IT security
-
News
12 Nov 2024
More data stolen in 2023 MOVEit attacks comes to light
Over a year since the infamous MOVEit Transfer cyber attacks affected thousands of organisations, more new victims have come to light after an anonymous threat actor leaked their data on the dark web Continue Reading
-
Opinion
12 Nov 2024
Strengthening cyber: Best IAM practices to combat threats
The Security Think Tank considers best practices in identity and access management and how can they be deployed to enable IT departments to combat cyber-attacks, phishing attacks and ransomware Continue Reading
-
Opinion
19 Nov 2024
Overcoming the cyber paradox: Shrinking budgets – growing threats
The challenging macro environment has left security budgets stretched thin even while new tech like AI presents a threat multiplier. In the face of these challenges, it becomes vital for security leads to do more to maintain funding Continue Reading
-
E-Zine
19 Nov 2024
Adventures in AI at Tripadvisor
In this week’s Computer Weekly, we find out how travel site Tripadvisor is embracing AI to offer new products and services to its users. Gartner says the chance of a successful digital project is like ‘flipping a coin’ – we went to its annual IT leadership symposium to ask why. And we examine what companies must do to comply with the EU’s new NIS2 cyber security rules. Read the issue now. Continue Reading
-
Video
18 Nov 2024
An explanation of cybercrime
Cybercrime is a real and illegal threat, just like traditional crime. Learn about cybercriminals and effective prevention strategies to safeguard yourself online. Continue Reading
-
News
18 Nov 2024
AWS widening scope of MFA programme after early success
AWS reports strong take-up of multi-factor authentication among customers since making it compulsory for root users earlier this year, and plans to expand the scope of its IAM programme in spring 2025 Continue Reading
-
News
18 Nov 2024
Denmark’s AI-powered welfare system fuels mass surveillance
Research reveals the automated tools used to flag individuals for benefit fraud violate individuals’ privacy and risk discriminating against marginalised groups Continue Reading
-
News
18 Nov 2024
UK consumers losing more than ever to holiday scams
Last Christmas, UK consumers lost over £11m to cyber criminals. This year, to save them from tears, the NCSC and Action Fraud are teaming up to launch an anti-fraud campaign Continue Reading
-
Definition
18 Nov 2024
What is a whaling attack (whaling phishing)?
A whaling attack, also known as 'whaling phishing' or a 'whaling phishing attack,' is a specific type of phishing attack that targets high-profile employees, such as the chief executive officer (CEO) or chief financial officer, to steal sensitive information from a company. Continue Reading
-
Definition
18 Nov 2024
What is a spam trap?
A spam trap is an email address that's used to identify and monitor spam email. It's also a type of honeypot because it uses a fake email address to bait spammers. Continue Reading
-
Definition
18 Nov 2024
What is acceptable use policy (AUP)?
An acceptable use policy (AUP) is a document stipulating constraints and practices that a user must agree to for access to or use of a corporate network, the internet or other computing resources. Continue Reading
-
News
18 Nov 2024
Final report on Nats calls for improvements to contingency process
Suppliers need to be involved much sooner and a review of technical documentation is needed to speed up recovery Continue Reading
-
News
15 Nov 2024
Schwarz Group partners with Google on EU sovereign cloud
Partnership with Europe’s biggest retailer will offer client-side encryption and ensure data doesn’t leave Germany Continue Reading
-
E-Zine
14 Nov 2024
CW APAC – Trend Watch: Modernising security operations
Organisations everywhere know the risks of cyber security complacency. In this handbook, focused on modernising security operations in the Asia-Pacific region, Computer Weekly looks at how Australia is bolstering its defences, Splunk and Cisco’s integration, and Palo Alto Networks’ ‘precision AI’. Continue Reading
-
14 Nov 2024
How Kaspersky is driving growth in APAC
Kaspersky is leveraging its threat intelligence capabilities and local market knowledge to navigate geopolitical tensions and expand its footprint across the Asia-Pacific region Continue Reading
-
14 Nov 2024
Reinventing security operations for the modern threat landscape
Organisations must modernise their security operations to fortify their defences and navigate the evolving threat landscape Continue Reading
-
News
14 Nov 2024
Williams Racing F1 team supports kids cyber campaign
A multi-region campaign will teach pre-teen children cyber security basics – with a little help from Formula 1 star Alex Albon Continue Reading
-
News
14 Nov 2024
MPs hold first ever debate on live facial recognition
MPs have held an open debate on police use of live facial recognition technology for the first time since it was initially deployed by the Met Police in August 2016 Continue Reading
-
News
14 Nov 2024
Ping CEO on ForgeRock integration and future of identity
Ping Identity CEO Andre Durand discusses the company’s unified roadmap, commitment to customer stability and growth plans in the evolving identity landscape following the merger with ForgeRock Continue Reading
-
News
13 Nov 2024
China’s Volt Typhoon rebuilds botnet in wake of takedown
Nine months after its malicious botnet comprising legacy routers was disrupted by the Americans, Chinese APT Volt Typhoon is rebuilding and presents as persistent a threat as ever Continue Reading
-
News
13 Nov 2024
Ex-boxer fights US government over legality of Sky ECC cryptophone intercepts
Lawyers for former heavyweight boxer Goran Gogic argue that US prosecutors’ reliance on messages obtained by a European police hacking operation into the SKY ECC encrypted phone network breaches the US constitution Continue Reading
-
Video
13 Nov 2024
An explanation of ethical hackers
Ethical hackers protect businesses by identifying vulnerabilities. They use the same techniques as malicious hackers, but for the greater good. Continue Reading
-
News
12 Nov 2024
Microsoft fixes 89 CVEs on penultimate Patch Tuesday of 2024
High-profile vulns in NTLM, Windows Task Scheduler, Active Directory Certificate Services and Microsoft Exchange Server should be prioritised from November’s Patch Tuesday update Continue Reading
-
News
12 Nov 2024
Zero-day exploits increasingly sought out by attackers
Threat actors increasingly favour zero-day exploits to attack their victims before patches become available, according to the NCSC and CISA, which have just published a list of the most widely used vulnerabilities of 2023 Continue Reading
-
News
12 Nov 2024
More data stolen in 2023 MOVEit attacks comes to light
Over a year since the infamous MOVEit Transfer cyber attacks affected thousands of organisations, more new victims have come to light after an anonymous threat actor leaked their data on the dark web Continue Reading
-
Opinion
12 Nov 2024
Strengthening cyber: Best IAM practices to combat threats
The Security Think Tank considers best practices in identity and access management and how can they be deployed to enable IT departments to combat cyber-attacks, phishing attacks and ransomware Continue Reading
-
Blog Post
12 Nov 2024
How To "Vawlt" Superclouds
For those of us in the Northern Hemisphere, it might appear to be the season of autumn approaching winter but, for me, it’s been very much the vaulting, or vawlting season. Note – this has nothing ... Continue Reading
-
News
12 Nov 2024
Police cloud project raises data protection concerns despite legal reforms
Ongoing data protection issues with the use of hyperscale public cloud infrastructure by UK police could complicate the ambitions of nine forces to move their common records management system into the cloud Continue Reading
-
News
12 Nov 2024
How quantum computing could reshape financial services
Experts at the Singapore FinTech Festival predict quantum computing will improve risk management, investment strategies and fraud detection in the financial sector, while also posing new challenges for data security Continue Reading
-
E-Zine
12 Nov 2024
Innovating with weather data at the Met Office
In this week’s Computer Weekly, we find out how the Met Office is using its vast stores of weather data to create innovative new products. Our latest buyer’s guide looks into identity and access management systems. And we examine the geopolitical threats that could curb the openness of open source. Read the issue now. Continue Reading
-
11 Nov 2024
IAM: Enterprises face a long, hard road to improve
Poor identity and access management puts enterprise data at risk, but the path to stronger IAM remains complex Continue Reading
-
News
11 Nov 2024
Fresh concerns over NHS England registries procurement
Clinicians and technologists behind a number of medical devices registries being brought together by NHS England on a new common platform have accused the health service of flouting public sector procurement regulations Continue Reading
-
Feature
11 Nov 2024
IAM: Enterprises face a long, hard road to improve
Poor identity and access management puts enterprise data at risk, but the path to stronger IAM remains complex Continue Reading
-
Video
08 Nov 2024
An explanation of ransomware
Ransomware encrypts data and demands payment for release. Protect yourself by backing up data, updating software and avoiding suspicious links. Continue Reading
-
News
08 Nov 2024
ESET shines light on cyber criminal RedLine empire
ESET publishes fresh data on the inner workings of the RedLine Stealer malware empire, which was taken down at the end of October Continue Reading
-
Feature
08 Nov 2024
Beyond VPNs: The future of secure remote connectivity
As more companies adopt cloud services and remote work, the limitations of VPNs are becoming obvious. We explore what’s next for secure remote connectivity Continue Reading
-
Feature
08 Nov 2024
What are the security risks of bring your own AI?
The rise of generative AI has led to a plethora of publicly accessible artificial intelligence tools, but what are the risks when external AI tools are used with corporate data? Continue Reading
-
News
07 Nov 2024
Google Cloud MFA enforcement meets with approval
Latest Google Cloud policy to enforce multifactor authentication across its user base is welcomed by security professionals Continue Reading
-
News
07 Nov 2024
AI a force multiplier for the bad guys, say cyber pros
CIISec’s annual report on the security profession finds evidence of growing concern that artificial intelligence will ultimately prove more useful to threat actors than defenders Continue Reading
-
News
07 Nov 2024
Interview: Petra Molnar, author of ‘The walls have eyes’
Refugee lawyer and author Petra Molnar speaks to Computer Weekly about the extreme violence people on the move face at borders across the world, and how increasingly hostile anti-immigrant politics is being enabled and reinforced by a ‘lucrative panopticon’ of surveillance technologies Continue Reading
-
News
06 Nov 2024
UK government launches AI assurance platform for enterprises
The platform is designed to drive demand for the UK’s artificial intelligence assurance sector and help build greater trust in the technology by helping businesses identify and mitigate a range of AI-related risks Continue Reading
-
News
06 Nov 2024
Lords shoplifting inquiry calls for facial recognition laws
A Lords committee has expressed concern about the use of facial recognition technology by retailers to combat shoplifting, and is calling on the government to introduce new laws to ensure there are minimum standards for their deployments Continue Reading
-
News
06 Nov 2024
Starmer announces tech-enabled crackdown on people smuggling
The UK government has announced a further £75m of funding for its Border Security Command, meaning it will now have £150m over two years to spend on new technologies and staff Continue Reading
-
News
05 Nov 2024
Post Office data breach caused by botched website upgrade
Data breach exposed personal details of the hundreds of former subpostmasters who had defeated the Post Office in the High Court Continue Reading
-
Opinion
05 Nov 2024
User-centric security should be core to cloud IAM practice
The Security Think Tank considers best practices in identity and access management and how can they be deployed to enable IT departments to combat cyber-attacks, phishing attacks and ransomware Continue Reading
-
05 Nov 2024
Data bill will boost NHS and police access to data, says government
The Data Use and Access Bill will pave the way for sharing medical records across the NHS and give police the ability to access databases without having to manually log the reasons for their use Continue Reading
-
E-Zine
05 Nov 2024
Data bill aims to boost police and NHS productivity
In this week’s Computer Weekly, the government’s new data bill promises to improve productivity and efficiency for the NHS and police, but will it ensure privacy as well? We talk to Dell’s global CTO about how the IT giant sees the AI boom playing out. And we examine which industries stand to benefit most from the collaboration opportunities of virtual reality. Read the issue now. Continue Reading
-
Feature
04 Nov 2024
Virtual collaboration within and across industries – promises and challenges
New technologies enable intuitive and realistic visual and auditory landscapes that put users within applications. We look at which industries will likely illustrate the impact of virtual collaboration in commercial environments Continue Reading
-
News
01 Nov 2024
CISA looks to global collaboration as fraught US election begins
The US' CISA cyber agency has unveiled a two-year International Strategic Plan to advance collaboration and improve resilience against shared risks and threats Continue Reading
-
Definition
01 Nov 2024
What is unified threat management (UTM)?
Unified threat management (UTM) is an information security system that provides a single point of protection against cyberthreats, including viruses, worms, spyware and other malware, as well as network attacks. Continue Reading
-
News
01 Nov 2024
Bank of England warns against AI ‘complacency’
UK financial services regulator wants to increase understanding of AI’s benefits and how firms are managing the risks it poses, as take-up grows and use cases increase Continue Reading
-
Blog Post
01 Nov 2024
The network is dead - long live the network
It’s been a good week for "reinventing networking" conversations. And not before time – I mean, look at all the changes we’ve seen in IT in the past decade, from data types and scale thereof, ... Continue Reading
-
Blog Post
01 Nov 2024
Linux enters the cold war
The news that the Linux Foundation has removed Russian software developers from the Linux kernel maintainers mailing list is something that is sending shockwaves through the LInux community. While ... Continue Reading
-
Definition
31 Oct 2024
What is face detection and how does it work?
Face detection, also called facial detection, is a computer technology that identifies human faces in digital images and video. Continue Reading
-
News
30 Oct 2024
RedLine, Meta malwares meet their demise at hands of Dutch cops
A multinational action led by authorities in the Netherlands has resulted in the takedown of the notorious RedLine and Meta infostealer malwares Continue Reading
-
Opinion
30 Oct 2024
IAM best practices for cloud environments to combat cyber attacks
The Security Think Tank considers best practices in identity and access management and how can they be deployed to enable IT departments to combat cyber-attacks, phishing attacks and ransomware Continue Reading
-
News
30 Oct 2024
Why geopolitics risks global open source collaborations
Linux Foundation’s decision to ban Russian maintainers has the potential to destroy open source’s global collaboration model Continue Reading
-
News
29 Oct 2024
EMEA businesses siphoning budgets to hit NIS2 goals
With NIS2 now in effect, European business leaders are having to divert budget from elsewhere to achieve compliance Continue Reading
-
News
28 Oct 2024
Russian Linux kernel maintainers blocked
To ensure compliance, the Linux kernel will no longer allow Russian software developers to work on maintaining the codebase Continue Reading
-
News
28 Oct 2024
UK launches cyber guidance package for tech startups
The NCSC and NPSA, alongside agencies from the Five Eyes alliance, have issued guidance for startups on how to secure themselves against common cyber threats and targeted industrial espionage Continue Reading
-
Definition
28 Oct 2024
What is two-factor authentication (2FA)?
Two-factor authentication (2FA), sometimes referred to as two-step verification or dual-factor authentication, is a security process in which users provide two different authentication factors to verify themselves. Continue Reading
-
News
28 Oct 2024
Inside Google Cloud’s secure AI framework
Google Cloud’s secure AI framework that’s integrated into its Vertex AI platform offers practical tools and guidance to manage the lifecycle, data governance and operational risks of AI Continue Reading
-
News
28 Oct 2024
How Manulife is empowering sales and call centre agents with AI
Canadian insurance giant is leveraging generative AI to personalise customer experiences, transform contact centre workflows and automate underwriting processes Continue Reading
-
News
25 Oct 2024
Dutch critical infrastructure at risk despite high leadership confidence
Stark paradox in Dutch cyber security landscape has business leaders expressing high confidence in their IT infrastructure as cyber attacks rise Continue Reading
-
News
25 Oct 2024
How Infoblox is tackling multicloud complexity and boosting security
Infoblox CEO Scott Harrell discusses the company’s new Universal DDI service designed to address the growing challenges of managing network security in hybrid IT environments Continue Reading
-
News
24 Oct 2024
Data bill will boost NHS and police access to data, says government
The Data Use and Access Bill will pave the way for sharing medical records across the NHS and give police the ability to access databases without having to manually log the reasons for their use Continue Reading
-
Blog Post
24 Oct 2024
Aryaka's Sassy Additions - The SASE Bandwagon Continues To Gather Pace Five Years On...
I’ve talked a lot about SASE in this ‘ere blog, including the SASE Network Scorecard I developed earlier in the year. For those who didn’t see that, here’s an example of one vendor completing it: ... Continue Reading
-
News
24 Oct 2024
Prudential taps AI to improve health insurance experience
Insurance giant Prudential teams up with Google Cloud to streamline claims processing, personalise healthcare journeys and improve health outcomes Continue Reading
-
News
23 Oct 2024
Government hails Cyber Essentials success
Scheme to help keep organisations’ IT safe and secure has given businesses more confidence they won’t fall victim to a cyber attack Continue Reading
-
Feature
23 Oct 2024
Detect ransomware in storage to act before it spreads
Anomaly detection and immutable copies can be frontline tools against ransomware – we look at the role storage can play against the latest techniques employed by ransomware gangs Continue Reading
-
News
23 Oct 2024
ServiceNow touts Now platform as AI engine for transformation
At the ServiceNow World Forum in Melbourne, company executives touted the transformative power of AI in streamlining workflows, improving user experiences and driving business value Continue Reading
-
News
23 Oct 2024
Democracy campaigner to sue Saudi Arabia over Pegasus and QuaDream spyware in UK court
Pro-democracy campaigner Yahya Assiri given permission to file legal action in London court against Saudi Arabia over its use of Israeli spyware Continue Reading
-
News
22 Oct 2024
Danish government reboots cyber security council amid AI expansion
Denmark’s government relaunches digital security initiative to protect business sectors and society at large Continue Reading
-
News
22 Oct 2024
Labour’s 10-year health service plan will open up data sharing
To save the health service, Labour is focusing on bolstering the NHS app and enabling greater sharing of patient records in England Continue Reading
-
News
21 Oct 2024
Can AI be secure? Experts discuss emerging threats and AI safety
International cyber security experts call for global cooperation and proactive strategies to address the security challenges posed by artificial intelligence Continue Reading
-
Definition
17 Oct 2024
What is tailgating (piggybacking)?
Tailgating, sometimes referred to as piggybacking, is a type of physical security breach in which an unauthorized person follows an authorized individual to enter secured premises while avoiding detection by an electronic or human access control (or alarm) system. Continue Reading
-
News
17 Oct 2024
NCSC chief warns of gap in cyber threats and defence capabilities
The UK and its allies must take collective action to improve their cyber resilience and repel the increasing volume of severe cyber attacks, says NCSC chief Continue Reading
-
News
17 Oct 2024
EU cyber security bill NIS2 hits compliance deadline
The EU’s NIS2 bill will harmonise how companies and member states approach cyber security, but its success will depend on how well it is implemented and enforced Continue Reading
-
Opinion
17 Oct 2024
Preparing for disruptions to enterprise application ecosystems
From undersea cable sabotage to AI deepfakes and restrictive regulations, modern applications face a barrage of threats. Organisations must prioritise resilience by diversifying infrastructure, investing in cyber security, and embracing sustainable practices to ensure business continuity Continue Reading
-
Feature
16 Oct 2024
How to build an incident response plan, with examples, template
With cyberthreats and security incidents growing by the day, every organization needs a solid incident response plan. Learn how to create one for your company. Continue Reading
-
News
16 Oct 2024
Cato further expands SASE platform for ‘complete’ UK delivery
Secure access service edge platform gains digital experience monitoring capability so enterprises can monitor user experiences and fix them online or in private datacentres Continue Reading
-
News
15 Oct 2024
NCSC expands school cyber service to academies and private schools
The National Cyber Security Centre is expanding its PDNS for Schools service to encompass a wider variety of institutions up and down the UK Continue Reading
-
Feature
15 Oct 2024
Reinventing security operations for the modern threat landscape
The growing pace of digital transformation has opened new avenues for attackers, making traditional security measures obsolete. Organisations must modernise their security operations to fortify their defences and navigate the evolving threat landscape Continue Reading
-
News
15 Oct 2024
Telefónica and Halotech integrate post-quantum encryption into IoT devices
Leading global telco implements state-of-the-art cyber security through internet of things managed connectivity platform allowing devices to be controlled and monitored in real time and remotely Continue Reading
-
News
14 Oct 2024
How Zoom is charting its course towards an AI-first platform
Zoom CEO Eric Yuan talks up his vision for the future of work, the company's transition to an AI-powered platform and what it is doing to stay ahead of rivals Continue Reading
-
Opinion
11 Oct 2024
Robust cloud IAM should align to zero-trust principles
The Security Think Tank considers best practices in identity and access management and how can they be deployed to enable IT departments to combat cyber-attacks, phishing attacks and ransomware. Continue Reading
-
News
11 Oct 2024
NFL and Cisco gain yardage with network and security partnership
Cisco scores contract extension with US sports body NFL to connect and protect 2024 roster of International Games in the UK, Germany, Brazil and Spain in 2025 Continue Reading
-
Definition
11 Oct 2024
What is the Mitre ATT&CK framework?
The Mitre ATT&CK -- pronounced miter attack -- framework is a free, globally accessible knowledge base that describes the latest behaviors and tactics of cyberadversaries to help organizations strengthen their cybersecurity strategies. Continue Reading
-
News
10 Oct 2024
NCSC issues fresh alert over wave of Cozy Bear activity
The NCSC, FBI and NSA publish updated warning about Cozy Bear’s activities, highlighting a range of vulnerabilities the threat actor is using to set up its cyber attacks Continue Reading
-
Definition
10 Oct 2024
What is threat intelligence?
Threat intelligence, also known as cyberthreat intelligence, is information gathered from a range of sources about current or potential attacks against an organization. Continue Reading
-
News
10 Oct 2024
Government launches cyber standard for local authorities
Local government bodies are being invited to take advantage of a new NCSC-derived Cyber Assessment Framework to help enhance their resilience and ward off cyber attacks Continue Reading
-
News
10 Oct 2024
Internet Archive web historians target of hacktivist cyber attack
The Internet Archive nonprofit digital library and Wayback Machine operator has been attacked by pro-Palestinian hacktivists Continue Reading
-
News
10 Oct 2024
How Recorded Future finds ransomware victims before they get hit
Threat intel specialists at Recorded Future have shared details of newly developed techniques they are using to disrupt Rhysida ransomware attacks before the gang even has a chance to execute them Continue Reading
-
News
10 Oct 2024
UK and US pledge closer working on children’s online safety
In their first agreement on the subject of children’s online safety, the UK and US governments have said they will create a new working group to boost cooperation Continue Reading
-
News
10 Oct 2024
Australia bolsters cyber defences with security bill
Legislation tackles IoT security and establishes a Cyber Incident Review Board to bolster Australia’s cyber resilience Continue Reading
-
Blog Post
10 Oct 2024
The Complexities Of Reinventing The Mainframe “Easy Life”
Just got back from a Commvault event in London (where I saw more people in 10 seconds than I do in a month in Devon!) which also gave me the opp to catch-up with old PR mate Ben Ralph. In between ... Continue Reading
-
News
09 Oct 2024
MoneyGram customer data breached in attack
MoneyGram confirms that customer data has been stolen in an incident that appears to have started with a social engineering attack on its IT helpdesk staff Continue Reading
-
News
09 Oct 2024
Five zero-days to be fixed on October Patch Tuesday
Stand-out vulnerabilities in Microsoft’s latest Patch Tuesday drop include problems in Microsoft Management Console and the Windows MSHTML Platform Continue Reading
-
Definition
09 Oct 2024
What is OPSEC (operations security)?
OPSEC (operations security) is an analytical process that military, law enforcement, government and private organizations use to prevent sensitive or proprietary information from being accessed inappropriately. Continue Reading
-
News
09 Oct 2024
UK Cyber Team seeks future security professionals
Young people from across the UK have a chance to represent the country in international competitions and advance their future careers in cyber security Continue Reading
-
News
08 Oct 2024
Secureworks: Ransomware takedowns didn’t put off cyber criminals
The number of active cyber criminal ransomware gangs has surged by almost a third in the space of 12 months, according to the latest intelligence from Secureworks Continue Reading
-
News
08 Oct 2024
UK’s cyber incident reporting law to move forward in 2025
The UK government says that enforced cyber incident and ransomware reporting for critical sectors of the economy will help to build a better picture of the threat landscape and enable more proactive and preventative responses Continue Reading