IT security
-
News
12 Nov 2024
More data stolen in 2023 MOVEit attacks comes to light
Over a year since the infamous MOVEit Transfer cyber attacks affected thousands of organisations, more new victims have come to light after an anonymous threat actor leaked their data on the dark web Continue Reading
-
Opinion
12 Nov 2024
Strengthening cyber: Best IAM practices to combat threats
The Security Think Tank considers best practices in identity and access management and how can they be deployed to enable IT departments to combat cyber-attacks, phishing attacks and ransomware Continue Reading
-
Definition
29 Aug 2024
What is ESG reporting?
ESG reporting is a type of corporate disclosure that details the environmental, social and governance (ESG) promises, efforts and progress of an organization. Continue Reading
-
News
29 Aug 2024
Check Point secured for annual Security Serious cyber awards
The annual Security Serious Unsung Heroes awards, recognising the champions of the UK cyber security industry, are back once again, with a new headline sponsor joining the party Continue Reading
-
News
29 Aug 2024
Telegram CEO Pavel Durov under formal investigation, released on bail
European Commission confirms it has powers to place Telegram under ‘direct supervision’ if it meets the threshold for regulation under the Digital Services Act Continue Reading
-
News
29 Aug 2024
Iranian APT caught acting as access broker for ransomware crews
Members of Iran-backed Pioneer Kitten APT appear to be trying to supplement their pay packets by helping Russian-speaking ransomware gangs to access their victims in exchange for a cut of the profits Continue Reading
-
Opinion
29 Aug 2024
Cyber law reform should be top of Labour's policy list
With Labour returning to 10 Downing Street after 14 years, the Computer Weekly Security Think Tank panellists share advice and wish lists for the new government Continue Reading
-
News
29 Aug 2024
Study highlights secure software supply chain best practices
Security trends report from open source firm shows the approaches IT leaders take to secure their software supply chain Continue Reading
-
News
29 Aug 2024
US offers $2.5m bounty for on-the-run malware dev
US State Department puts a $2.5m bounty on the head of Angler exploit kit developer and ransomware crew member Volodymyr Kadariya as part of a major developing case Continue Reading
-
News
29 Aug 2024
Met Police deploy LFR in Lewisham without community input
The Met’s latest live facial recognition deployment in Catford has raised concerns over the lack of community engagement around the police force’s use of the controversial technology Continue Reading
-
Opinion
28 Aug 2024
A coherent Labour cyber strategy depends on consistency
With Labour returning to 10 Downing Street after 14 years, the Computer Weekly Security Think Tank panellists share advice and wish lists for the new government Continue Reading
-
News
28 Aug 2024
Iranian APT Peach Sandstorm teases new Tickler malware
Peach Sandstorm, an Iranian state threat actor, has developed a dangerous new malware strain that forms a key element of a rapidly evolving attack sequence Continue Reading
-
News
28 Aug 2024
Global cyber spend to rise 15% in 2025, pushed along by AI
Security spending will increase at pace in 2025, with artificial intelligence, cloud and consultancy services all pushing outlay to new highs, according to Gartner Continue Reading
-
News
28 Aug 2024
Cambridge Enterprise saves big with Keepit SaaS backup
University innovation body avoids hardware spend and saves management time as it switches from tape to cloud-to-cloud backup, instant recovery and decades-long retention from Keepit Continue Reading
-
News
28 Aug 2024
Telegram founder Pavel Durov questioned over cyber crime charges
Billionaire founder of Telegram accused of failing to co-operate with law enforcement requests for lawful interception Continue Reading
-
News
28 Aug 2024
How Kaspersky is driving growth in APAC
Kaspersky is leveraging its threat intelligence capabilities and local market knowledge to navigate geopolitical tensions and expand its footprint across the Asia-Pacific region Continue Reading
-
Opinion
27 Aug 2024
Extending zero-trust principles to endpoints
By combining zero-trust principles with other security strategies and continuously monitoring and improving their security posture, organisations can effectively mitigate risks and protect their resources, says Gartner's Nikul Patel Continue Reading
-
Opinion
27 Aug 2024
The US courts may have thrown a wrench into cyber regulation
A recent decision by the US Supreme Court to overrule the longstanding Chevron Deference has serious implications for global cyber security regulation Continue Reading
-
Opinion
27 Aug 2024
Public education on security must be a top priority for Labour
With Labour returning to 10 Downing Street after 14 years, the Computer Weekly Security Think Tank panellists share advice and wish lists for the new government Continue Reading
-
News
27 Aug 2024
Palo Alto Networks bets on ‘precision AI’
Palo Alto Networks’ regional leader, Steven Scheurmann, explains how machine learning, neural networks and generative AI can help to prevent breaches in what it calls ‘precision AI’ Continue Reading
-
News
22 Aug 2024
New Qilin tactics a ‘bonus multiplier’ for ransomware chaos
Sophos X-Ops caught the Qilin ransomware gang stealing credentials stored by victims' employees in Google Chrome, heralding further cyber attacks and breaches down the line. Continue Reading
-
News
21 Aug 2024
Pakistani national arrested over Southport ‘cyber terrorism’
Authorities in Pakistan have arrested a man on suspicion of cyber terrorism over his role in the spread of online misinformation in the wake of the Southport knife attack Continue Reading
-
Video
21 Aug 2024
An explanation of cybersecurity
Cybersecurity protects internet-connected systems from attacks, covering hardware, software and data. Continue Reading
-
Podcast
21 Aug 2024
Podcast: Ransomware and what data storage can do about it
We talk to NetApp’s Chris McKean about ransomware attacks and the role of data storage in protecting against them Continue Reading
-
Opinion
20 Aug 2024
From manifesto to material: What No. 10 needs to make reality
With Labour returning to 10 Downing Street after 14 years, the Computer Weekly Security Think Tank panellists share advice and wish lists for the new government Continue Reading
-
News
20 Aug 2024
ICO launches privacy notice tool for SMEs
ICO tool designed to make it easier for small businesses and sole traders operating online to create bespoke data privacy notices for compliance purposes Continue Reading
-
News
20 Aug 2024
Phishing links becoming bigger threat than email attachments
Phishing techniques are evolving away from malicious email attachments, according to a report Continue Reading
-
20 Aug 2024
How to avoid joining the Dead Java Code Society
Unused or dead Java code is bogging down software engineers and developers, causing weird dependencies and security risks Continue Reading
-
20 Aug 2024
Mitigating the risks of modern application development
Organisations need to have visibility over their software supply chain, secure and monitor interfaces to legacy systems and adopt zero trust to mitigate the risks of modern application development. Continue Reading
-
News
20 Aug 2024
Helsinki braced for elevated cyber attacks
The City of Helsinki is increasing its collaboration with cyber security and crime investigators following a major attack on its systems Continue Reading
-
Definition
19 Aug 2024
What is ICD-9-CM (International Classification of Diseases, Ninth Revision, Clinical Modification)?
The International Classification of Diseases, Ninth Revision, Clinical Modification, also known simply as ICD-9-CM, is the U.S. healthcare system's adaptation of the World Health Organization's (WHO) ICD-9 standard list of six-character alphanumeric codes to describe medical diagnoses and procedures and to track diseases and mortality. Continue Reading
-
News
19 Aug 2024
Challenges of deploying PQC globally
Quantum computers will eventually be powerful and reliable enough to crack strong encryption. PQC is the answer, but it could take years to deploy Continue Reading
-
News
19 Aug 2024
Popular Microsoft apps for Mac at risk of code injection attacks
Researchers at Cisco Talos turn up evidence suggesting that Microsoft apps running on the Apple macOS operating system are not as secure as they seem Continue Reading
-
Opinion
19 Aug 2024
How might the UK's cyber landscape change under Labour?
With Labour returning to 10 Downing Street after 14 years, the Computer Weekly Security Think Tank panellists share advice and wish lists for the new government Continue Reading
-
News
16 Aug 2024
New Relic CEO on APAC growth and future of observability
New Relic CEO Ashan Willy talks up growth trajectory in APAC, the company’s long-term vision, and how going private has enabled it to make strategic investments Continue Reading
-
Tip
16 Aug 2024
User mode vs. kernel mode: OSes explained
Kernel mode exists to keep user applications from disrupting critical system functions. Learn how each state works and what can happen when an error occurs in kernel mode. Continue Reading
-
News
16 Aug 2024
Thousands of NetSuite customers accidentally exposing their data
Misconfigured permissions across live websites are leaving thousands of NetSuite users open to having their valuable customer data stolen, researchers say Continue Reading
-
News
16 Aug 2024
Campaigners criticise Starmer post-riot public surveillance plans
A UK government programme to expand police facial recognition and information sharing after racist riots is attracting criticism from campaigners for exploiting the far-right unrest to generally crack down on protest and increase surveillance Continue Reading
-
Opinion
15 Aug 2024
Google's cookie conundrum: What comes next?
Google's revised approach to third-party cookies shouldn't come as a surprise, and may also be welcome Continue Reading
-
Opinion
15 Aug 2024
With the right tools and strategy, public cloud should be safe to use
Despite the complexity and evolving nature of threats, with the right strategy, tools, and constant vigilance, businesses can safely and securely leverage public cloud services Continue Reading
-
Opinion
15 Aug 2024
'Black swans' take flight: the legal ramifications of the CrowdStrike incident
A ‘guinea pig’ approach to testing software could lead to class actions against technology companies Continue Reading
-
News
15 Aug 2024
Google Cloud survey shows GenAI business benefits
Survey on behalf of Google Cloud suggests that business can start generating value from GenAI within six months Continue Reading
-
News
15 Aug 2024
ASEAN organisations lack mature AI strategy
IBM-commissioned study reveals that while ASEAN organisations are engaging with AI, only 4% have reached a transformative level of AI maturity Continue Reading
-
News
14 Aug 2024
August Patch Tuesday proves busy with six zero-days to fix
Microsoft patches six actively exploited zero-days among over 100 issues during its regular monthly update Continue Reading
-
News
14 Aug 2024
Dawn Project calls out Big Tech for selling AI snake oil
A campaigning group focused on safety critical technology has called out the major tech firms for putting people’s lives at risk with flawed AI Continue Reading
-
News
14 Aug 2024
Automated police tech contributes to UK structural racism problem
Civil society groups say automated policing technologies are helping to fuel the disparities that people of colour face across the criminal justice sector, as part of wider warning about the UK’s lack of progress in dealing with systemic racism Continue Reading
-
News
14 Aug 2024
Leeds Teaching Hospitals deploys patient records and data sharing on Azure
In-house patient records system has been migrated to the Microsoft public cloud, opening up the potential for greater data sharing Continue Reading
-
News
13 Aug 2024
NIST debuts three quantum-safe encryption algorithms
NIST has launched the first three quantum-resistant encryption algorithms, and as the threat of quantum-enabled cyber attacks grows greater, organisations are encouraged to adopt them as soon as they can Continue Reading
-
News
13 Aug 2024
Cyber criminal kingpin ‘J.P. Morgan’ appears in US court
‘J.P. Morgan’, a Belarusian cyber criminal who ran a major ransomware campaign supported by malvertising scams, faces decades in prison in the United States after being extradited from the EU Continue Reading
-
Opinion
13 Aug 2024
Labour's first cyber priority must be the NHS
With Labour returning to 10 Downing Street after 14 years, the Computer Weekly Security Think Tank panellists share advice and wish lists for the new government Continue Reading
-
News
13 Aug 2024
Australia’s cyber security skills gap remains pressing issue
Study reveals Australia’s critical shortage of cyber security professionals, escalating the risk of data breaches Continue Reading
-
Feature
12 Aug 2024
Forrester: Rethink your software asset management practices
Software as a service needs to be managed as part of software asset management. Forrester analysts offer some practical advice on how to succeed Continue Reading
-
Blog Post
09 Aug 2024
Cyberfirst needs more than a change of gear
Instead of establishing a new organisation, Cyberfirst should be restructured to work locally and nationally through the Cyber Security Council and existing mainstream on-line safety, safeguarding ... Continue Reading
-
Feature
09 Aug 2024
Deep dive into quantum-resistant cryptography for email security
Quantum computers have the potential to crack many of the encryption methods we currently rely on to keep our digital communications safe. Quantum-resistant cryptography may be the answer Continue Reading
-
Feature
09 Aug 2024
How UK firms can get ready for the implementation of NIS2
Many British companies will need to adhere to NIS2’s cyber security risk management and reporting requirements if they want to continue operating in the EU market and avoid huge fines Continue Reading
-
News
09 Aug 2024
The Security Interviews: Google’s take on confidential computing
We speak to Google’s Nelly Porter about the company’s approach to keeping data as safe as possible on Google Cloud Continue Reading
-
News
08 Aug 2024
Royal ransomware crew puts on a BlackSuit in rebrand
The Royal ransomware gang is back, with a new name and refreshed capabilities, including an apparently unique ‘partial encryption’ gambit, according to CISA Continue Reading
-
News
08 Aug 2024
US lawmakers seek to brand ransomware gangs as terrorists
Proposals from legislators in Washington DC could shake up the global ransomware ecosystem and give law enforcement sweeping new powers Continue Reading
-
News
08 Aug 2024
Ofcom issues online safety warning to firms in wake of UK riots
Ofcom has issued a warning reminding social media firms of their upcoming online safety obligations, after misinformation about the Southport stabbings sparked racist riots throughout the UK Continue Reading
-
News
07 Aug 2024
Microsoft and CrowdStrike hit back at Delta’s legal threats
Microsoft and CrowdStrike have rejected claims by Delta Air Lines that it was left high and dry amid thousands of flight cancellations during July’s software outage, accusing the airline of ignoring their offers of help and running out-of-date IT systems Continue Reading
-
Opinion
07 Aug 2024
Cyber security adoption is vital to Scotland’s space race
Scotland has a golden opportunity to capitalise on space technology to make itself a global leader, but to maximise its potential in the new space race, more attention must be paid to cyber security risk Continue Reading
-
Definition
07 Aug 2024
What is a quality gate?
A quality gate is a milestone in an IT project that requires that predefined criteria be met before the project can proceed to the next phase. Continue Reading
-
Podcast
07 Aug 2024
Securing data in GCP: A Computer Weekly Downtime Upload podcast
We speak to Google’s director of product management for confidential computing about ensuring the protection of data in use Continue Reading
-
News
06 Aug 2024
Advanced faces fine over LockBit attack that crippled NHS 111
Advanced Software faces a multimillion pound fine for a series of failings which directly led to a 2022 LockBit ransomware attack that disrupted NHS and social care services across the UK Continue Reading
-
News
06 Aug 2024
2024 seeing more CVEs than ever before, but few are weaponised
The number of disclosed CVEs soared by 30% in the first seven-and-a-half months of the year, but a tiny fraction of these have been exploited by threat actors, a reminder of the importance of focused security strategies Continue Reading
-
Feature
06 Aug 2024
AI disempowers logistics workers while intensifying their work
Conversations on the algorithmic management of work largely revolve around unproven claims about productivity gains or job losses - less attention is paid to how AI and automation negatively affect low-paid workers Continue Reading
-
Blog Post
06 Aug 2024
Cloud Storage Revisited: What has the last decade taught us?
It is clear that cloud storage has become an important component of modern IT infrastructure. Nearly every IT professional is faced with rapidly growing data volumes, and in many instances they are ... Continue Reading
-
Blog Post
06 Aug 2024
Forget "Let's Look At What You Could Have Won" - Let's Look At What You CAN Win!
Well, it’s hard to believe it’s that time of year again already – no, not Christmas, though I’m sure The Range already has a wall of Rudolph-related items of no exact definition lined up at the ... Continue Reading
-
E-Zine
06 Aug 2024
Migrating to S/4Hana – how the Co-op made its move
In this week’s Computer Weekly, as SAP users prepare for the deadline to move off the ECC platform, we find out how the Co-op is migrating to S/4Hana. Our latest buyer’s guide looks at how to manage SaaS and on-premise software licensing. And we talk to former NCSC CEO Ciaran Martin about the true risks from nation-state cyber attacks. Read the issue now. Continue Reading
-
News
05 Aug 2024
Chinese cyber attack sparks alert over six-year-old MS vuln
After a proof-of-concept for a six-year-old Microsoft vulnerability emerged in a Chinese APT attack chain, defenders should be on the look-out for exploitation of CVE-2018-0824 Continue Reading
-
News
05 Aug 2024
World’s largest companies at near-universal risk of supply chain breach
Data from SecurityScorecard once again focuses on the interconnected nature of business supply chains and the risk posed to operational resilience by unexpected IT problems and cyber threats Continue Reading
-
News
05 Aug 2024
Russia’s luxury car phish continues to prove effective
Government organisations and other bodies operating in Ukraine continue to be targeted by a relatively unsophisticated phishing campaign that has proven so effective for Russia’s cyber spooks that there are now multiple agencies involved Continue Reading
-
Opinion
05 Aug 2024
Cyber lessons, and priorities for the UK's new government
With Labour returning to 10 Downing Street after 14 years, the Computer Weekly Security Think Tank panellists share advice and wish lists for the new government Continue Reading
-
Opinion
02 Aug 2024
Labour should focus on talent to improve UK's cyber posture
With Labour returning to 10 Downing Street after 14 years, the Computer Weekly Security Think Tank panellists share advice and wish lists for the new government Continue Reading
-
News
02 Aug 2024
How CrowdStrike is leveraging AI to empower security teams
CrowdStrike CTO Elia Zaitsev explains how the company’s multi-agent AI architecture can help to enhance analyst efficiency and tackle cyber security challenges Continue Reading
-
News
01 Aug 2024
Police hunt scammers after takedown of Russian Coms fraud platform
The National Crime Agency has arrested four people after taking down a phone number spoofing platform used by criminals to defraud hundreds of thousands of people in the UK with more arrests to follow Continue Reading
-
News
01 Aug 2024
CrowdStrike shareholders sue, alleging false security claims
A US pension fund is lining up a lawsuit against CrowdStrike, claiming the cyber company lied about the integrity of its systems, leading to failings that caused a worldwide IT outage Continue Reading
-
Opinion
01 Aug 2024
Is it time to refresh the UK's cyber strategy?
With Labour returning to 10 Downing Street after 14 years, the Computer Weekly Security Think Tank panellists share advice and wish lists for the new government Continue Reading
-
News
01 Aug 2024
Banks, telcos call for more data sharing to fight fraud
A Which?-led coalition of banks and telecoms operators is calling on the UK's new government to take the lead on enabling data sharing to help fight digital fraud Continue Reading
-
News
31 Jul 2024
API attacks surge by 65% in APAC, fuelled by rapid digitisation
Akamai's report reveals a significant rise in cyber attacks on web applications and APIs in the region over the past year, with financial and commerce sectors hardest hit Continue Reading
-
Opinion
31 Jul 2024
When critical cyber response becomes second nature
When alerts and headlines blare out warnings of critical vulnerabilities in widely-used software, the cyber security community needs to adopt a more decisive and clear-cut approach, says Huntress' Chris Henderson Continue Reading
-
News
31 Jul 2024
Campaigners call for evidence to reform UK cyber laws
The CyberUp Campaign for reform of the 1990 Computer Misuse Act launches an industry survey inviting cyber experts to share their views on how the outdated law hinders legitimate work Continue Reading
-
News
31 Jul 2024
Mayor launches London Privacy Register for smart city information
To increase transparency around and trust in London’s smart city technology deployments, the London Privacy Register aims to provide the public with more information about the systems they encounter in their day-to-day lives Continue Reading
-
Definition
31 Jul 2024
What is cyber attribution?
Cyber attribution is the process of tracking and identifying the perpetrator of a cyberattack or other cyber operation. Continue Reading
-
News
31 Jul 2024
Breach costs soar as record ransomware payment made
IBM publishes data on the spiralling costs of cyber attacks and data breaches, while researchers identify what appears to be the largest ransomware payment ever made Continue Reading
-
News
30 Jul 2024
Basic failures led to hack of Electoral Commission data on 40 million people
UK government identifies Chinese state-linked hackers as likely to have been behind attack on the Electoral Commission Continue Reading
-
Feature
30 Jul 2024
CISO mentoring – who to turn to when the worst happens
Those who get the role of a CISO may have overcome some professional hurdles, but are they ready to face what comes as part of the job? And who do they ask for advice? We look at the mentoring dilemma Continue Reading
-
News
30 Jul 2024
Core British Library services to return for new academic year
The British Library’s recovery from a devastating ransomware attack that laid waste to its IT systems continues - with hopes that some of its most popular services will be running again in September Continue Reading
-
E-Zine
30 Jul 2024
CrowdStrike blue screen bug serves a stark warning
In this week’s Computer Weekly, we analyse the lessons from the global IT outage caused by the blue screen bug in CrowdStrike security software. We talk to the data chief of Barilla, the €4bn pasta maker, about the benefits of asking, “So what?” And we find out how Finland is taking a lead on quantum computing. Read the issue now. Continue Reading
-
Definition
30 Jul 2024
What is data loss prevention (DLP)?
Data loss prevention (DLP) -- sometimes referred to as 'data leak prevention,' 'information loss prevention' or 'extrusion prevention' -- is a strategy to mitigate threats to critical data. Continue Reading
-
Feature
29 Jul 2024
8 blockchain-as-a-service providers to have on your radar
You don't have to build your blockchain project from the ground up. These cloud-based service providers can provide the necessary infrastructure, networking and development tools. Continue Reading
-
Definition
29 Jul 2024
What is GDPR? Compliance and conditions explained
The General Data Protection Regulation (GDPR) is legislation that updated and unified data privacy laws across the European Union (EU). Continue Reading
-
Feature
29 Jul 2024
CrowdStrike update chaos explained: What you need to know
A botched software update at cyber security firm CrowdStrike has caused IT chaos around the world. Learn more about the global CrowdStrike update outage as it develops Continue Reading
-
News
29 Jul 2024
Scam CrowdStrike domains growing in volume
Hundreds of malicious domains exploiting CrowdStrike’s branding are appearing all over the web in the wake of the 19 July outage. Experts from Akamai share some noteworthy examples, along with guidance on how to avoid getting caught out Continue Reading
-
News
29 Jul 2024
CrowdStrike says most Falcon sensors now up and running
The vast majority of CrowdStrike Falcon sensors affected by a coding error have now been recovered, with a final resolution expected this week Continue Reading
-
News
29 Jul 2024
WTO digital trade agreement aims to modernise global commerce
A digital trade deal negotiated over five years at the World Trade Organization has been signed by 91 countries, laying the groundwork for a new global digital trade regime Continue Reading
-
Definition
26 Jul 2024
What is a computer exploit?
A computer exploit, or exploit, is a program or piece of code developed to take advantage of a vulnerability in a computer or network system. Continue Reading
-
Opinion
26 Jul 2024
Mastering data privacy in the age of AI
AI continues to revolutionise how organisations operate, using vast amounts of personal data to make smart, informed decisions. However, this incredible potential comes with concerns about data privacy. DQM GRC's Mark James explores the issues. Continue Reading
-
26 Jul 2024
Enterprises urged to take protective action in wake of CrowdStrike chaos
Enterprises that emerged unscathed from the roll-out of the botched CrowdStrike software update are being urged to view it as a wake-up call rather than a lucky escape Continue Reading
-
Opinion
26 Jul 2024
Cyber crisis? How good PR can save your brand
Cyber attacks and data breaches can happen to anybody and often bring reputational damage and a loss of customer trust. How organisations publicly respond to such incidents can make or break them, and the importance of a good PR strategy cannot be underestimated Continue Reading
-
News
26 Jul 2024
Ban predictive policing and facial recognition, says civil society
A coalition of civil society groups is calling for an outright ban on predictive policing and biometric surveillance in the UK Continue Reading
-
Opinion
26 Jul 2024
Cloud security challenges not just technological
The Computer Weekly Security Think Tank considers how CISOs and security practitioners should ensure that the business can make use of public cloud services safely and securely and avoid accidental or deliberate data leakage. Continue Reading