Application security and coding requirements
-
News
18 Dec 2024
Top 10 cyber security stories of 2024
Data breaches, data privacy and protection, and the thorny issue of open source security were all hot topics this year. Meanwhile, security companies frequently found themselves hitting the headlines, and not always for good reasons. Here are Computer Weekly's top 10 cyber security stories of 2024 Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
12 Dec 2024
CISOs: Don’t rely solely on technical defences in 2025
From Covid-19 to war in Ukraine, SolarWinds Sunburst, Kaseya, Log4j, MOVEit and more, the past five years brought cyber to mainstream attention, but what comes next? The Computer Weekly Security Think Tank looks ahead to the second half of the 2020s Continue Reading
-
News
22 Feb 2024
Inside LockBit: A ransomware gang in decline?
The LockBit ransomware gang was already on the ropes prior to the NCA-led takedown, according to security researchers Continue Reading
By- Alex Scroxton, Security Editor
-
News
21 Feb 2024
CVE volumes set to increase 25% this year
The number of reported Common Vulnerabilities and Exposures is likely to grow significantly in 2024, hitting a new high of almost 35,000, according to Coalition, a cyber insurance specialist Continue Reading
By- Alex Scroxton, Security Editor
-
News
15 Feb 2024
Security-by-design push prompts new ISC2 accreditations
Security-by-design has become a hot-button regulatory issue. ISC2 has decided now is the time to upskill cyber pros around these vital software and hardware development principles Continue Reading
By- Alex Scroxton, Security Editor
-
News
14 Feb 2024
Microsoft: Nation-state hackers are exploiting ChatGPT
Threat actors from China, Iran, North Korea and Russia have all been probing use cases for generative AI service ChatGPT, but have yet to use such tools in a full-blown cyber attack Continue Reading
By- Alex Scroxton, Security Editor
-
News
14 Feb 2024
Microsoft patches two zero-days for Valentine’s Day
Two security feature bypasses impacting Microsoft SmartScreen are on the February Patch Tuesday docket, among more than 70 issues Continue Reading
By- Alex Scroxton, Security Editor
-
News
13 Feb 2024
New variants of Qakbot malware under development
Despite its infrastructure having been taken down by the FBI last year, someone appears to be actively working on a new and improved version of the infamous Qakbot malware Continue Reading
By- Alex Scroxton, Security Editor
-
News
13 Feb 2024
Hunter-killer malware volumes seen surging
Latest Picus Security report on malware tactics, techniques and procedures reveals an increasing focus on disabling security defences Continue Reading
By- Alex Scroxton, Security Editor
-
News
09 Feb 2024
MoD ethical hacking programme expands after initial success
The Ministry of Defence has expanded the scope of its defensive security partnership with HackerOne Continue Reading
By- Alex Scroxton, Security Editor
-
News
01 Feb 2024
Defra legacy IT: 180 applications refreshed, over 1,500 remain
The Department for Environment, Food and Rural Affairs has a 10-year plan to update technology. So far, 180 have been replaced or updated Continue Reading
By- Cliff Saran, Managing Editor
-
Blog Post
31 Jan 2024
Low Code Hits New High - Results Of A New Survey
Had a really interesting conversation the other day with Adrian Bignall, he who is in charge of International Sales at Evoke Technologies. Evoke is a rather large tech consultancy that only ... Continue Reading
By- Steve Broadhead, Broadband Testing
-
News
25 Jan 2024
Bugcrowd sees surge in vulnerability submissions, led by public sector
Crowdsourced vulnerability disclosure and bug bounty platform Bugcrowd says it saw a 151% uptick in submissions related to government and public sector organisations in 2023 Continue Reading
By- Alex Scroxton, Security Editor
-
News
24 Jan 2024
WebKit vulnerability sparks Apple’s first major security update of 2024
A zero-day in the open source WebKit browser engine that powers Safari has sparked Apple’s first major patch roll-out of the new year Continue Reading
By- Alex Scroxton, Security Editor
-
News
24 Jan 2024
Inside Cisco’s security platform strategy
Raj Chopra, senior vice-president of Cisco’s security business, outlines the company’s security platform strategy and how it brought different products together into a single platform Continue Reading
By- Aaron Tan, TechTarget
-
News
24 Jan 2024
Critical vulnerability exposes Fortra GoAnywhere users
Fortra GoAnywhere MFT users must take steps to address a newly disclosed zero-day vulnerability without delay Continue Reading
By- Alex Scroxton, Security Editor
-
News
24 Jan 2024
Salesforce’s bug bounty programme paid out $3m in 2023
Ethical hackers disclosed more than 4,000 vulnerabilities to Salesforce last year through its bug bounty programme, and received over $3m in rewards Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
18 Jan 2024
Powering up cyber security defences with AI
AI holds great promise when it comes to securing valuable, and vulnerable, data, but security teams face some challenges if they are to get the best out of it, writes IBM’s Christopher Meenan Continue Reading
By- Christopher Meenan
-
News
17 Jan 2024
Singapore proposes governance framework for generative AI
AI Verify Foundation and Infocomm Media Development Authority have proposed a governance framework for generative AI to address the risks and concerns about the emerging technology Continue Reading
By- Aaron Tan, TechTarget
-
News
16 Jan 2024
Kaspersky shares Pegasus spyware-hunting tool
Kaspersky has developed a way of easily exposing the presence of Pegasus spyware on iOS devices and believes its methodology may also help users identify other such surveillance malware Continue Reading
By- Alex Scroxton, Security Editor
-
News
11 Jan 2024
Cisco fixes high-impact flaw in unified comms platform
Cisco unified comms customers are urged to patch a critical vulnerability in Unity Connection, a messaging and voicemail product Continue Reading
By- Alex Scroxton, Security Editor
-
News
10 Jan 2024
Windows Kerberos, Hyper-V vulns among January Patch Tuesday bugs
Microsoft starts 2024 right with another slimline Patch Tuesday drop, but there are some critical vulns to be alert to, including a number of man-in-the-middle attack vectors Continue Reading
By- Alex Scroxton, Security Editor
-
News
02 Jan 2024
China’s UNC4841 pivots to new Barracuda ESG zero-day
The Chinese state threat actor behind a series of cyber attacks on Barracuda Networks customers embarked on a campaign targeting the supplier’s email security products in the run-up to Christmas Continue Reading
By- Alex Scroxton, Security Editor
-
News
21 Dec 2023
Top 10 cyber crime stories of 2023
Ransomware gangs dominated the cyber criminal underworld in 2023, a year that will prove notable for significant evolutionary trends in their tactics Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
20 Dec 2023
Zero-trust principles: Your gateway to securing remote workers
Remote working has enabled people to work from almost anywhere but has piled pressure on cyber pros. Three years after Covid, how are best practices evolving and what can we expect going forward? Continue Reading
By- Michael Healey, Turnkey Consulting
-
Opinion
20 Dec 2023
What we learned in cyber in 2023, and what to look out for
PA Consulting's Rasika Somasiri looks back at a busy 12 months in the cyber security world, and highlights some key learnings from 2023 Continue Reading
By- Rasika Somasiri
-
News
19 Dec 2023
Top 10 cyber security stories of 2023
The past 12 months have seen the security agenda dominated by the usual round of vulnerabilities, concerns over supply chain security and more besides, but it was the chaotic state of global geopolitics that really made an impact Continue Reading
By- Alex Scroxton, Security Editor
-
E-Zine
19 Dec 2023
The ransomware threat to UK critical infrastructure
In this week’s Computer Weekly, a parliamentary report warns that a lack of ransomware preparedness at the highest levels of government is leaving UK critical national infrastructure dangerously exposed – we analyse the risks. We examine how AI tools are helping to enhance cloud security. And the CTO at jewellery retailer Pandora discusses organisational change in IT. Read the issue now. Continue Reading
-
News
13 Dec 2023
Microsoft’s Christmas present for cyber teams: no zero-days
Barely 30 vulnerabilities, and no zero-days, have been fixed in the final Patch Tuesday drop of 2023 Continue Reading
By- Alex Scroxton, Security Editor
-
E-Zine
07 Dec 2023
CW EMEA: Prepare for cyber war
When the war between Hamas and Israel began in October, cyber security professionals and major government and private organisations braced for an inevitable accompanying online war. In this issue of CW EMEA, we outline cyber war, patterns of threat activity, and find out what security teams can do to protect their organisations. We also look at Finland’s advances in quantum computing, how Belgian researchers have developed technology to help datacentres process data faster, and the secrets of KPN’s successful business transformation. Read the issue now. Continue Reading
-
News
06 Dec 2023
Government launches UK-wide Cyber Explorers Cup
Schoolkids across the UK are being called on to team up and defeat Herbert the Hacker in a new government-backed competition Continue Reading
By- Alex Scroxton, Security Editor
-
E-Zine
05 Dec 2023
Technologies to support hybrid working
In this week’s Computer Weekly, our latest buyer’s guide looks at technologies to support hybrid working – even when your business is as unique as farming. We examine the new guidelines on AI cyber security published by G7 government security chiefs. And we find out how the Jaguar Formula E racing team is using digital twins to improve electric vehicle performance. Read the issue now. Continue Reading
-
News
28 Nov 2023
Volume of unique malware samples threatens to overwhelm defenders
A massive increase in malware volumes could cause problems for security teams tasked with adapting their defences against them Continue Reading
By- Alex Scroxton, Security Editor
-
News
23 Nov 2023
North Korean APTs go all in on supply chain attacks, warns NCSC
Threat actors linked to the North Korean regime are becoming more adept at targeting software supply chains in the service of their cyber attacks Continue Reading
By- Alex Scroxton, Security Editor
-
News
23 Nov 2023
Australia ups ante on cyber security
Australia’s new cyber security strategy will focus on building threat-blocking capabilities, protecting critical infrastructure and improving the cyber workforce, among other priorities Continue Reading
-
News
21 Nov 2023
The ‘application generation’ demands more from developers
The latest Cisco AppDynamics poll of consumers has identified a new breed of app user that has emerged post-pandemic Continue Reading
By- Cliff Saran, Managing Editor
-
News
15 Nov 2023
November Patch Tuesday heralds five new MS zero-days
Microsoft pushes fixes for five new zero-days in its latest monthly update Continue Reading
By- Alex Scroxton, Security Editor
-
News
15 Nov 2023
How Gigamon is making its mark in deep observability
Gigamon CEO Shane Buckley talks up the company’s ability to inspect encrypted network traffic for malicious activity, how it stands out with its deep observability capabilities and the tailwinds that are fuelling its growth Continue Reading
By- Aaron Tan, TechTarget
-
News
07 Nov 2023
Researchers ‘break’ rule designed to guard against Barracuda vulnerability
Vectra AI researchers found that a Suricata rule designed to detect exploitation of a dangerous Barracuda Email Security Gateway flaw was not entirely effective Continue Reading
By- Alex Scroxton, Security Editor
-
News
02 Nov 2023
Admins told to take action over F5 Big-IP platform flaws
Two vulnerabilities in the widely used F5 Networks Big-IP platform are now being exploited in the wild Continue Reading
By- Alex Scroxton, Security Editor
-
News
01 Nov 2023
Darktrace CEO Poppy Gustafsson on her AI Safety Summit goals
As the AI Safety Summit at Bletchley Park takes place, Computer Weekly caught up with Darktrace CEO Poppy Gustafsson to find out what one of the UK’s most prominent AI advocates wants from proceedings Continue Reading
By- Alex Scroxton, Security Editor
-
News
27 Oct 2023
Google launches bug bounties for generative AI attack scenarios
Google expands its bug bounty programme to encompass generative AI and takes steps to grow its commitment to supply chain security as it relates to the emerging technology Continue Reading
By- Alex Scroxton, Security Editor
-
News
24 Oct 2023
Cisco hackers likely taking steps to avoid identification
Cisco confirms that a drop in detections of devices compromised by two zero-days was likely the result of reactive measures taken by the threat actors to avoid discovery Continue Reading
By- Alex Scroxton, Security Editor
-
News
24 Oct 2023
Research team tricks AI chatbots into writing usable malicious code
Researchers at the University of Sheffield have demonstrated that so-called Text-to-SQL systems can be tricked into writing malicious code for use in cyber attacks Continue Reading
By- Alex Scroxton, Security Editor
-
News
24 Oct 2023
Kaspersky opens up over spyware campaign targeting its staffers
Kaspersky has shared more details of the TriangleDB spyware that was used against its own workforce by an unknown APT group Continue Reading
By- Alex Scroxton, Security Editor
-
News
23 Oct 2023
Cisco pushes update to stop exploitation of two IOS XE zero-days
Cisco releases updates to thwart exploitation of two flaws affecting users of its IOS XE software Continue Reading
By- Alex Scroxton, Security Editor
-
News
20 Oct 2023
Computer Weekly contributor named Godfather of UK Security
Advent IM founder Mike Gillespie was among those honoured at the eighth annual Security Serious Unsung Heroes Awards Continue Reading
By- Alex Scroxton, Security Editor
-
News
19 Oct 2023
Fears grow over extent of Cisco IOS XE zero-day
Researchers have identified spiking numbers of victims of a recently disclosed Cisco zero-day, as users of the networking supplier’s IOS XE software are urged to take defensive measures Continue Reading
By- Alex Scroxton, Security Editor
-
News
19 Oct 2023
Loughborough Uni to create five cyber AI research posts
Supported by Darktrace, Loughborough University is to recruit five doctoral researchers focusing on cross-disciplinary research in AI and cyber security Continue Reading
By- Alex Scroxton, Security Editor
-
News
17 Oct 2023
Alert sounded over dangerous Cisco IOS XE zero-day
Cisco warns customers using its IOS XE software of a newly discovered vulnerability that could enable a threat actor to take over their systems Continue Reading
By- Alex Scroxton, Security Editor
-
News
03 Oct 2023
CIISec scores DSIT funding to expand successful CyberEPQ scheme
DSIT has committed to enhanced funding to expand CIISec’s CyberEPQ education programme after recording excellent results to date Continue Reading
By- Alex Scroxton, Security Editor
-
E-Zine
03 Oct 2023
Where next for quantum computing?
In this week’s Computer Weekly, we talk to the head of Amazon’s Braket quantum computing services about how the technology is progressing. We go behind the scenes at an ethical hacker event to find out how bug bounty programmes work. And we analyse the offerings of the major players in software-defined storage. Read the issue now. Continue Reading
-
News
28 Sep 2023
Businesses disconnected from realities of API security
Business leaders feel confident they’ve got a handle on API security, but at the same time, incidents are through the roof, according to a report Continue Reading
By- Alex Scroxton, Security Editor
-
News
28 Sep 2023
Yahoo picks Intigriti to run crowdsourced bug bounty programme
Digital media brand Yahoo is setting up a crowdsourced bug bounty programme with ethical hacking specialist Intigriti, and is reaching out to the Capture the Flag community to participate Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
25 Sep 2023
Security Think Tank: Three ways to identify the best encryption use cases
The Security Think Tank assesses the state of encryption technology, exploring topics such as cryptographic techniques, data-masking, the legal ramifications of end-to-end encryption, and the impact of quantum Continue Reading
By- Mandy Andress, Elastic
-
E-Zine
19 Sep 2023
Securing Eurovision’s online voting system against cyber attacks
In this week’s Computer Weekly, we discover how Once.net and Cloudfare defended the 2023 Eurovision Song Contest against cyber attacks. Our buyer’s guide continues to look at integrating software-as-a-service applications, with the governance of SaaS connectivity to the fore. Also, HCLTech’s Ashish Gupta relates how the company has embraced a new, pandemic-influenced, remote working model. And we find out how retail tech leaders influence their boards on transformation projects. Read the issue now. Continue Reading
-
Opinion
18 Sep 2023
Security Think Tank: A user’s guide to encryption
The Security Think Tank assesses the state of encryption technology, exploring topics such as cryptographic techniques, data-masking, the legal ramifications of end-to-end encryption, and the impact of quantum Continue Reading
By- Andrew Morris, Turnkey Consulting
-
Feature
18 Sep 2023
Simplifying cloud integrations with legacy IT
Subscription-based software is easier to integrate than traditional enterprise software, but the challenge for IT leaders is governance for SaaS connectivity Continue Reading
By- Cliff Saran, Managing Editor
- Adrian Bridgwater
-
News
14 Sep 2023
As vehicle safety regulations loom, carmakers fret over cyber risks
Global, UN-backed car safety and security regulations come into force next year, and automotive bosses say they are not only unprepared, but “swamped” by a tide of compliance and security risks Continue Reading
By- Alex Scroxton, Security Editor
-
News
13 Sep 2023
GitHub fixes race condition that could have led to ‘repojacking’
A subtle flaw in how GitHub handled repository creation and user renaming could have had serious consequences for the open source community, but has now been fixed. Learn more about how it worked Continue Reading
By- Alex Scroxton, Security Editor
-
News
13 Sep 2023
Patch Tuesday: Microsoft fixes zero-days in Word and Streaming Service
September 2023 brings a light Patch Tuesday, with two zero-days and five critical vulnerabilities listed in the latest release Continue Reading
By- Alex Scroxton, Security Editor
-
News
13 Sep 2023
Cisco tightens link between observability and security
The company's observability platform now offers a way for IT decision-makers to understand the impact of security issues Continue Reading
By- Cliff Saran, Managing Editor
-
Podcast
12 Sep 2023
Podcast: ‘Data first’ a key principle of digital transformation
Chris Gorton of Syniti says organisations should put data first during digital transformation projects, and that means getting data quality, access rights and governance right Continue Reading
By- Antony Adshead, Storage Editor
-
E-Zine
12 Sep 2023
The dangers of breaking encryption
In this week’s Computer Weekly, we detail the concerns of the BCS and other IT experts about the UK’s Online Safety Bill’s proposals to weaken end-to-end message encryption. Our buyer’s guide continues to look at the issues around integrating software-as-a-service applications, with a particular eye to the proliferation of SaaS during the Covid pandemic. Red Hat’s CEO Matt Hicks retails the company’s efforts to support generative AI. And we discover how immersive technologies can shape a brave new world of training and design. Read the issue now. Continue Reading
-
News
11 Sep 2023
Salesforce and Zoom embrace ethical hackers. You should, too
Software companies Salesforce and Zoom discuss their successful bug bounty programmes, what they learned at a recent in-person hackathon in which they participated, and why others shouldn’t be scared of hackers Continue Reading
By- Alex Scroxton, Security Editor
-
News
05 Sep 2023
Researchers find flaw in Mend.io security platform
WithSecure’s research team uncovered an authentication flaw in an application security platform developed by Mend.io, which has now been fixed Continue Reading
By- Alex Scroxton, Security Editor
-
News
01 Sep 2023
Threat actors exploiting unpatched Juniper Networks devices
A series of vulnerabilities in Juniper Networks firewalls and switches appear to be being exploited in the wild to enable remote code execution, with thousands of devices thought to be exposed Continue Reading
By- Alex Scroxton, Security Editor
-
News
30 Aug 2023
NCSC warns over possible AI prompt injection attacks
The UK’s NCSC says it sees alarming potential for so-called prompt injection attacks driven by the large language models that power AI chatbots Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
25 Aug 2023
AI and supply chain visibility key to mitigating OT security threats
Leveraging AI and maintain visibility into the security of your software supply chain are key to mitigating cyber attacks against operational technology systems Continue Reading
By- Eric Byres
-
News
22 Aug 2023
Singapore to bolster OT security capabilities
Cyber Security Agency of Singapore teams up with Dragos and the US Cybersecurity and Infrastructure Security Agency to bolster the country’s OT security capabilities Continue Reading
By- Aaron Tan, TechTarget
-
News
17 Aug 2023
Researchers demo fake airplane mode exploit that tricks iPhone users
Exploit chain that tricks a victim into believing their iOS device is offline in airplane mode when it is not could open the door to grave privacy concerns Continue Reading
By- Alex Scroxton, Security Editor
-
News
16 Aug 2023
CyberArk eyes growth beyond PAM
CyberArk is seeing exponential growth in the broader identity security market as the company expands its capabilities beyond privileged access management Continue Reading
By- Aaron Tan, TechTarget
-
News
12 Aug 2023
Datacentre management vulnerabilities leave public clouds at risk
At the annual DEF CON hacking convention, researchers from Trellix have disclosed multiple vulnerabilities in key datacentre products underpinning the world’s public cloud infrastructure Continue Reading
By- Alex Scroxton, Security Editor
-
Blog Post
12 Aug 2023
Whose needs are UK Cyber Skills policies intended to meet?
Among those businesses that do not outsource incident management, 4 in 10 (41%) are not very or not at all confidence that they would be able to deal with a cyber security breach or attack compared ... Continue Reading
By- Philip Virgo, Winsafe Ltd
-
News
10 Aug 2023
Google speeds up security update frequency for Chrome
Changes to Google’s security update policy are supposed to help close the gap in which cyber criminals can exploit n-day vulnerabilities Continue Reading
By- Alex Scroxton, Security Editor
-
News
09 Aug 2023
Microsoft addresses Office vulnerability attacked by Russian spooks in latest update
Microsoft has issued fixes for over 70 vulnerabilities in its August Patch Tuesday drop, including remedies for CVE-2023-36884, which was disclosed without a fix in July and has been the subject of Kremlin-backed cyber attacks Continue Reading
By- Alex Scroxton, Security Editor
-
News
07 Aug 2023
Microsoft fixes Azure flaw that was subject of researcher criticism
Microsoft has confirmed a potentially-dangerous flaw in the Azure platform has now been fully fixed, and moved to reassure customers that despite criticism it is committed to responsible disclosure and timely fixes Continue Reading
By- Alex Scroxton, Security Editor
-
News
04 Aug 2023
Log4Shell, ProxyShell still among most widely exploited flaws
Statistics released by the collective Five Eyes cyber agencies reveals insight into the most exploited vulnerabilities of 2022, and unsurprisingly there are some old ‘friends’ on the list Continue Reading
By- Alex Scroxton, Security Editor
-
News
04 Aug 2023
Biden’s SBOM mandate a ‘shot heard around the world’, report says
Two years and three months after Joe Biden mandated new standards in supply chain security, over 40% of UK respondents to a survey say they have implemented new SBOM policies in direct response Continue Reading
By- Alex Scroxton, Security Editor
-
News
03 Aug 2023
Microsoft attacked over ‘grossly irresponsible’ security practice
The CEO of Tenable has launched a scathing attack on Microsoft, asserting that the organisation is deliberately keeping its Azure cloud customers in the dark about dangerous vulnerabilities and accusing it of a culture of ‘toxic obfuscation’ Continue Reading
By- Alex Scroxton, Security Editor
-
News
02 Aug 2023
Ivanti MDM users told to patch against two dangerous flaws
Users of Ivanti’s mobile device management platform have been warned to act now to patch two vulnerabilities that were chained by a threat actor in a series of cyber attacks on the Norwegian government Continue Reading
By- Alex Scroxton, Security Editor
-
News
28 Jul 2023
How Indian organisations are keeping pace with cyber security
Indian organisations are shoring up their defences to improve their cyber resilience amid intensifying cyber threats targeted at key sectors such as healthcare and logistics Continue Reading
-
News
27 Jul 2023
Ant Group teams with NTU to advance privacy-preserving technologies
The Chinese fintech giant is partnering with Singapore’s Nanyang Technological University on a cryptographic protocol that ensures the privacy of transacting parties Continue Reading
By- Aaron Tan, TechTarget
-
Opinion
19 Jul 2023
We have lift off… The opportunities and risks of generative AI
How you can use AI to benefit your business while navigating the risks Continue Reading
By- Melanie Hayes, Nash Squared, and Bill Boorman, Technology & Talent Advisor
-
News
18 Jul 2023
Critical Adobe ColdFusion flaws chained in ongoing cyber attacks
Two vulnerabilities in Adobe ColdFusion have been chained by threat actors to target victim systems, apparently after one of them was accidentally disclosed Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
17 Jul 2023
The essential role of PETs in unlocking the trillion dollar SaaS market
Ahead of the Eyes-Off Data Summit in Dublin, Jack Fitzsimons of Oblivious AI explains why so-called Privacy Enhancing Technologies or PETs may hold the key to unlocking the full potential of SaaS in the enterprise Continue Reading
By- Jack Fitzsimons, Oblivious AI
-
News
12 Jul 2023
Hackers: We won’t let artificial intelligence get the better of us
AI is changing how ethical hackers go about their work, and will continue to do so, but the community is convinced the technology will never be able to replicate the creativity of a flesh-and-blood hacker Continue Reading
By- Alex Scroxton, Security Editor
-
News
12 Jul 2023
Microsoft users on high alert over dangerous RCE zero-day
A serious RCE vulnerability in Microsoft Office and Windows is among several zero-days disclosed in Redmond’s July Patch Tuesday update, but this one does not have a patch yet Continue Reading
By- Alex Scroxton, Security Editor
-
News
11 Jul 2023
Apple pushes Rapid Response patch to fix WebKit zero-day
Apple deployed an emergency patch under its Rapid Security Response update programme, but had to temporarily suspend delivery after it caused problems for users of the Safari browser Continue Reading
By- Alex Scroxton, Security Editor
-
News
07 Jul 2023
Suspicious email reported every five seconds in UK
National Cyber Security Centre report reveals a suspicious email was reported by UK citizens and organisations every five seconds last year Continue Reading
By- Karl Flinders, Chief reporter and senior editor EMEA
-
News
07 Jul 2023
JumpCloud issues notice to customers to refresh API keys
JumpCloud has asked its customers to update their API cryptographic keys following a security incident Continue Reading
By- Cliff Saran, Managing Editor
-
News
27 Jun 2023
WithSecure forges ahead with green coding initiative
WithSecure’s W/Sustainability programme kickstarts a number of initiatives, including a commitment to green coding the security supplier hopes will set an example for others to follow Continue Reading
By- Alex Scroxton, Security Editor
-
News
23 Jun 2023
Phishing and ransomware dominate Singapore’s cyber threat landscape
Phishing and ransomware attacks continued apace in Singapore last year amid signs of improving cyber hygiene Continue Reading
By- Aaron Tan, TechTarget
-
Podcast
14 Jun 2023
Podcast: Containers, Kubernetes, data protection and compliance
Containers offer benefits to application deployment, but they proliferate, so tracking them for compliance purposes can be a challenge. We talk to Mathieu Gorge, CEO of Vigitrust Continue Reading
By- Antony Adshead, Storage Editor
-
News
14 Jun 2023
No zero-days for June Patch Tuesday, but plenty to chew over
On the face of it, Microsoft’s monthly round of updates is a lighter-than-usual load for security teams, with no zero-days in evidence, but there are still plenty of issues needing attention Continue Reading
By- Alex Scroxton, Security Editor
-
News
14 Jun 2023
Cyber attacks against APAC commerce sector surpass 1.1 billion
Retailers, hotels and travel-related organisations in the region saw over a billion cyber attacks last year amid the surge in e-commerce activity and online travel bookings Continue Reading
By- Aaron Tan, TechTarget
-
News
12 Jun 2023
Ofcom data stolen in MOVEit cyber attack
Communications regulator Ofcom says data on employees and regulated communications companies was stolen by the Clop gang Continue Reading
By- Alex Scroxton, Security Editor
-
News
12 Jun 2023
Progress Software releases patch for second MOVEit Transfer vulnerability
Progress Software releases a patch for a second MOVEit Transfer issue, which was uncovered by third-party security specialist Huntress Security during post-incident code scanning Continue Reading
By- Alex Scroxton, Security Editor
-
Feature
12 Jun 2023
Building a secure coding philosophy
A proportion of cyber security spend goes towards securing application development. Software teams are also budgeting for IT security Continue Reading
By- Cliff Saran, Managing Editor
-
News
08 Jun 2023
Vulnerability exploitation volumes up over 50% in 2022
Data from Palo Alto Networks’ Unit 42 threat intel specialists reveals insight into the scale of vulnerability exploitation in the wild Continue Reading
By- Alex Scroxton, Security Editor
-
News
08 Jun 2023
Clop may have been sitting on MOVEit vulnerability for two years
The Clop cyber extortion gang may have been keeping the MOVEit SQL injection vulnerability they used to penetrate the systems of multiple victims secret for two years Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
01 Jun 2023
Generative AI – the next biggest cyber security threat?
Following the launch of ChatGPT in November 2022, several reports have emerged that seek to determine the impact of generative AI in cyber security. Undeniably, generative AI in cyber security is a double-edged sword, but will the paradigm shift in favour of opportunity or risk? Continue Reading
By- Luke Witts