A newly discovered series of four dangerous flaws in the Common Unix Printing System (Cups), which is used across virtually all GNU/Linux distros including Debian, Red Hat and SUSE, as well as Apple macOS and Google Chrome/Chromium among other things, is causing alarm bells to ring for security professionals over the potential scope of the…
Printing vulnerability affecting Linux distros raises alarm Read More »
The UK’s National Cyber Security Centre (NCSC) and its counterpart Five Eyes agencies have accused a China-based company acting as a front for the state of running a massive botnet comprising over 250,000 internet-connected devices, about 8,500 of them located in the UK. The compromised devices include enterprise network and security tools such as routers…
NCSC exposes Chinese company running malicious Mirai botnet Read More »
Thousands of applications that have taken advantage of open source Python Package Index (PyPI) software packages may be at risk of hijacking and subversion by malicious actors, opening up the possibility of major supply chain attacks affecting even greater numbers of downstream organisations and users. That is according to threat researchers at jFrog, who identified…
PyPI loophole puts thousands of packages at risk of compromise Read More »
The UK’s National Cyber Security Centre (NCSC) and its counterpart bodies in the Five Eyes intelligence alliance have joined partners from Czechia, Estonia, Germany, Latvia and Ukraine to identify a Russian military cyber unit that has been conducting a sustained campaign of malicious activity over the past four years. Part of the Main Directorate of…
NCSC and allies call out Russia’s Unit 29155 over cyber warfare Read More »
It’s almost become a cliché to say that data is the lifeblood of the modern enterprise. However, Claire Thompson, group chief data and analytics officer (CDAO) at financial services firm L&G, says data has always been crucial to big firms. What’s changed during the past few years, particularly in her sector, is a recognition of…
Women in data: Claire Thompson, chief data officer, L&G Read More »
Security leaders and software developers will benefit from deeper visibility into their organisations’ software development security posture as they work, bolstering moves towards the nirvana of so-called secure-by-design code, with the introduction of an industry-first solution from sector specialist Secure Code Warrior (SCW). SCW Trust Agent comes hot on the heels of the introduction of…
Innovations to power secure-by-design development Read More »
While data has the potential to boost the UK economy significantly, the links between data and AI are not sufficiently understood. If we are to seize this potential and position the UK as a global AI superpower, as the National AI Strategy aims to do, we must get a grip on data infrastructure in order…
Data is the key to unlocking the UK’s AI potential Read More »
Kubernetes is 10 years’ old. Mid-2024 sees the 10th birthday of the market-leading container orchestration platform. That decade started as containers emerged as a new way to virtualise applications, but storage and data protection functionality was practically non-existent. Now, Kubernetes offers a mature container platform for cloud-native applications, with all that’s required for the storage…
Kubernetes at 10: Building stateful app storage and data protection Read More »
The US Cybersecurity and Infrastructure Security Agency (CISA) has this week added a vulnerability that was first disclosed in January in the GitLab open source platform to its Known Exploited Vulnerabilities (KEV) catalogue, prompting a flurry of warnings urging users of the service to apply available patches immediately. Tracked as CVE-2023-7028 and discovered through GitLab’s…
HM Revenue & Customs (HMRC) has confirmed the Github repository housing the source code for its online IR35 employment status checker tool has been restored, after it was deleted “in error” during a platform migration. The government tax collection agency recently completed the process of migrating its Check Employment Status for Tax (CEST) tool to…
