Addressing key tech challenges in the public sector [Q&A]


Earlier this year the UK government released its State of digital government review, looking at how the public sector must urgently transform the way it approaches digital technology.
But with escalating cybersecurity threats, fragmented data strategies, and a widening digital skills gap, the sector may be setting itself up to fail. We spoke to Adam Casey, director of cyber security and CISO at tmc3, a Qodea company, to discuss the challenges the report raises and how they can be addressed.
Supply chain issues pose major risks to financial organizations


While banks and financial institutions generally have strong defenses, third-party vendors often lack the same levels of security, something that can offer providing attackers indirect access to the institutions they serve.
A new report from Black Kite examines the shifting landscape of cyber threats in the financial sector, highlighting the critical importance of understanding and mitigating the hidden dangers within the vendor ecosystem.
Over half of employees fall for mobile phishing scams


A new report shows that security leaders have false confidence in their capabilities and employees when it comes to mobile security. While 96 percent are confident their employees can spot a phishing attempt, 58 percent have reported incidents where employees fell victim to executive impersonation scams via text message.
The study from Lookout, of more than 700 security leaders globally, underscores a critical need for organizations to rethink their cybersecurity strategies, particularly around the human-risk factors for social-engineering attacks.
International collaboration aims to combat deepfakes and AI misuse


There’s increasing concern about the use of deepfakes and artificial intelligence to spread misinformation and contribute to fraudulent activity.
Today at the AI for Good Global Summit in Geneva, the AI and Multimedia Authenticity Standards Collaboration (AMAS), a global, multistakeholder initiative led by the World Standards Cooperation has today launched two flagship papers offering recommendations to guide the governance of AI globally and combat mis-and-disinformation.
How digital DNA can identify developers from their code [Q&A]


Recent high-profile attacks have placed increased emphasis on the software supply chain and the need to understand where code has originated.
A developer's coding style is as unique as their fingerprint and, thanks to artificial intelligence, it’s possible to identify an author based on a short code segment. Felix Mächtle, a researcher at the University of Lübeck and member of the AI Grid research network, has developed a tool that does just that. We spoke to him to learn more.
European manufacturers face critical vulnerabilities


The manufacturing industry is the most targeted industry for cyberattacks and this has has now been the case for four consecutive years.
A new study from KnowBe4 shows that this combined with the manufacturing sector’s expanding digital footprint is putting operations, intellectual property, and economic resilience at risk from critical vulnerabilities.
Persistent security gaps found in hybrid identity systems


Organizations are continuing to struggle to identify and address security vulnerabilities in hybrid identity systems such as Active Directory, Entra ID, and Okta.
This is among the findings of a new report, from AI-powered identity security and cyber resilience company Semperis, which is based on results from Purple Knight a free Active Directory security assessment tool by Semperis that has been downloaded by 45,000+ organizations.
OT security becomes a board priority for enterprises


Operational technology (OT) can often be a cybersecurity weak spot for enterprises, relying as it does on older hardware and operating systems that are hard to update.
It’s no surprise then that a new report from Fortinet shows there has been a significant increase in the global trend towards corporations planning to integrate cybersecurity under the CISO or other executives.
AI-generated deepfakes used to drive attacks


As generative AI tools have become more powerful, affordable and accessible, cybercriminals are increasingly adopting them to support attacks, these range from business fraud to extortion and identity theft.
A new report from Trend Micro shows that deepfakes are no longer just hype but are being used in real-world exploitation, undermining digital trust, exposing companies to new risks, and boosting the business models of cybercriminals.
Enterprise tech executives cool on the value of AI


Although enterprise AI investment continues to accelerate, executive confidence in the strategies guiding this transformation is falling according to a new report.
The research from Akkodis, looking at the views of 500 global Chief Technology Officers (CTOs) among a wider group of 2,000 executives, finds that overall C-suite confidence in AI strategy dropped from 69 percent in 2024 to just 58 percent in 2025. The sharpest declines are reported by CTOs and CEOs, down 20 and 33 percentage points respectively.
Decentralization and why it's a turning point for tech [Q&A]


Mainstream developers and users are increasingly seeking alternatives to big tech’s centralized servers and cloud-based systems.
Issues like data breaches, censorship, and monopolization are driving this trend. We spoke to Mathias Buus Madsen, CEO of Holepunch, about why decentralization matters and how we can expect the trend to develop.
SMEs need to get a grip on their cloud costs


According to the Office for National Statistics, in late May 2025, 77 percent of UK businesses with 10 or more employees reported that their staffing costs, covering wages, bonuses, national insurance (NI) and pension contributions, had increased over the preceding three months; a rise of 41 percent since late February 2025, and a 17 percent rise from the year before.
In the light of this Brian Sibley, Virtual CTO at Espria, says clear and concise billing models for the cloud are needed for a wholly comprehensive understanding and urges businesses to urgently assess their MS Azure subscriptions to reduce costs and improve services.
Open-source malware targets data exfiltration


Supply chain security company Sonatype has released the Q2 2025 edition of its Open Source Malware Index, uncovering 16,279 malicious open source packages across major ecosystem.
This brings the total number of open-source malware packages Sonatype has discovered to 845,204. Compared to the end of the same quarter last year, the total volume of malware logged by Sonatype has surged 188 percent, underscoring the growing sophistication and scale of attacks aimed at developers, software teams, and CI/CD pipelines.
Infostealers blamed for surge in identity attacks


Advanced phishing kits and info-stealing malware have accounted for a 156 percent jump in cyberattacks targeting user logins.
A new report from cybersecurity company eSentire shows attackers are increasingly opting for obtaining login credentials and session cookies via phishing or malware. This then allows them to carry out Business Email Compromise (BEC) attacks, gain access to bank accounts, or steal cryptocurrency.
Why Active Directory remains a popular target for attackers and what to do about it [Q&A]


Microsoft Active Directory (AD) turned 25 earlier this year -- remarkable longevity in the technology world. It’s the identity backbone for more than 80 percent of enterprises, meaning a breach could be catastrophic.
We spoke to Sean Deuby, principal technologist at Semperis, to look at the top considerations for protecting AD for the future, as most organizations he talks to have no plans to move on from the aging technology.
Ian's Bio
Ian spent almost 20 years working with computers before he discovered that writing about them was easier than fixing them. Since then he's written for a number of computer magazines and is a former editor of PC Utilities. Follow him on Mastodon
© 1998-2025 BetaNews, Inc. All Rights Reserved. About Us - Privacy Policy - Cookie Policy - Sitemap.