud Insights adds artificial intelligence-based continuous audit and monitoring of entire IT estate and generates impact assessments from performance events, plus anomaly alerting for ransomware Continue Reading

Competition watchdog contacts Barclays and Lloyds banks over API failures

Barclays and Lloyds banks have failed to meet some of the open banking rules, says competition watchdog Continue Reading

Revised scope of UK security strategy reflects digitised society

The omission of the word ‘security’ from the title of the UK government’s new National Cyber Strategy is a telling one, reflecting our increasingly digitised society, say Maximillian Brook and Arunoshi Singh of the ISF Continue Reading

Teleperformance’s robotic process automation increases job satisfaction

A project to introduce software robots at the Dutch arm of Teleperformance has been adopted globally Continue Reading

Electronic patient records key to NHS digital transformation

Getting EPR systems rolled out across NHS organisations will help boost digital transformation efforts, and are key to fulfilling government healthcare plans Continue Reading

Ukrainian cyber defences prove resilient

Thanks to a combination of prior experience and global support, Ukraine’s defences against cyber incidents are holding strong in the face of Russian attacks Continue Reading

Russian IT sector faces unprecedented crisis

The Russian IT sector faces a major crisis as IT professionals and businesses flee the country after its invasion of Ukraine Continue Reading

NCSC catches 10 million phishes

Nation Cyber Security Centre’s scam email reporting service enjoys great success as government embarks on new cyber awareness campaign Continue Reading

Monitoring performance in a hybrid cloud world

The growing use of cloud demands a new breed of monitoring and observability tools to keep track of how cloud-native applications and services perform Continue Reading

SentinelOne adds Attivo Networks to identity portfolio

SentinelOne adds identity threat detection and response technology to its cyber portfolio, saying it will benefit zero-trust adoption among its customers Continue Reading

Estonian anti-money laundering software pilot reaps benefits

Estonian startup and local banks have successfully piloted a data-sharing platform that prevents money laundering Continue Reading

Kubernetes vulnerability underscores repeated security warnings

The disclosure of a new vulnerability in an important container runtime engine that underpins Kubernetes has drawn fresh warnings to pay attention to securing Kubernetes environments Continue Reading

No end to UK bank branch closures as HSBC shuts 69 more

HSBC closes another 69 branches as customers continue to migrate to digital channels Continue Reading

How cyber security teams can conquer the four-day working week

The four-day week may be an idea whose time has come, but for always-on cyber security professionals, the impact of squeezing more work into fewer days is a tricky proposition Continue Reading

How can I avoid an exodus of cyber talent linked to stress and burnout?

Cyber security professionals have played a crucial role during the pandemic, yet many feel like their employers aren’t providing adequate mental health support and have considered quitting their jobs as a result. What can employers do to help them? Continue Reading

BNP Paribas to recruit 1,000 more women in IT

Spanish bank sets target of adding 1,000 more female IT professionals to its workforce over the next two years Continue Reading

Ratcheting down the tension in the hybrid world

Employers who reject the trend towards adopting more flexible, hybrid ways of working may struggle with staff retention - and CIOs have more to win or lose than most in a hybrid world Continue Reading

Hybrid working isn’t turning out as expected

Last year, as companies recognized both the value of face-to-face interaction and the fact that not everyone wants to go back to the office five days a week, the concept of hybrid working went ... Continue Reading

Tech brands sign on to HackerOne responsible security drive

Tech companies sign HackerOne’s new corporate security responsibility pledge to bring cyber out of the shadows and promote effective, secure development practices Continue Reading

China’s APT41 exploited Log4j within hours

APT41 compromised multiple government organisations via the Log4Shell exploit within hours of its initial disclosure, Mandiant claims Continue Reading

Microsoft serves up three zero-days on March Patch Tuesday

Three zero-days pop up in Microsoft’s March update, along with a number of other noteworthy concerns for defenders Continue Reading

Security Think Tank: Building the cyber workforce we need

The UK’s new National Cyber Strategy is clear in its ambitions, but to fulfil them, we must double down on appropriate skills development, says ISACA director Mike Hughes Continue Reading

Subpostmasters won their David and Goliath battle, but initial goal still not reached

Despite exposing the Post Office Horizon scandal, Alan Bates, the former subpostmaster who drove the campaign for the truth, says the goal of repaying people what they lost has not yet been achieved Continue Reading

Horizon inquiry hearing sheds light on subpostmaster federation’s role in hushing up IT problems

A National Federation for Subpostmasters official had huge unexplained loss written off by Post Office despite many in the same position being convicted for crimes they didn't commit Continue Reading

Deutsche Bank tests IT operation resilience amid potential loss of Russian centre

German bank is confident the possible loss of operations in Russia will not affect the day-to-day running of its business Continue Reading

Micron 7450 aims its 176 TLC layers at QLC flash use cases

New 176-layer tech brings densely packed flash cells in drives that come in 2.5”, M.2 and EDSFF form factors, aimed at datacentre workloads from archive to database storage Continue Reading

Why post-pandemic reskilling must focus on mainframes

A major contributing factor to UK-wide skills shortages is the significant number of people who have left the workforce since the start of the Covid-19 pandemic Continue Reading

Assessing the aims of the Government Cyber Security Strategy

The clear aims of the Government Cyber Security Strategy are welcome, but are they realistic or achievable? Continue Reading

Boardroom does not see ransomware as a priority

Less than a quarter of company directors think ransomware is a top priority for their security teams, according to Egress Continue Reading

Post Office warned of software flaw in 2006, but failed to alert subpostmaster network

The Post Office and Fujitsu failed to alert subpostmasters to a software error that caused them to be wrongly blamed for accounting shortfalls Continue Reading

Middle East IT spending to recover to at least pre-pandemic levels

Middle East IT leaders expect budgets to increase this year, with spending to match or exceed pre-Covid levels Continue Reading

How FinOps can rein in cloud costs

More organisations are warming to FinOps to keep escalating cloud costs in check, amid growing usage of public cloud services Continue Reading

BBC blasted with millions of malicious emails

Responding to an FoI request, the BBC has revealed it receives more than 300,000 malicious email attacks every day Continue Reading