IT security
-
News
02 May 2024
Palo Alto Networks claims to raise bar on SASE
Palo Alto Networks releases version 3.0 of SASE tech designed to extend zero trust to unmanaged devices, secure data with artificial intelligence and boosts application performance for partners and customers Continue Reading
-
News
02 May 2024
NCSC updates warning over hacktivist threat to CNI
The NCSC and CISA have warned about the evolving threat from Russia-backed hacktivist threat actors targeting critical national infrastructure, after a number of American utilities were attacked Continue Reading
-
News
02 May 2024
Palo Alto Networks claims to raise bar on SASE
Palo Alto Networks releases version 3.0 of SASE tech designed to extend zero trust to unmanaged devices, secure data with artificial intelligence and boosts application performance for partners and customers Continue Reading
-
News
02 May 2024
NCSC updates warning over hacktivist threat to CNI
The NCSC and CISA have warned about the evolving threat from Russia-backed hacktivist threat actors targeting critical national infrastructure, after a number of American utilities were attacked Continue Reading
-
News
02 May 2024
Dropbox Sign user information accessed in data breach
Account data belonging to Dropbox Sign users was accessed by an unknown threat actor after they hacked into the organisation’s backend infrastructure Continue Reading
-
News
02 May 2024
Ukrainian national sentenced over REvil ransomware spree
A 24-year-old Ukrainian man has been sentenced to more than 13 years in prison after being convicted of his role in the REvil ransomware attacks Continue Reading
-
Definition
02 May 2024
What is PCI DSS (Payment Card Industry Data Security Standard)?
The Payment Card Industry Data Security Standard (PCI DSS) is a widely accepted set of policies and procedures intended to optimize the security of credit, debit and cash card transactions and protect cardholders against misuse of their personal information. Continue Reading
-
Definition
02 May 2024
What is a SSL (secure sockets layer)?
Secure sockets layer (SSL) is a networking protocol designed for securing connections between web clients and web servers over an insecure network, such as the internet. Continue Reading
-
News
02 May 2024
BBC instructs lawyers over allegations of police surveillance of journalist
Lawyers for the BBC have written to the Investigatory Powers Tribunal over allegations that the Police Service of Northern Ireland spied on investigative journalist Vincent Kearney Continue Reading
-
News
02 May 2024
How Okta is fending off identity-based attacks
Okta has been bolstering the security of its own infrastructure and building new tools to scan customer environments for vulnerable identities, among other efforts to fend off identity-based attacks Continue Reading
-
News
01 May 2024
EMEA CISOs must address human factors behind cyber incidents
The 17th annual Verizon report on data breaches makes for sobering reading for security pros, urging them to do more to address the human factors involved in cyber incidents, and highlighting ongoing issues with zero-day patching Continue Reading
-
Opinion
01 May 2024
Better hygiene may mitigate the need to ban ransomware payments
In the wake of renewed calls for lawmakers to consider enacting legal bans on ransomware payments, the Computer Weekly Security Think Tank weighs in to share their thoughts on how to tackle the scourge for good. Continue Reading
-
News
01 May 2024
Australia’s Qantas apologises for mobile app data breach
Australian flag carrier Qantas has apologised after a glitch in its mobile application temporarily enabled some customers to view the flights and booking details of other frequent fliers on two separate occasions Continue Reading
-
News
01 May 2024
Secure coding benchmark to increase standards among developers
Developer security advocate Secure Code Warrior has launched what it claims is the industry’s first benchmark designed to quantify the security competence of its customers’ software developer teams Continue Reading
-
Definition
01 May 2024
remote access
Remote access is the ability for an authorized person to access a computer or network from a geographical distance through a network connection. Continue Reading
-
News
01 May 2024
DWP anti-fraud measures will allow monitoring of bank accounts of landlords, carers and parents
Parliamentarians raise concerns that a proposed law to require banks to monitor the accounts of millions of people receiving state benefits could lead to those on welfare being denied accommodation or bank accounts Continue Reading
-
Opinion
01 May 2024
Are we ready for the era of the ‘sentient’ document?
This year is set to be the automation of documents since the invention of the printing press. Content control is key Continue Reading
-
News
01 May 2024
Autonomous weapons reduce moral agency and devalue human life
Military technology experts gathered in Vienna have warned about the detrimental psychological effects of AI-powered weapons, arguing that implementing systems of algorithmic-enabled killing dehumanises both the user and the target Continue Reading
-
Definition
01 May 2024
Federal Information Security Modernization Act (FISMA)
): The Federal Information Security Modernization Act (FISMA) is United States legislation that defines a framework of guidelines and security standards to protect government information technology operations from cyberthreats. Continue Reading
-
News
30 Apr 2024
Persistent data breaches deny people with HIV dignity and privacy
The ICO has urged charities and healthcare organisations that work with people living with HIV to do better when it comes to protecting their personal data, after the HIV status of more than 100 people was accidentally disclosed by London’s Central YMCA Continue Reading
-
News
30 Apr 2024
Keeper to help Williams F1 keep up with cyber challenges
Keeper Security signs up to support F1 team Williams Racing with credential management ahead of the 2024 Miami Grand Prix Continue Reading
-
News
30 Apr 2024
Global majority united on multilateral regulation of AI weapons
Foreign ministers and civil society representatives say that multilateralism is key to controlling the proliferation and use of AI-powered autonomous weapons, but that a small number of powerful countries are holding back progress Continue Reading
-
News
30 Apr 2024
Bad bot traffic in Australia grew 23% in 2023
Traffic from bad bots that perform malicious tasks accounted for 30.2% of Australia’s internet traffic in 2023 Continue Reading
-
Definition
29 Apr 2024
digital identity
A digital identity is the body of information about an individual, organization or electronic device that exists online. Continue Reading
-
Opinion
29 Apr 2024
Ransomware payment bans need universal buy-in
In the wake of renewed calls for lawmakers to consider enacting legal bans on ransomware payments, the Computer Weekly Security Think Tank weighs in to share their thoughts on how to tackle the scourge for good. Continue Reading
-
News
29 Apr 2024
UK’s long-awaited device security law kicks in
The Product Security and Telecommunications Infrastructure Act has become law across the UK, enforcing basic cyber security standards across connected products sold to the public Continue Reading
-
Tip
29 Apr 2024
Top 11 cloud security challenges and how to combat them
Before jumping feet first into the cloud, understand the new and continuing top cloud security challenges your organization is likely to face -- and how to mitigate them. Continue Reading
-
News
29 Apr 2024
Cradlepoint unveils 5G-optimised SASE to deliver agile enterprises
Ericsson division unveils SASE solution said to enable lean IT teams to establish zero-trust networks in as little as six minutes securing environments such as roaming vehicles, IoT devices and pop-up locations Continue Reading
-
Opinion
26 Apr 2024
Security Think Tank: Maybe let's negotiate with terrorists
In the wake of renewed calls for lawmakers to consider enacting legal bans on ransomware payments, the Computer Weekly Security Think Tank weighs in to share their thoughts on how to tackle the scourge for good. Continue Reading
-
News
26 Apr 2024
Post Office ‘lied’ to subpostmasters when forced to meet them, says former federation representative
Post Office executives were forced to meet subpostmasters to discuss an unexplained error in their branch, then misled the branch managers over remote access Continue Reading
-
News
25 Apr 2024
Progress being made on gender diversity in cyber
Women make up a higher percentage of new entrants to the cyber security profession, particularly among younger age groups, and are increasingly taking up leadership positions and hiring roles, but challenges still persist Continue Reading
-
News
25 Apr 2024
Zero trust is a strategy, not a technology
Zero-trust security should be seen as a strategy to protect high-value assets and is not tied to a specific technology or product, says the model’s creator John Kindervag Continue Reading
-
News
24 Apr 2024
Mandatory MFA pays off for GitHub and OSS community
Mandating multifactor authentication for select developers has been a huge success for GitHub, the platform reports, and now it wants to go further Continue Reading
-
News
24 Apr 2024
Cyber training leader KnowBe4 to buy email security firm Egress
Security awareness training and phishing simulation specialist KnowBe4 is to buy email security expert Egress Continue Reading
-
News
24 Apr 2024
TikTok ban sails through US Senate
A law that will ban TikTok in the US unless its owner sells up pronto passed the US Senate by a landslide majority after being included in a package of military aid Continue Reading
-
News
24 Apr 2024
Education will be key to good AI regulation: A view from the USA
Computer Weekly sat down with Salesforce’s vice-president of federal government affairs, Hugh Gamble, to find out how the US is forging a path towards AI regulation, and how things look from Capitol Hill Continue Reading
-
Opinion
23 Apr 2024
Security Think Tank: Cyber sector, you have failed this community
In the wake of renewed calls for lawmakers to consider enacting legal bans on ransomware payments, the Computer Weekly Security Think Tank weighs in to share their thoughts on how to tackle the scourge for good. Continue Reading
-
News
23 Apr 2024
GooseEgg proves golden for Fancy Bear, says Microsoft
Microsoft’s threat researchers have uncovered GooseEgg, a never-before-seen tool being used by Forest Blizzard, or Fancy Bear, in conjunction with vulnerabilities in Windows Print Spooler Continue Reading
-
Definition
23 Apr 2024
business impact analysis (BIA)
A business impact analysis (BIA) is a systematic process to determine and evaluate the potential effects of an interruption to critical business operations as a result of a disaster, accident or emergency. Continue Reading
-
Opinion
23 Apr 2024
Questions for IT and cyber leaders from the CSRB Microsoft report
The US government's CSRB report on last year's state sponsored cyber attacks on Microsoft raises significant concerns for Redmond and its customers. Expert Owen Sayers outlines five key questions IT and cyber security leaders should now consider Continue Reading
-
News
23 Apr 2024
Lords split over UK government approach to autonomous weapons
During a debate on autonomous weapons systems, Lords expressed mixed opinions towards the UK government’s current position, including its reluctance to adopt a working definition and commit to international legal instruments controlling their use Continue Reading
-
Feature
22 Apr 2024
Securing the edge: A new battleground in mobile network security
Edge computing is transforming approaches to mobile network infrastructure, but failure to secure it can expose networks and data to cyber threats. Learn more about the dangers and potential solutions Continue Reading
-
News
22 Apr 2024
Former Sellafield consultant claims the nuclear complex tampered with evidence
Whistleblower Alison McDermott claims former employer Sellafield tampered with metadata in letters used in evidence during an employment tribunal Continue Reading
-
News
22 Apr 2024
Fujifilm plans to ‘make tape easy’ with Kangaroo SME appliance
Fujifilm to add 100TB SME-focused Kangaroo tape infrastructure in a box to existing 1PB offer, as energy efficiency and security of tape make it alluring to customers Continue Reading
-
News
22 Apr 2024
NCSC announces PwC’s Richard Horne as CEO
Former PwC and Barclays cyber chief Richard Horne set to join UK’s National Cyber Security Centre as CEO Continue Reading
-
News
22 Apr 2024
Digital Edge punching above its weight in Asia datacentre market
Fast-growing datacentre provider Digital Edge is eyeing business from hyperscalers and counting on its strengths in datacentre operations and local partnerships to stand out from rivals Continue Reading
-
News
22 Apr 2024
IT leaders hiring CISOs aplenty, but don’t fully understand the role
Most businesses now have a CISO, but perceptions of what CISOs are supposed to do, and confusion over the value they offer, may be holding back harmonious relations, according to a report Continue Reading
-
News
21 Apr 2024
Crime agency criticises Meta as European police chiefs call for curbs on end-to-end encryption
Law enforcement agencies step up demands for ‘lawful access’ to encrypted communications Continue Reading
-
News
19 Apr 2024
Report reveals Northern Ireland police put up to 18 journalists and lawyers under surveillance
Disclosures that the Police Service of Northern Ireland obtained phone communications data from journalists and lawyers leads to renewed calls for inquiry Continue Reading
-
News
19 Apr 2024
Tech companies operating with opacity in Israel-Palestine
Tech firms operating in Occupied Palestinian Territories and Israel are falling “woefully short” of their human rights responsibilities amid escalating devastation in Gaza, says Business & Human Rights Resource Centre Continue Reading
-
News
18 Apr 2024
International police operation infiltrates LabHost phishing website used by thousands of criminals
The Metropolitan Police working with international police forces have shut down LabHost, a phishing-as-a-service website that has claimed 70,000 victims in the UK Continue Reading
-
News
18 Apr 2024
CSA warns of emerging security risks with cloud and AI
Few users appreciate the security risks of cloud and have the expertise to implement the complex security controls, says CSA chief executive David Koh Continue Reading
-
Opinion
18 Apr 2024
Security Think Tank: Approaches to ransomware need a course correction
In the wake of renewed calls for lawmakers to consider enacting legal bans on ransomware payments, the Computer Weekly Security Think Tank weighs in to share their thoughts on how to tackle the scourge for good. Continue Reading
-
News
18 Apr 2024
TUC publishes legislative proposal to protect workers from AI
Proposed bill for regulating artificial intelligence in the UK seeks to translate well-meaning principles and values into concrete rights and obligations that protect workers from systems that make ‘high-risk’ decisions about them Continue Reading
-
News
18 Apr 2024
Gov.uk One Login accounts on the rise
Since August 2023, more than 1.8 million people verified their identity using the Gov.uk One Login app, while face-to-face verifications have also increased Continue Reading
-
News
17 Apr 2024
Mandiant formally pins Sandworm cyber attacks on APT44 group
Mandiant has formally attributed a long-running campaign of cyber attacks by a Russian state actor known as Sandworm to a newly designated advanced persistent threat group to be called APT44 Continue Reading
-
News
16 Apr 2024
US provides assurances over extradition of WikiLeaks founder Julian Assange
Extradition of the WikiLeaks founder moves a step closer after the US government gives diplomatic assurances over his treatment in the US. Assange supporters accuse the US of ‘weasel words’ Continue Reading
-
News
16 Apr 2024
CISOs not yet convinced to invest in AI
CISOs say their eyes are fixed firmly on threats like ransomware and supply chain attacks, and while AI is becoming a threat that needs to be dealt with, it’s not yet an immediate spending priority Continue Reading
-
News
16 Apr 2024
CW Innovation Awards: Balancing security and user experience
The National University of Singapore’s Safe initiative has strengthened the security of IT systems and end-user devices while prioritising user experience through passwordless access Continue Reading
-
Opinion
16 Apr 2024
2024 election security: Confronting disinformation and deepfakes
Although disinformation and deepfakes are a threat to electoral integrity, we already have ways to counter emerging threats and there is an opportunity is to adapt and scale these approaches to counter the challenge to democracy, writes Saj Huq. Continue Reading
-
News
16 Apr 2024
Recognising APAC’s trailblazers in digital transformation
DBS Bank and NUS were among the top industry innovators that were lauded for various transformational initiatives at the Computer Weekly Innovation Awards APAC 2024 Continue Reading
-
News
15 Apr 2024
More social engineering attacks on open source projects observed
In the wake of the recent XZ Utils scare, maintainers of another open source project have come forward to say they may have experienced similar social engineering attacks Continue Reading
-
Opinion
15 Apr 2024
Threat actors look to stolen credentials
In 2023, threat actors wrought havoc on corporate networks by logging in through valid accounts, and as bad actors begin investing in AI to help them identify priority targets, this problem is only expected to worsen in the future Continue Reading
-
News
15 Apr 2024
EU’s AI Act fails to protect the rule of law and civic space
Analysis reveals that the AI Act is ‘riddled with far-reaching exceptions’ and its measures to protect fundamental rights are insufficient Continue Reading
-
Opinion
15 Apr 2024
AI tapped for citizen outreach as India goes to the polls
Political parties in this year’s high-stakes elections are leveraging AI for the first time, but measures to curtail misuse must continue to evolve with the rapid developments of the technology Continue Reading
-
Definition
12 Apr 2024
OAuth (Open Authorization)
OAuth (Open Authorization) is an open standard authorization framework for token-based authorization on the internet. Continue Reading
-
News
12 Apr 2024
Apple iPhone security alert renews spyware concerns
An Apple security alert received by users in 92 countries raises fresh fears over ongoing campaigns by users of mercenary spyware products Continue Reading
-
Feature
12 Apr 2024
5G networks and biometric breakthroughs: Navigating opportunities and risks
Businesses are quickly adopting 5G to introduce advanced security features such as facial recognition, but while these technologies improve safety and ease of use, they also raise concerns about how sensitive biometric information is gathered and may be misused Continue Reading
-
News
12 Apr 2024
UK in critical need of regulation to fight misinformation online
Misinformation, where it is generated by AI, poses a serious threat due to the ease with which plausible false content can be created and spread Continue Reading
-
News
12 Apr 2024
Executive interview: Balancing AI with human creativity
We speak to the chief product officer at Getty Images and iStock about the role generative AI can play in the image-making process. Continue Reading
-
Feature
12 Apr 2024
European Digital Identity Wallet: One ID for EU citizens
The European Digital Identity Wallet is a personal digital wallet with which you will be able to identify yourself digitally in the future. Is this the solution for a centralised ID? Continue Reading
-
News
11 Apr 2024
Facial recognition to play key role in UK shoplifting crackdown
UK government will fund roll-out of police facial recognition across the country as part of its crackdown on shoplifting and violence against retail staff, but civil society groups say the government is attempting to police its way out of the cost-of-living crisis Continue Reading
-
News
11 Apr 2024
Government dismisses Lords’ concerns over facial recognition
UK government is claiming police forces’ use of live facial recognition is comprehensively covered by existing laws, in response to a Lords investigation that found police lacked a clear legal basis to deploy it Continue Reading
-
News
10 Apr 2024
Breakthrough may herald secure home quantum computing
An emerging approach to quantum security dubbed blind quantum computing may one day help spur mass adoption of quantum computing safely and securely, using technology that is already available today Continue Reading
-
News
10 Apr 2024
Cyber crooks poison GitHub search to fool developers
Researchers share data on new technique whereby malicious actors are manipulating GitHub’s search function and using cleverly crafted repositories to distribute malware Continue Reading
-
News
10 Apr 2024
Biden considering whether to end prosecution of WikiLeaks founder Julian Assange
US president Joe Biden says he is considering requests by Australia to end the prosecution of WikiLeaks founder Julian Assange under espionage and computer fraud charges Continue Reading
-
News
10 Apr 2024
Salesforce helps customers establish bug bounty programmes
Salesforce has added new learning content to its Trailhead platform designed to help customers develop their own bug bounty programmes Continue Reading
-
News
10 Apr 2024
Patch Tuesday: Windows Server 2008 receives emergency security patch
Support for the OS ended in 2020, but four years on and there's a live exploit of a security flaw that impacts all Windows users Continue Reading
-
News
09 Apr 2024
UK plc failing on multiple cyber measures
Government report shows 50% of businesses and 32% of charities reported a cyber attack or breach in the past 12 months and organisations across the UK are failing on multiple cyber measures Continue Reading
-
News
09 Apr 2024
Public worried by police and companies sharing biometric data
More than half of the British public do not feel comfortable with police forces sharing biometric data with the private sector, including facial recognition images, to tackle crimes such as shoplifting Continue Reading
-
Answer
09 Apr 2024
How do companies protect customer data?
Companies can protect customer data through various technical tools and strategies, like authentication and encryption. But some types of data need more protection than others. Continue Reading
-
News
09 Apr 2024
Is a cyber arms control treaty out of reach?
The world needs cyber arms control more than ever, but the challenges facing a multilateral agreement will be hard to surmount, according to researchers at Germany’s Digital Society Institute Continue Reading
-
News
09 Apr 2024
Police forces check intelligence and criminal databases after errors discovered in O2 phone data
Criminal Bar Association calls for information about reliability of communications data used in criminal trials to be disclosed Continue Reading
-
News
09 Apr 2024
Greek government fined over AI surveillance in refugee camps
Greece’s Data Protection Authority has issued a €175,000 fine against the country’s migration ministry over its deployment of artificial intelligence-powered security systems in refugee camps after the watchdog’s investigation found ‘serious shortcomings’ with the roll-out Continue Reading
-
News
08 Apr 2024
What Cisco’s Splunk acquisition means for APAC customers
APAC organisations can expect better visibility and insights into their networks and applications along with automation and response capabilities to improve their digital resilience Continue Reading
-
News
08 Apr 2024
UK vet network CVS hit by cyber attack
Operations at UK-based veterinary network CVS have been disrupted by a cyber incident of an as-yet undisclosed nature Continue Reading
-
Opinion
08 Apr 2024
How Prospect Theory helps us understand software disasters
By understanding the human psychology behind IT system failures that directly impact people, we can better protect ourselves Continue Reading
-
Feature
05 Apr 2024
Seven ways to be sure you can restore from backup
Backups are no good if you can’t restore from them. We look at key elements of backup restoration, including backup audits, RPOs and RTOs, and how and when to test backups Continue Reading
-
News
05 Apr 2024
China ramps up use of AI misinformation
Microsoft researchers have identified a growing pattern of AI-laced misinformation and political interference coming from Chinese threat actors Continue Reading
-
News
05 Apr 2024
Europol offers law enforcement agencies data on Europe’s most threatening crime networks
Europol has collected and analysed data from over 40 countries to identify 800 most threatening criminal networks operating in Europe in what it describes as a unique dataset for law enforcemnt Continue Reading
-
News
05 Apr 2024
UKtech50 2024 – help us find the most influential people in UK IT
Computer Weekly’s annual search for the 50 most influential people in UK IT is on – let us know who you would like to nominate for this year's list Continue Reading
-
News
05 Apr 2024
How Oracle Red Bull Racing guards against cyber threats
The F1 team is tapping managed security services, conducting penetration tests and improving security awareness among employees to fend off cyber threats such as phishing and ransomware Continue Reading
-
News
04 Apr 2024
Changes needed for SOCs and CSIRTs, claims Dutch research institute
Cyber security specialists need a game-changer to keep up with their adversaries, who increasingly use automation and AI for their attacks Continue Reading
-
News
04 Apr 2024
Obituary: Professor Ross Anderson, pioneer in security engineering and campaigner
Ross Anderson, a titan in the field of security engineering and campaigner for privacy and security, has passed away Continue Reading
-
Opinion
03 Apr 2024
Security Think Tank: Banning ransomware payments is not so straightforward
In the wake of renewed calls for lawmakers to consider enacting legal bans on ransomware payments, the Computer Weekly Security Think Tank weighs in to share their thoughts on how to tackle the scourge for good. Continue Reading
-
News
03 Apr 2024
RDP abused in over 90% of cyber attacks, Sophos finds
Threat actors continue to see great success using simple, tried and tested methods, and many defenders are failing to do the basics Continue Reading
-
News
03 Apr 2024
Ransomware kill switch may save 99% of files from encryption
MDR specialist Adlumin says its new features will help customers stop in-progress ransomware attacks before they can cause significant damage Continue Reading
-
News
03 Apr 2024
Cato claims SASE speed record
Fast cars meet even faster networks as leading SASE provider doubles throughput to double-digit gigabits per second without any hardware upgrades, attributing the landmark as underscoring value of fully cloud-native platform Continue Reading
-
Opinion
02 Apr 2024
Security Think Tank: How to tackle the scourge of ransomware?
In the wake of renewed calls for lawmakers to consider enacting legal bans on ransomware payments, the Computer Weekly Security Think Tank weighs in to share their thoughts on how to tackle the scourge for good. Continue Reading
-
News
01 Apr 2024
Open source alert over intentionally placed backdoor
A backdoor in the open source XZ Utils data compression library could have led to widespread compromise across the Linux ecosystem - and the community is on the trail of a developer who seems to be behind it Continue Reading
-
Opinion
01 Apr 2024
Security Think Tank: Ransomware lessons from the armed forces
In the wake of renewed calls for lawmakers to consider enacting legal bans on ransomware payments, the Computer Weekly Security Think Tank weighs in to share their thoughts on how to tackle the scourge for good. Continue Reading
-
News
29 Mar 2024
Organisations getting better at spotting identity fraud
As the barriers to committing identity fraud continue to drop, organisations should consider more sophisticated technical measures to successfully up their game, according to a report Continue Reading