Alex Scroxton

Washington, D.C., United States

Prestige Millennial: Apex Procrastinator: Mediocre Cyber Takes Done Cheap: Security Editor @ComputerWeekly: Not Really A Llama Find me on Mastodon or LinkedIn.

Featured in: Favicon

computerweekly.com Favicon

medium.com Favicon

flipboard.com Favicon

techtarget.com (+2) Favicon

lemagit.fr Favicon

myofficemagazine.co.za Favicon

truemedian.com Favicon

flauntweekly.com Favicon

cryptoharry.net Favicon

birminghamdailyjournal.com + 7 more

Articles

Microsoft outlines three-pronged European cyber strategy

3 days ago | computerweekly.com | Alex Scroxton

Digging deeper Microsoft went on to outline how each of the three pillars of the ESP will work: Threat intelligence sharing: Using AI to support analysis of cyber threat activity and glean more insight in real time, helping governments defend proactively. Meanwhile, the capacity of the existing Digital Crimes Unit (DCU) will be expanded to support law enforcement partners through the Cybercrime Threat Intelligence Programme.
US cyber agency CISA faces stiff budget cuts

5 days ago | computerweekly.com | Alex Scroxton

A globally-recognised force Officially established during Trump’s first administration, with origins dating back to 2007 when the US established the National Protections and Programs Directorate within the Department of Homeland Security (DHS), CISA has grown into one of the leading western cyber security agencies working alongside the likes of the UK’s National Cyber Security Centre (NCSC) and counterparts in Australia, Canada, Europe and New Zealand.
Cyber and digital get over £1bn to enhance UK’s national security

5 days ago | computerweekly.com | Alex Scroxton

More than 90,000 attacks Meanwhile, the UK’s new Cyber and Electromagnetic Command, to be led by General Sir James Hockenhull and based at Corsham in Wiltshire, will help the Ministry of Defence (MoD) ward off the more than 90,000 “sub-threshold” cyber attacks conducted against its networks in the past two years.
“PC乗っ取り”の恐れも Microsoft製品の危険な「ゼロデイ脆弱性」とは：2025年5月は脆弱性祭り

6 days ago | techtarget.itmedia.co.jp | Alex Scroxton

今回修正対象になったゼロデイ脆弱性は以下の通りだ。 CVE-2025-30400 Microsoftのデスクトップ描画機能「Desktop Window Manager」（DWM）のコアライブラリ（中心部品）における権限昇格（EoP）の脆弱性 CVE-2025-30397 スクリプト（簡易プログラム）実行エンジン「Microsoft Scripting Engine」のメモリ破損に起因する脆弱性標的のサーバで不正なプログラムを動作させるリモートコード実行（RCE）を可能にする CVE-2025-32701 Windowsのログ取得機能「Common Log File System」（CLFS：共通ログファイルシステム）のドライバーにおけるEoPの脆弱性 CVE-2025-32706 CLFSのドライバーにおけるのEoPの脆弱性 CVE-2025-32709 OSのネットワーク通信を補助するドライバー「Windows Ancillary Function Driver」（Afd.sys）におけるEoP脆弱性...
サイバー攻撃で顧客情報流出の小売り大手専門家が批判する“見通しの甘さ”：「楽観的過ぎる」と厳しい視線

1 week ago | techtarget.itmedia.co.jp | Alex Scroxton

2025年4月、英国の小売り大手Marks and Spencer（以下、M&S）はサイバー攻撃を受けたことを公表し、Eコマース（EC：電子商取引）サイトとモバイルアプリケーションでの販売を一時停止した。この攻撃によって、同社顧客のさまざまなデータが流出したとみられる。M&Sは攻撃への対処を進めているものの、セキュリティ専門家は厳しい目を向けている。どのような問題があるのか。日本企業も教訓にすべき「攻撃発覚後のNG行動」とは M&Sによると、同社への攻撃で流出したデータには、顧客の名前や生年月日、郵便番号、メールアドレス、電話番号、オンライン購買履歴、支払い情報などが含まれる。一方で、ユーザーアカウントのパスワードは含まれていないという。M&SのCEOスチュワート・マシン氏は、「お客さまに一部の個人情報が盗まれたことをお知らせした」と説明する。マシン氏の話では、本稿執筆時点で、盗まれた情報がダークWeb（通常の手段ではアクセスできないWebサイト群）で共有された証拠はない。...
Salesforce pays $8bn for Informatica to underpin agentic AI play

1 week ago | computerweekly.com | Alex Scroxton

Hard road ahead SnapLogic CEO Gaurav Dhillon, who co-founded Informatica back in the early 1990s, said he had mixed feelings about the deal. “On the one hand, I understand why it might be happening and it makes sense in theory. It is a crystal clear ‘I-told-you-so’ moment for me and why I founded SnapLogic, because most enterprises are going to need one platform, for application and data integration.
US makes fresh indictments over DanaBot, Qakbot malwares

1 week ago | computerweekly.com | Alex Scroxton

More trouble for Qakbot Also last week, a federal indictment unsealed by the DoJ levels charges against one Rustam Rafailevich Gallyamov, 48, of Moscow, accusing him of being the mastermind behind the group that developed, deployed and ran Qakbot, a far older malware but also with origins in the world of banking trojans, which was taken down in a 2023 operation.
Armed forces charity steps in to address cyber mental health crisis

1 week ago | computerweekly.com | Alex Scroxton

The Chartered Institute of Information Security (CIISec) has linked up with armed forces and veterans charity PTSD Resolution to try to address the increasingly severe mental health challenges faced by cyber security professionals during the course of their work.
Microsoft raises posse to target dangerous Lumma malware

2 weeks ago | computerweekly.com | Alex Scroxton

Lumma chameleon The Lumma Stealer MaaS first appeared on the underground scene about three years ago and has been under near-continuous development since then. Based out of Russia, and run by a primary developer who goes by the handle “Shamel”, Lumma offers four tiers of service, starting from $250 (£186) and rising to an eye-popping $20,000, for which buyers receive access to Lumma’s style and panel source code, the source code for plugins, and the right to act as a reseller.
M&S cyber attack disruption likely to last until July

2 weeks ago | computerweekly.com | Alex Scroxton

Marks and Spencer (M&S) leadership believes that it may take at least another month to fully recover following a ransomware attack that it now looks likely will cost it at least £300m. It has also emerged that the incident may have begun through the systems of a third-party supplier of IT services, where tech support staff had their credentials stolen via social engineering, according to CEO Stuart Machin.