News

Privacy and data protection

• February 22, 2017 22 Feb'17

  Microsoft issues critical patches but not for zero days

  After missing the monthly security update for 14 February, Microsoft has issued some patches but not for zero-day vulnerabilities despite the availability of exploit code

• February 17, 2017 17 Feb'17

  RSAC17: Geopolitical changes driving encryption usage, survey shows

  More organisations are planning to deploy encryption in response to geopolitical changes, but confidence in organisations’ ability to secure and protect encryption is low, a survey shows

• February 15, 2017 15 Feb'17

  RSAC17: Infosec pros must help create business-driven security, says RSA CTO

  The inability to draw connections between security details and business metrics is one of the biggest challenges facing most companies, according to RSA CTO Zulfikar Ramzan

• February 14, 2017 14 Feb'17

  Major DDoS attacks see huge increase, says Akamai

  Akamai’s State of the Internet/Security Report for the fourth quarter of 2016 finds that distributed denial of service attacks larger than 100Gbps are rapidly increasing as more IoT devices are compromised

• February 08, 2017 08 Feb'17

  How a Dublin court case could derail EU-US data privacy agreements

  The Irish Commercial Court will consider whether privacy protection offered by standard contractual clauses for data transfers to the US from Europe is legally valid

• February 08, 2017 08 Feb'17

  NHS websites defaced by Tunisian Islamist hacktivists

  Another series of pro-Islamic State hacktivist attacks on NHS websites has underlined the need to harden websites and keep software up to date as attackers exploit a vulnerability in WordPress

• February 06, 2017 06 Feb'17

  Google to appeal against order to hand over foreign emails

  UK firms urged to consider the risks of non-UK cloud service providers and to encrypt data in the light of another US warrant to access emails held by a US cloud services firm on non-US servers

• January 31, 2017 31 Jan'17

  Data breach costs exceed 20% of revenue

  The cost of data breaches topped 20% of revenue in the past year as cyber attacks became more sophisticated and defenders struggled to keep pace, the latest Cisco security report shows

• January 26, 2017 26 Jan'17

  Facebook ups security with Fido U2F two-factor authentication

  Social media giant is enabling users to increase the security of their logins with Fido U2F USB security keys

• January 26, 2017 26 Jan'17

  Security spending leaving data vulnerable, study finds

  Cyber breaches are increasing despite increased security spending, a study shows, highlighting that security investment decisions are not aligned with actual cyber threats

• January 26, 2017 26 Jan'17

  Microsoft’s cloud privacy battle may go to US Supreme Court

  The US Department of Justice is considering going to the Supreme Court after an appeals court refused to revisit its July 2016 landmark ruling blocking government access to Microsoft servers in Ireland

• January 20, 2017 20 Jan'17

  Lords ‘deeply concerned’ about Digital Economy Bill data-sharing clauses

  Digital Economy Bill comes under fire again for its data-sharing principles, this time from the House of Lords Delegated Powers Committee

• January 13, 2017 13 Jan'17

  Davos: Technology poses new risks to jobs, economies and society

  Politicians and business leaders will discuss the risks posed by technology to jobs, political stability and cyber security at the World Economic Forum in Davos

• January 12, 2017 12 Jan'17

  TechUK launches framework to build public trust in the IoT

  Tech sector association techUK wants to help overcome public distrust in the internet of things

• January 12, 2017 12 Jan'17

  Flawed GoDaddy security certificates show need for control

  Vulnerabilities in digital security certificates highlight the need for organisations to be able to exercise more control over those certificates

• January 10, 2017 10 Jan'17

  Cyber security scare stories could sharpen focus at banks

  There are continual cyber attacks on banks, and although most are repelled, there is significant room for improvement

• January 05, 2017 05 Jan'17

  UK youngsters unwittingly exposing private data

  The UK children's commissioner has called for better support for child privacy after study shows most are unknowingly agreeing to share private data

• January 04, 2017 04 Jan'17

  Flight booking systems easy to hack, researchers warn

  Malicious actors could infiltrate systems to alter passenger information and even cancel bookings, Chaos Communications Congress told

• December 21, 2016 21 Dec'16

  European court delivers blow to Snoopers’ Charter

  Parts of the controversial Investigatory Powers Act relating to the bulk collection of communications data have been ruled unlawful by the European Court of Justice

• December 21, 2016 21 Dec'16

  Top 10 IT security stories of 2016

  Here are Computer Weekly’s top 10 IT security stories of 2016:

• December 20, 2016 20 Dec'16

  Top 10 cyber crime stories of 2016

  Here are Computer Weekly’s top 10 cyber crime stories of 2016:

• December 15, 2016 15 Dec'16

  Typo allowed Russian hackers to access US Democratic Party emails

  Typographical mistake in an email warning of a phishing attack on the US Democrats led to thousands of private emails being accessed and published by Russian-backed hackers

• December 08, 2016 08 Dec'16

  PowerShell security threats greater than ever, researchers warn

  Administrators should upgrade to the latest version of Microsoft PowerShell and enable extended logging and monitoring capabilities in the light of a surge in related security threats, warn researchers

• December 08, 2016 08 Dec'16

  More than 2,000 TalkTalk routers hijacked by Mirai botnet variant

  Security researchers are urging ISPs to issue emergency patches for Marai botnet infections after 2,374 TalkTalk routers were linked in a regional botnet

• December 06, 2016 06 Dec'16

  UK falls below global cyber security confidence

  Global confidence in ability to accurately assess cyber risk has fallen in the past year, but the UK has fallen below the global average

• December 05, 2016 05 Dec'16

  Top 10 ANZ enterprise IT stories of 2016

  Here is a rundown of Computer Weekly’s most popular ANZ enterprise IT articles for 2016

• December 02, 2016 02 Dec'16

  Academics link payment card vulnerability to Tesco Bank cyber heist

  UK academics uncover a vulnerability in online payment systems, which they say could have been used in the Tesco Bank cyber heist

• December 01, 2016 01 Dec'16

  US and UK government expand surveillance powers

  The US has introduced wide new hacking powers for federal agents a day after the UK's Investigatory Powers Act firmed up bulk surveillance powers for intelligence and polices services

• December 01, 2016 01 Dec'16

  Mozilla and Tor issue patches for Firefox flaw exposing Tor users

  Users of Tor anonymous browsing urged to update to the latest versions of relevant software to block an exploit that collects IP and MAC addresses to identify users

• November 28, 2016 28 Nov'16

  IBM blamed for Australian census website crash

  Computer giant reportedly pays $30m to Australian government as reports are released from two inquiries into DDoS attacks on census website

• November 25, 2016 25 Nov'16

  One in four Wi-Fi hotspots vulnerable to attack, study finds

  At least one in four Wi-Fi hotspots are open to attack, a study by Kaspersky Lab reveals

• November 22, 2016 22 Nov'16

  Consumer identity key to digital transformation

  Customer identity and access management has benefits for consumers and service providers alike, but is key to digital transformation, says KuppingerCole

• November 22, 2016 22 Nov'16

  Alleged hacker Lauri Love’s ‘life will be destroyed’ under Trump regime

  Supporters fear for activist Lauri Love if his extradition to face hacking charges to the US goes ahead

• November 18, 2016 18 Nov'16

  Three breach highlights several security issues, says (ISC)2

  Customer data breaches continue to demonstrate that companies are still not treating cyber risk like every other business risk, says Adrian Davis of (ISC)2

• November 18, 2016 18 Nov'16

  Hackers arrested in Three mobile upgrade scam

  Three men arrested in connection with mobile handset upgrade fraud enabled by unauthorised access to customer data

• November 16, 2016 16 Nov'16

  Digital transformation not a finite process, says Martin Kuppinger

  Security, privacy and identity are key to digital transformation, which is an evolutionary process, according to Martin Kuppinger

• November 16, 2016 16 Nov'16

  Government data security confusing, finds PAC

  A Public Accounts Committee hearing shows the government’s data and cyber security landscape is chaotic and confusing

• November 15, 2016 15 Nov'16

  Online identity needs to be fixed, says Microsoft’s Kim Cameron

  Software giant’s identity architect calls on enterprises to professionalise the way they relate to customers to help replace online identity infrastructure that is not fit for purpose

• November 15, 2016 15 Nov'16

  Amber Rudd orders Lauri Love extradition to US to face hacking charges

  Engineering student Lauri Love faces trials in three US states and a possible 99-year jail sentence for allegedly hacking into US government computer systems as part of a political protest, despite concerns over his health

• November 14, 2016 14 Nov'16

  412 million user accounts exposed in FriendFinder Networks hack

  Another huge data breach has exposed poor security of user details and continued poor user password practices

• November 11, 2016 11 Nov'16

  Russian banks hit by IoT-enabled DDoS attacks

  DDoS attacks on Russian banks have been linked to IoT botnets, further confirming this worrying trend and highlighting the need for IoT suppliers to improve security capabilties

• November 11, 2016 11 Nov'16

  24 cyber criminals arrested in Europol operation

  Romanian police arrest 24 members of a card skimming and cloning operation and identify 47 other suspects

• November 02, 2016 02 Nov'16

  Pure-play cyber security has real value, says incoming McAfee head

  Intel Security has outlined its strategy to protect the new digital economy as it gears up for innovation as a new independent pure-play security firm under the McAfee banner

• October 28, 2016 28 Oct'16

  Apple iCloud and Gmail hacker gets 18 months in jail

  A US man is given a sentence of 18 months in jail for hacking into celebrity iCloud and Gmail accounts after investigators failed to find a link with the leak of celebrity nude photos online in 2014

• October 27, 2016 27 Oct'16

  Information security set for steep trajectory, says (ISC)2

  By helping to create a thriving, diverse and open information security community, (ISC)2 hopes to ensure a steep rise for the profession

• October 20, 2016 20 Oct'16

  Lessons to be learned from attempted $1bn bank heist

  Analysis of an attack aimed at stealing $1bn reveals important lessons for cyber defenders, says BAE Systems head of threat intelligence Adrian Nish

• October 20, 2016 20 Oct'16

  Armed forces minister wants military recruiters to "think different" to attract cyber security pros

  Armed Forces minister Mike Penning says military must rethink how it recruits trainees to attract people with the cyber security skills the country needs to protect itself

• October 19, 2016 19 Oct'16

  Snowden: the IT analyst turned whistleblower who exposed mass surveillance

  Oliver Stone's biopic on Edward Snowden reaches the heart of the ethical crisis posed by mass surveillance for the state and ordinary citizens

• October 19, 2016 19 Oct'16

  Information security needs to cast recruitment net wider, says panel

  Companies struggling to fill info sec roles should focus on finding people who can do what they need, not on qualifications, according to a security industry panel

• October 18, 2016 18 Oct'16

  Saving Lauri Love: activists plan their next move

  An eclectic bunch of activists, charity workers and reformed hackers spent a rainy Sunday afternoon plotting their next move in a campaign to save Lauri Love from extradition to the US on hacking charges