Hackers and cybercrime prevention
-
News
20 Nov 2024
Apple addresses two iPhone, Mac zero-days
Two zero-day vulnerabilities uncovered in Apple’s operating systems could have allowed for arbitrary code execution and cross-site scripting attacks Continue Reading
-
News
19 Nov 2024
AI readiness stalls in APAC
Despite significant investment in AI, only 15% of organisations in Asia-Pacific are ready to deploy the technology today, according to Cisco’s latest regional AI readiness survey Continue Reading
-
Feature
19 Nov 2024
Storage technology explained: Ransomware and storage and backup
We look at ransomware attacks, and the importance of good backup practice as well as immutable snapshots, air-gapping, network segmentation, AI anomaly detection and supplier warranties Continue Reading
-
E-Zine
19 Nov 2024
Adventures in AI at Tripadvisor
In this week’s Computer Weekly, we find out how travel site Tripadvisor is embracing AI to offer new products and services to its users. Gartner says the chance of a successful digital project is like ‘flipping a coin’ – we went to its annual IT leadership symposium to ask why. And we examine what companies must do to comply with the EU’s new NIS2 cyber security rules. Read the issue now. Continue Reading
-
Video
18 Nov 2024
An explanation of cybercrime
Cybercrime is a real and illegal threat, just like traditional crime. Learn about cybercriminals and effective prevention strategies to safeguard yourself online. Continue Reading
-
News
18 Nov 2024
UK consumers losing more than ever to holiday scams
Last Christmas, UK consumers lost over £11m to cyber criminals. This year, to save them from tears, the NCSC and Action Fraud are teaming up to launch an anti-fraud campaign Continue Reading
-
Definition
18 Nov 2024
What is a whaling attack (whaling phishing)?
A whaling attack, also known as 'whaling phishing' or a 'whaling phishing attack,' is a specific type of phishing attack that targets high-profile employees, such as the chief executive officer (CEO) or chief financial officer, to steal sensitive information from a company. Continue Reading
-
E-Zine
14 Nov 2024
CW APAC – Trend Watch: Modernising security operations
Organisations everywhere know the risks of cyber security complacency. In this handbook, focused on modernising security operations in the Asia-Pacific region, Computer Weekly looks at how Australia is bolstering its defences, Splunk and Cisco’s integration, and Palo Alto Networks’ ‘precision AI’. Continue Reading
-
14 Nov 2024
How Kaspersky is driving growth in APAC
Kaspersky is leveraging its threat intelligence capabilities and local market knowledge to navigate geopolitical tensions and expand its footprint across the Asia-Pacific region Continue Reading
-
14 Nov 2024
Reinventing security operations for the modern threat landscape
Organisations must modernise their security operations to fortify their defences and navigate the evolving threat landscape Continue Reading
-
News
14 Nov 2024
Williams Racing F1 team supports kids cyber campaign
A multi-region campaign will teach pre-teen children cyber security basics – with a little help from Formula 1 star Alex Albon Continue Reading
-
News
14 Nov 2024
Ping CEO on ForgeRock integration and future of identity
Ping Identity CEO Andre Durand discusses the company’s unified roadmap, commitment to customer stability and growth plans in the evolving identity landscape following the merger with ForgeRock Continue Reading
-
News
13 Nov 2024
China’s Volt Typhoon rebuilds botnet in wake of takedown
Nine months after its malicious botnet comprising legacy routers was disrupted by the Americans, Chinese APT Volt Typhoon is rebuilding and presents as persistent a threat as ever Continue Reading
-
News
13 Nov 2024
Ex-boxer fights US government over legality of Sky ECC cryptophone intercepts
Lawyers for former heavyweight boxer Goran Gogic argue that US prosecutors’ reliance on messages obtained by a European police hacking operation into the SKY ECC encrypted phone network breaches the US constitution Continue Reading
-
Video
13 Nov 2024
An explanation of ethical hackers
Ethical hackers protect businesses by identifying vulnerabilities. They use the same techniques as malicious hackers, but for the greater good. Continue Reading
-
News
12 Nov 2024
Microsoft fixes 89 CVEs on penultimate Patch Tuesday of 2024
High-profile vulns in NTLM, Windows Task Scheduler, Active Directory Certificate Services and Microsoft Exchange Server should be prioritised from November’s Patch Tuesday update Continue Reading
-
News
12 Nov 2024
Zero-day exploits increasingly sought out by attackers
Threat actors increasingly favour zero-day exploits to attack their victims before patches become available, according to the NCSC and CISA, which have just published a list of the most widely used vulnerabilities of 2023 Continue Reading
-
News
12 Nov 2024
More data stolen in 2023 MOVEit attacks comes to light
Over a year since the infamous MOVEit Transfer cyber attacks affected thousands of organisations, more new victims have come to light after an anonymous threat actor leaked their data on the dark web Continue Reading
-
News
12 Nov 2024
Police cloud project raises data protection concerns despite legal reforms
Ongoing data protection issues with the use of hyperscale public cloud infrastructure by UK police could complicate the ambitions of nine forces to move their common records management system into the cloud Continue Reading
-
News
12 Nov 2024
How quantum computing could reshape financial services
Experts at the Singapore FinTech Festival predict quantum computing will improve risk management, investment strategies and fraud detection in the financial sector, while also posing new challenges for data security Continue Reading
-
News
08 Nov 2024
ESET shines light on cyber criminal RedLine empire
ESET publishes fresh data on the inner workings of the RedLine Stealer malware empire, which was taken down at the end of October Continue Reading
-
News
07 Nov 2024
AI a force multiplier for the bad guys, say cyber pros
CIISec’s annual report on the security profession finds evidence of growing concern that artificial intelligence will ultimately prove more useful to threat actors than defenders Continue Reading
-
News
01 Nov 2024
CISA looks to global collaboration as fraught US election begins
The US' CISA cyber agency has unveiled a two-year International Strategic Plan to advance collaboration and improve resilience against shared risks and threats Continue Reading
-
News
30 Oct 2024
RedLine, Meta malwares meet their demise at hands of Dutch cops
A multinational action led by authorities in the Netherlands has resulted in the takedown of the notorious RedLine and Meta infostealer malwares Continue Reading
-
News
25 Oct 2024
Dutch critical infrastructure at risk despite high leadership confidence
Stark paradox in Dutch cyber security landscape has business leaders expressing high confidence in their IT infrastructure as cyber attacks rise Continue Reading
-
News
23 Oct 2024
Government hails Cyber Essentials success
Scheme to help keep organisations’ IT safe and secure has given businesses more confidence they won’t fall victim to a cyber attack Continue Reading
-
Feature
23 Oct 2024
Detect ransomware in storage to act before it spreads
Anomaly detection and immutable copies can be frontline tools against ransomware – we look at the role storage can play against the latest techniques employed by ransomware gangs Continue Reading
-
News
23 Oct 2024
Democracy campaigner to sue Saudi Arabia over Pegasus and QuaDream spyware in UK court
Pro-democracy campaigner Yahya Assiri given permission to file legal action in London court against Saudi Arabia over its use of Israeli spyware Continue Reading
-
News
22 Oct 2024
Danish government reboots cyber security council amid AI expansion
Denmark’s government relaunches digital security initiative to protect business sectors and society at large Continue Reading
-
News
21 Oct 2024
Can AI be secure? Experts discuss emerging threats and AI safety
International cyber security experts call for global cooperation and proactive strategies to address the security challenges posed by artificial intelligence Continue Reading
-
News
17 Oct 2024
NCSC chief warns of gap in cyber threats and defence capabilities
The UK and its allies must take collective action to improve their cyber resilience and repel the increasing volume of severe cyber attacks, says NCSC chief Continue Reading
-
News
17 Oct 2024
EU cyber security bill NIS2 hits compliance deadline
The EU’s NIS2 bill will harmonise how companies and member states approach cyber security, but its success will depend on how well it is implemented and enforced Continue Reading
-
News
15 Oct 2024
NCSC expands school cyber service to academies and private schools
The National Cyber Security Centre is expanding its PDNS for Schools service to encompass a wider variety of institutions up and down the UK Continue Reading
-
Feature
15 Oct 2024
Reinventing security operations for the modern threat landscape
The growing pace of digital transformation has opened new avenues for attackers, making traditional security measures obsolete. Organisations must modernise their security operations to fortify their defences and navigate the evolving threat landscape Continue Reading
-
Definition
11 Oct 2024
What is the Mitre ATT&CK framework?
The Mitre ATT&CK -- pronounced miter attack -- framework is a free, globally accessible knowledge base that describes the latest behaviors and tactics of cyberadversaries to help organizations strengthen their cybersecurity strategies. Continue Reading
-
News
10 Oct 2024
NCSC issues fresh alert over wave of Cozy Bear activity
The NCSC, FBI and NSA publish updated warning about Cozy Bear’s activities, highlighting a range of vulnerabilities the threat actor is using to set up its cyber attacks Continue Reading
-
Definition
10 Oct 2024
What is threat intelligence?
Threat intelligence, also known as cyberthreat intelligence, is information gathered from a range of sources about current or potential attacks against an organization. Continue Reading
-
News
10 Oct 2024
Government launches cyber standard for local authorities
Local government bodies are being invited to take advantage of a new NCSC-derived Cyber Assessment Framework to help enhance their resilience and ward off cyber attacks Continue Reading
-
News
10 Oct 2024
How Recorded Future finds ransomware victims before they get hit
Threat intel specialists at Recorded Future have shared details of newly developed techniques they are using to disrupt Rhysida ransomware attacks before the gang even has a chance to execute them Continue Reading
-
News
10 Oct 2024
Internet Archive web historians target of hacktivist cyber attack
The Internet Archive nonprofit digital library and Wayback Machine operator has been attacked by pro-Palestinian hacktivists Continue Reading
-
News
10 Oct 2024
Australia bolsters cyber defences with security bill
Legislation tackles IoT security and establishes a Cyber Incident Review Board to bolster Australia’s cyber resilience Continue Reading
-
News
09 Oct 2024
MoneyGram customer data breached in attack
MoneyGram confirms that customer data has been stolen in an incident that appears to have started with a social engineering attack on its IT helpdesk staff Continue Reading
-
News
09 Oct 2024
UK Cyber Team seeks future security professionals
Young people from across the UK have a chance to represent the country in international competitions and advance their future careers in cyber security Continue Reading
-
News
08 Oct 2024
Secureworks: Ransomware takedowns didn’t put off cyber criminals
The number of active cyber criminal ransomware gangs has surged by almost a third in the space of 12 months, according to the latest intelligence from Secureworks Continue Reading
-
News
08 Oct 2024
UK’s cyber incident reporting law to move forward in 2025
The UK government says that enforced cyber incident and ransomware reporting for critical sectors of the economy will help to build a better picture of the threat landscape and enable more proactive and preventative responses Continue Reading
-
News
07 Oct 2024
IBM: Data breach cost in ASEAN hits new high
The average cost of a data breach in ASEAN grew by 7% from last year, as organisations grapple with increasingly distributed IT environments and complex security systems Continue Reading
-
News
04 Oct 2024
UK telcos including BT at risk from DrayTek router vulnerabilities
A series of vulnerabilities in DrayTek's Vigor router product lines affects multiple comms service providers in the UK, according to new analysis Continue Reading
-
News
04 Oct 2024
NCSC celebrates eight years as Horne blows in
Outgoing NCSC interim leader Felicity Oswald shares her thoughts on the body’s work over the past eight years as she hands over the reins to incoming CEO Richard Horne Continue Reading
-
News
04 Oct 2024
Cups Linux printing bugs open door to DDoS attacks, says Akamai
The Cups Linux printing vulnerabilities disclosed at the end of September would seem to have a nasty sting in their tail, according to researchers at Akamai Continue Reading
-
News
03 Oct 2024
Microsoft files lawsuit to seize domains used by Russian spooks
Microsoft has been given permission to seize multiple domains used by the Russian state threat actor Star Blizzard as part of a coordinated disruption effort undertaken ahead of the US elections Continue Reading
-
News
03 Oct 2024
SOC teams falling out of love with threat detection tools
Security operations centre practitioners are fed up of being flooded with pointless alerts and many no longer have much confidence in their threat detection tools, according to a report Continue Reading
-
Opinion
03 Oct 2024
Rise of the cyber clones: When seeing isn’t believing
It is frighteningly easy to clone someone else's identity using readily-available artificial intelligence tools Continue Reading
-
News
02 Oct 2024
UK and Singapore to collaborate on supporting ransomware victims
At the fourth Counter Ransomware Initiative Summit in the US, both the UK and Singapore have committed to working on new guidance designed to better support victims and undermine cyber criminal business models Continue Reading
-
News
01 Oct 2024
Unmasked: The Evil Corp cyber gangster who worked for LockBit
The NCA has named and shamed a prominent member of the Evil Corp cyber crime collective who also worked as an affiliate of the LockBit ransomware gang as the UK unveils new sanctions against 16 Russian cyber criminals Continue Reading
-
News
01 Oct 2024
Post Office ditches MoneyGram after cyber attack
The Post Office offered a short extension to enable it to asses the impact of the MoneyGram cyber incident, but the contract has now expired and MoneyGram services are no longer available in Post Office branches Continue Reading
-
News
27 Sep 2024
UK on high alert over Iranian spear phishing attacks, says NCSC
The NCSC and counterpart agencies in the US have issued a warning over enhanced Iranian spear phishing activity targeting politicians, journalists, activists and others with an interest in Middle Eastern affairs Continue Reading
-
News
27 Sep 2024
Printing vulnerability affecting Linux distros raises alarm
Security pros need to get in front of a series of vulnerabilities affecting the Cups Linux printing service after an apparently botched disclosure process saw technical details published in advance of a patch Continue Reading
-
Opinion
27 Sep 2024
Closing the curtain on cyber security theatre
Leaders must redefine expectations, rethink responsibility and eliminate unproductive practices to move towards real security, says Gartner vice-president analyst Richard Addiscott Continue Reading
-
News
26 Sep 2024
Racist Network Rail Wi-Fi hack was work of malicious insider
Police have revealed that this week’s racist cyber attack on public Wi-Fi networks at stations across the UK appears to have been the work of a malicious insider, after arresting an employee of one of the service providers Continue Reading
-
News
26 Sep 2024
Islamophobic cyber attack downs Wi-Fi at UK transport hubs
An apparent hacktivist attack disrupted public-facing Wi-Fi networks at UK rail stations to display Islamophobic content Continue Reading
-
News
25 Sep 2024
Splunk and Cisco integration moving apace
Splunk is rapidly integrating with Cisco’s technology to enable seamless transitions between their platforms while delivering advanced threat detection capabilities Continue Reading
-
News
24 Sep 2024
Money transfer firm MoneyGram rushes to contain cyber attack
Money transfer specialist MoneyGram services remain down several days after a network outage developed into a full-blown cyber security incident Continue Reading
-
News
24 Sep 2024
Unique malware sample volumes seen surging
BlackBerry’s latest ‘Global threat intelligence’ report details a surge in unique malware samples as threat actors ramp up the pace of targeted attacks Continue Reading
-
E-Zine
23 Sep 2024
Powering Britain’s economy – datacentres gain in status
In this week’s Computer Weekly, the UK government has finally classified datacentres as critical national infrastructure – we ask, what took it so long? We assess the impact of the EU’s new energy efficiency rules on datacentre operators. And we discuss the power of information and diversity with the chief data officer at Legal & General. Read the issue now. Continue Reading
-
News
23 Sep 2024
UK, US and Canada to collaborate on AI and cyber security
International collaboration agreement will see the governments of Canada, the UK and the US work together to research, evaluate and test new defence technologies Continue Reading
-
News
19 Sep 2024
HSBC tests post-quantum VPN tunnel for digital ledgers
Encryption required for post-quantum cryptography will have a material impact on the performance of distributed ledgers Continue Reading
-
News
18 Sep 2024
NCSC exposes Chinese company running malicious Mirai botnet
The NCSC and its Five Eyes allies have published details of the activities of a China-based cyber security company that is operating a Mirai IoT botnet in the service of government-backed intrusions Continue Reading
-
News
18 Sep 2024
Europol provides detail on Ghost encrypted comms platform takedown
Law enforcement bodies from across the world have revealed how they collaborated to bring down encrypted network Ghost and the new ways of working that have been established with Europol at the centre Continue Reading
-
Definition
18 Sep 2024
What is email spam and how to fight it?
Email spam, also known as 'junk email,' refers to unsolicited email messages, usually sent in bulk to a large list of recipients. Humans send spam, but more often, botnets are responsible for sending it. Continue Reading
-
News
18 Sep 2024
Police make arrests after hacking Ghost encrypted comms app
An international police operation has penetrated an end-to-end encrypted communications service allegedly used by organised criminals in Australia, Ireland, Sweden and Italy Continue Reading
-
News
17 Sep 2024
First CyberBoost Catalyse startup cohort named
The first group of companies named to a cyber incubator programme run by Plexal and the National University of Singapore includes two growing UK businesses Continue Reading
-
News
16 Sep 2024
Crest secures FCDO funding to help overseas countries increase their cyber-readiness
Non-profit Crest is launching an initiative to help overseas, private-sector firms get better prepared for cyber threats Continue Reading
-
News
15 Sep 2024
UK unites nations to discuss closing global cyber skills gap
The UK government invites representatives from around the world to a summit to discuss how to address global IT security skills gap Continue Reading
-
News
13 Sep 2024
UN-backed cyber security report highlights global shortfalls in preparedness
In the three years since the UN-backed cyber security report was published, countries have been making a concerted effort to protect themselves from cyber threats, but there’s more to do Continue Reading
-
News
13 Sep 2024
Cyber workforce must almost double to meet global talent need
Research from ISC2 finds global cyber workforce needs additional 4.8 million people to fully secure businesses Continue Reading
-
News
12 Sep 2024
Teenager arrested in TfL cyber attack investigation
New security measures following the cyber attack, which took down some of TfL’s services, have led to delays in contactless roll-out Continue Reading
-
News
11 Sep 2024
ICO and NCA sign MoU to provide joint support for cyber crime victims
UK data protection watchdog joins forces with law enforcement agency to provide more support for organisations that fall victim to cyber crime and ransomware attacks Continue Reading
-
News
10 Sep 2024
ANZ CIOs to prioritise cyber security investments in 2025
Cyber security remains high on the agenda for ANZ CIOs, followed by data analytics, cloud and generative AI Continue Reading
-
News
09 Sep 2024
Multiple Veeam vulns spark concern among defenders
Veeam users are urged to patch a series of vulnerabilities in the firm’s Backup & Replication product to get out ahead of potential exploitation by ransomware gangs Continue Reading
-
Opinion
09 Sep 2024
Developing nations need the UN cyber crime treaty to pass
The UN cyber crime treaty is flawed but represents a move in the right direction for developing nations seeking greater digital sovereignty Continue Reading
-
News
06 Sep 2024
Longstanding Darktrace CEO Poppy Gustafsson to step down
Darktrace CEO Poppy Gustafsson is to leave the AI cyber company she helped build with Mike Lynch after more than a decade, following its acquisition by a private equity firm Continue Reading
-
News
05 Sep 2024
NCSC and allies call out Russia's Unit 29155 over cyber warfare
The NCSC and counterpart agencies from the US and other countries have exposed a long-running campaign of Russian cyber espionage and warfare conducted by GRU Unit 29155 Continue Reading
-
News
05 Sep 2024
Fog ransomware crew evolving into wide-ranging threat
The emergent Fog ransomware gang appears to be changing up its victimology in search of more cash-rich victims Continue Reading
-
News
05 Sep 2024
Ongoing TfL cyber attack takes out Dial-a-Ride service
The Dial-a-Ride assisted transit service for disabled people had to temporarily suspend part of its operations as Transport for London deals with an ongoing cyber attack, but the service has now been recovered Continue Reading
-
News
04 Sep 2024
PyPI loophole puts thousands of packages at risk of compromise
Thousands of PyPI packages are at risk of an attack technique dubbed Revival Hijack, which exploits a loophole in the platform’s package naming feature Continue Reading
-
News
04 Sep 2024
Fraud and scam complaints hit highest ever level in UK
The Financial Ombudsman Service says it recorded almost 9,000 complaints about fraud and scams from April to June, the most ever recorded Continue Reading
-
News
03 Sep 2024
Transport for London hit by cyber attack
London’s transport network provider TfL experiences cyber security incident, but reassures customers there is no impact on services Continue Reading
-
News
02 Sep 2024
UK and Ukraine digital trade deal comes into force
The UK eases access to the deep tech startup community in Ukraine through digital-only agreement Continue Reading
-
News
30 Aug 2024
Norwegian Refugee Council leverages Okta for Good cyber scheme
Pietro Galli, CIO of the Norwegian Refugee Council, reveals how the globally distributed NGO has been taking advantage of the Okta for Good CSR programme to improve its own cyber security and data protection practice, and elevate good practice in the third sector Continue Reading
-
News
29 Aug 2024
Check Point secured for annual Security Serious cyber awards
The annual Security Serious Unsung Heroes awards, recognising the champions of the UK cyber security industry, are back once again, with a new headline sponsor joining the party Continue Reading
-
News
29 Aug 2024
Telegram CEO Pavel Durov under formal investigation, released on bail
European Commission confirms it has powers to place Telegram under ‘direct supervision’ if it meets the threshold for regulation under the Digital Services Act Continue Reading
-
News
29 Aug 2024
Iranian APT caught acting as access broker for ransomware crews
Members of Iran-backed Pioneer Kitten APT appear to be trying to supplement their pay packets by helping Russian-speaking ransomware gangs to access their victims in exchange for a cut of the profits Continue Reading
-
Opinion
29 Aug 2024
Cyber law reform should be top of Labour's policy list
With Labour returning to 10 Downing Street after 14 years, the Computer Weekly Security Think Tank panellists share advice and wish lists for the new government Continue Reading
-
News
29 Aug 2024
US offers $2.5m bounty for on-the-run malware dev
US State Department puts a $2.5m bounty on the head of Angler exploit kit developer and ransomware crew member Volodymyr Kadariya as part of a major developing case Continue Reading
-
News
28 Aug 2024
Iranian APT Peach Sandstorm teases new Tickler malware
Peach Sandstorm, an Iranian state threat actor, has developed a dangerous new malware strain that forms a key element of a rapidly evolving attack sequence Continue Reading
-
News
28 Aug 2024
How Kaspersky is driving growth in APAC
Kaspersky is leveraging its threat intelligence capabilities and local market knowledge to navigate geopolitical tensions and expand its footprint across the Asia-Pacific region Continue Reading
-
Opinion
27 Aug 2024
Extending zero-trust principles to endpoints
By combining zero-trust principles with other security strategies and continuously monitoring and improving their security posture, organisations can effectively mitigate risks and protect their resources, says Gartner's Nikul Patel Continue Reading
-
Opinion
27 Aug 2024
Public education on security must be a top priority for Labour
With Labour returning to 10 Downing Street after 14 years, the Computer Weekly Security Think Tank panellists share advice and wish lists for the new government Continue Reading
-
News
27 Aug 2024
Palo Alto Networks bets on ‘precision AI’
Palo Alto Networks’ regional leader, Steven Scheurmann, explains how machine learning, neural networks and generative AI can help to prevent breaches in what it calls ‘precision AI’ Continue Reading
-
News
22 Aug 2024
New Qilin tactics a ‘bonus multiplier’ for ransomware chaos
Sophos X-Ops caught the Qilin ransomware gang stealing credentials stored by victims' employees in Google Chrome, heralding further cyber attacks and breaches down the line. Continue Reading
-
News
21 Aug 2024
Pakistani national arrested over Southport ‘cyber terrorism’
Authorities in Pakistan have arrested a man on suspicion of cyber terrorism over his role in the spread of online misinformation in the wake of the Southport knife attack Continue Reading
-
Podcast
21 Aug 2024
Podcast: Ransomware and what data storage can do about it
We talk to NetApp’s Chris McKean about ransomware attacks and the role of data storage in protecting against them Continue Reading