Michael Hill

UK Editor

Michael Hill is the UK editor of CSO Online. He has spent the past five-plus years covering various aspects of the cybersecurity industry, with particular interest in the ever-evolving role of the human-related elements of information security. A keen storyteller with a passion for the publishing process, he enjoys working creatively to produce media that has the biggest possible impact on the audience.

Microsoft attributes Charlie Hebdo attacks to Iranian nation-state threat group

Foreign states already using ChatGPT maliciously, UK IT leaders believe

Foreign states already using ChatGPT maliciously, UK IT leaders believe

Most UK IT leaders are concerned about malicious use of ChatGPT as research shows how its capabilities can significantly enhance phishing and BEC scams.

New “MITRE ATT&CK-like” framework outlines software supply chain attack TTPs

New “MITRE ATT&CK-like” framework outlines software supply chain attack TTPs

The OSC&R Framework aims to help security professionals better understand and measure software supply chain risk.

Tech Nation to close as UK government pulls key funding

Tech Nation to close as UK government pulls key funding

Tech Nation will cease operations after a decade of supporting and transforming the UK’s scaleup tech ecosystem through programmes including Tech Nation Cyber.

UK Cyber Security Council, ISACA partner for chartered Audit and Assurance pilot

UK Cyber Security Council, ISACA partner for chartered Audit and Assurance pilot

ISACA will act as the UK Cyber Security Council’s awarding body for Audit and Assurance professional titles as a chartered standard for the UK cybersecurity sector edges closer.

IoT, connected devices biggest contributors to expanding application attack surface

IoT, connected devices biggest contributors to expanding application attack surface

New report shines light on application security challenges impacting global businesses.

Threat actors abuse Microsoft’s “verified publisher” status to exploit OAuth privileges

Threat actors abuse Microsoft’s “verified publisher” status to exploit OAuth privileges

Proofpoint discovers threat actors targeting verified status in the Microsoft environment to abuse OAuth privileges and lure users into authorizing malicious apps.

How to survive below the cybersecurity poverty line

How to survive below the cybersecurity poverty line

The security poverty line has become the benchmark of acceptable cybersecurity for businesses. Here are the factors that determine that benchmark and advice for those below it.

UK NCSC warns businesses of ongoing Russian, Iranian spear-phishing campaigns

UK NCSC warns businesses of ongoing Russian, Iranian spear-phishing campaigns

The National Cyber Security Centre security advisory explains why spear-phishing campaigns by Russia-based SEABORGIUM and Iran-based TA453 threat group pose a risk.

Cyber Essentials technical requirements updated with changes to malware protection, device management

Cyber Essentials technical requirements updated with changes to malware protection, device management

UK National Cyber Security Centre says Cyber Essentials version 3.1 will take effect from April 24, 2023.

Timeline of the latest LastPass data breaches

Timeline of the latest LastPass data breaches

Attackers apparently used data taken in an August attack on the password management firm to enable another attack in November.

UK NCSC ends Logging Made Easy support, warns businesses against continued use

UK NCSC ends Logging Made Easy support, warns businesses against continued use

The UK’s National Cyber Security Centre is ending support for the LME project to divert resources to new initiatives designed to help protect the UK’s cyber infrastructure.

Load More