IT security
-
News
12 Nov 2024
More data stolen in 2023 MOVEit attacks comes to light
Over a year since the infamous MOVEit Transfer cyber attacks affected thousands of organisations, more new victims have come to light after an anonymous threat actor leaked their data on the dark web Continue Reading
-
Opinion
12 Nov 2024
Strengthening cyber: Best IAM practices to combat threats
The Security Think Tank considers best practices in identity and access management and how can they be deployed to enable IT departments to combat cyber-attacks, phishing attacks and ransomware Continue Reading
-
Opinion
09 Jul 2021
Professionals need protection from the Computer Misuse Act
The UK needs cyber legislation fit for the 21st century, so it is important for the industry to get behind the government’s proposed reform of the Computer Misuse Act Continue Reading
-
News
09 Jul 2021
Ransomware gangs seek people skills for negotiations
The process of negotiating a ransomware payment is delicate, hence cyber criminal organisations are prepared to offer good terms to those with the right skillsets Continue Reading
-
News
09 Jul 2021
Met Police should release information on British WikiLeaks journalists passed to US, tribunal told
The Metropolitan Police should release correspondence with the US Department of Justice about three UK based WikiLeaks journalists, despite national security claims, a tribunal heard Continue Reading
-
Opinion
09 Jul 2021
Are you betting your future on the worst gambling odds in the world?
Gambling is a high-risk strategy. Doing nothing in the face of the threat from ransomware and hoping for the best provides some of the worst odds you will ever come across Continue Reading
-
Opinion
09 Jul 2021
Choose the right ITSM tool for digital era success
IT service management (ITSM) tools are essential for many organisations to help optimise the design, delivery, support, use and governance of IT, but not all ITSM solutions are created equal, therefore selecting the right one is crucial Continue Reading
-
Blog Post
08 Jul 2021
How do we win back digital adolescents recruited to the Dark Side during lockdown?
The Hacker Forum is one of the most welcoming, friendly and attractive "support" group for those stuck in their bedrooms, isolated from friends and school during lockdown and bored with home-learning. Continue Reading
-
Blog Post
08 Jul 2021
How zero-trust security can bolster Managed Print Services (MPS) offerings
MPS providers must build expertise to address the zero-trust requirements of their customers. This means offering and implementing a multi-layered security proposition to protect printing across ... Continue Reading
-
Blog Post
08 Jul 2021
Our Survey Says...
The whole WFH/ WFA (Work From Home/Anywhere) initiative that was somewhat enforced on the world’s working population as a result of the “P” word, has largely been well received, but a new survey ... Continue Reading
-
Definition
08 Jul 2021
Snort
Snort is an open source network intrusion detection system (NIDS) created by Sourcefire founder and former CTO Martin Roesch. Continue Reading
-
News
08 Jul 2021
Kaseya apologises for extended downtime after ransom attack
CEO of Kaseya apologises after pushing back the restoration of the firm’s VSA service following a REvil ransomware attack Continue Reading
-
Opinion
08 Jul 2021
Why identity is the central problem for the future of the internet
As debate rages over who has the right to control user identities online, is the concept of decentralised identity about to have its day? Continue Reading
-
News
08 Jul 2021
PrintNightmare haunts Microsoft as patch may miss mark
Microsoft dropped an out-of-band patch to fix PrintNightmare, but there are concerns it may not be totally effective. This does not mean it shouldn’t be applied Continue Reading
-
Opinion
08 Jul 2021
Security Think Tank: Reopening is an opportunity to reassess wider security posture
With Covid-19 restrictions easing, offices are welcoming back remote workers this summer, bringing with them their notebooks and mobiles, and creating an endpoint management headache for CISOs. What do security teams need to account for to protect their returning office workers? Continue Reading
-
News
07 Jul 2021
US government given permission to appeal UK’s decision to not extradite Julian Assange
US offers assurances that Assange could serve time in his home country of Australia if convicted Continue Reading
-
News
07 Jul 2021
ICO to probe Hancock over private email use
Former health secretary faces an investigation by the UK’s data protection watchdog over his use of private email to conduct government business Continue Reading
-
News
07 Jul 2021
How the UK Cyber Security Council plans to professionalise security
As chair of the new UK Cyber Security Council, Claudia Natanson is in a superb position to develop professional standards in IT security and she intends to fundamentally reimagine what a security job actually is Continue Reading
-
News
07 Jul 2021
Opportunists seen targeting Kaseya REvil victims
Malwarebytes researchers highlight new spam campaign targeting businesses impacted by the ongoing Kaseya REvil ransomware incident Continue Reading
-
Opinion
07 Jul 2021
Security Think Tank: As offices reopen, address patching and ‘build drift’
With Covid-19 restrictions easing, offices are welcoming back remote workers this summer, bringing with them their notebooks and mobiles, and creating an endpoint management headache for CISOs. What do security teams need to account for to protect their returning office workers? Continue Reading
-
News
06 Jul 2021
About 60 Kaseya customers hit by REvil
Kaseya has revised upward the number of managed service providers compromised by the REvil ransomware gang in a supply chain attack at the weekend Continue Reading
-
News
06 Jul 2021
Klarna under investigation by Swedish finance watchdog
Swedish fintech is being investigated by financial services regulator after customer information was visible to others Continue Reading
-
News
06 Jul 2021
Cyber insurance costs up by a third
The frequency and severity of ransomware attacks is a leading factor behind a substantial increase in the cost of obtaining cyber security insurance Continue Reading
-
News
06 Jul 2021
BA reaches settlement in data breach group action
A group action against BA following its 2018 data breach has been successfully settled Continue Reading
-
Opinion
06 Jul 2021
Security Think Tank: Returning workers to the office: Is your security posture up to date?
With Covid-19 restrictions easing, offices are welcoming back remote workers this summer, bringing with them their notebooks and mobiles, and creating an endpoint management headache for CISOs. What do security teams need to account for to protect their returning office workers? Continue Reading
-
05 Jul 2021
Buying a VPN? Here’s what you need to know
VPNs are an effective cyber security tool for businesses and remote workers, but there are many things to consider before purchasing and implementing one. We explore some of these Continue Reading
-
Opinion
05 Jul 2021
Going back to office networks, only to dismantle them once and for all
With Covid-19 restrictions easing, offices are welcoming back remote workers this summer, bringing with them their notebooks and mobiles, and creating an endpoint management headache for CISOs. What do security teams need to account for to protect their returning office workers? Continue Reading
-
Blog Post
05 Jul 2021
Cloud - Infrastructure - Security - SASE - Discuss!
Over the past 12 months, I’ve regularly talked about sassy SASE in this blog. But I’m not the only one. A recent Netevents interactive debate had several vendors debating SASE as part of a general ... Continue Reading
-
News
05 Jul 2021
REvil crew wants $70m in Kaseya ransomware heist
Two days after one of the largest ransomware attacks in history by the REvil/Sodinokibi gang, the security community is assessing its next moves, while over 1,000 victims remain in limbo Continue Reading
-
Feature
05 Jul 2021
Toughening up web and mobile apps
We look at how organisations can secure internal and web-facing applications against ransomware and injection-style attacks Continue Reading
-
News
03 Jul 2021
Berlin court finds EncroChat intercept evidence cannot be used in criminal trials
In a major setback for police hacking operations, Berlin’s regional court has decided that intercepted data from the EncroChat phone network should not be used in criminal prosecutions Continue Reading
-
Opinion
02 Jul 2021
The secret to building a future-proof cyber security team
In a post-pandemic digital world, where cyber criminals see a feast of opportunities, what are the secrets to building a world-class cyber security function? Continue Reading
-
Opinion
02 Jul 2021
Security Think Tank: Hydration, hiring, hacking – lessons in post-Covid risk
With Covid-19 restrictions easing, offices are welcoming back remote workers this summer, bringing with them their notebooks and mobiles, and creating an endpoint management headache for CISOs. What do security teams need to account for to protect their returning office workers? Continue Reading
-
News
02 Jul 2021
Should I be worried about PrintNightmare?
The accidental publication of proof of concept code for a Windows vulnerability, and the reclassification of said bug from low to critical severity, has the cyber community concerned. Is it right to be? Continue Reading
-
News
02 Jul 2021
Cyber attackers up the ante on embattled IT teams
Opportunistic threat actors are pouncing on embattled IT teams that are under pressure to expand remote work arrangements Continue Reading
- 01 Jul 2021
-
Blog Post
01 Jul 2021
Do video games breed hackers?
The aim on Monday is to explore how the online wild west of gaming seemingly escalates young gamers from downloading simple cheat codes to launching full-scale DDoS attacks and even being involved ... Continue Reading
-
News
01 Jul 2021
NCSC joins US authorities to expose Russian brute force campaign
A joint attribution by the British and American authorities accuses Russia’s GRU intelligence services of conducting a campaign of brute force attacks on enterprise and cloud environments Continue Reading
-
News
01 Jul 2021
US Cybersecurity and Infrastructure Security Agency launches ransomware assessment tool
Newly launched service will help US organisations understand how prepared they are to deal with a ransomware attack Continue Reading
-
News
01 Jul 2021
Cyber espionage campaign targeted central Asian states
The Afghan, Kyrgyz and Uzbek governments are all thought to have been targeted by the same APT Continue Reading
-
News
01 Jul 2021
NHS IT fraudster Barry Stannard sentenced to five years in prison
Stannard used his position as head of unified communications at an Essex NHS Trust to cheat the taxpayer of more than £800,000 Continue Reading
-
News
01 Jul 2021
Nominations open for 2021 Security Serious Unsung Heroes Awards
Nominations are now open for this year’s edition of the Unsung Heroes Awards for cyber professionals and educators Continue Reading
-
News
30 Jun 2021
Half of mobile phones sold in the UK at risk of security issues
Lengthy mobile phone contracts leave buyers at risk of their devices losing support for security updates Continue Reading
-
News
30 Jun 2021
REvil affiliates offer hefty ransom discounts, data reveals
REvil or Sodinokibi ransomware activity is higher than ever, but its success appears to be relative, with some affiliates prepared to dramatically cut their prices Continue Reading
-
News
30 Jun 2021
LinkedIn denies exposure of 700 million user records is a data breach
Data relating to 700 million users of the LinkedIn networking platform has appeared for sale, but the firm says it is the victim of data scraping, not a security breach Continue Reading
-
Opinion
30 Jun 2021
UK data exchanges with EU can continue after adequacy decision - but for how long?
For now European businesses can continue to send data to the UK without additional safeguards and paperwork. How long will it last? Continue Reading
-
Definition
30 Jun 2021
active attack
An active attack is a network exploit in which a hacker attempts to make changes to data on the target or data en route to the target. Continue Reading
-
News
30 Jun 2021
Cops seize criminal VPN used by ransomware gangs
A coordinated sting has ended the operations of the DoubleVPN service, the owners of which are accused of harbouring cyber criminal activity Continue Reading
-
Quiz
30 Jun 2021
12 official practice questions for the CCNA 200-301 exam
These practice questions for CCNA 200-301 lay out what readers need to know about network security and IP routing in the LAN, from 'CCNA 200-301 Official Cert Guide, Volumes 1 and 2.' Continue Reading
-
Opinion
30 Jun 2021
Ethical hacking: What, why, and overcoming concerns
We find out why and how hitting your own business with a cyber attack can help improve security Continue Reading
-
Blog Post
30 Jun 2021
Elmer Fudd Goes Cyber Hunting As A Service
Time – they say – is of the essence (if not vanilla) but never more than in network detection and response (NDR) scenarios. The problem with many products aimed at detecting network anomalies and ... Continue Reading
-
News
30 Jun 2021
Putting cloud repatriation into perspective
Moving public cloud workloads back on-premise is among the decisions that organisations have to make as they straddle between public and private cloud environments Continue Reading
-
News
29 Jun 2021
New Nobelium attacks a reminder to attend to cyber basics
A new campaign from the same threat group that broke into SolarWinds serves as a reminder that cyber crime gangs will try to exploit any avenue they can, even if technically unsophisticated Continue Reading
-
News
29 Jun 2021
UK Cyber Security Council launches inaugural initiatives
Security association seeks to determine terms of reference for committees to oversee standards and ethics, and qualifications and careers in the cyber sector Continue Reading
-
News
29 Jun 2021
EU recognises UK data protection adequacy but warns against divergence
The European Commission has granted the UK data adequacy, allowing data sharing between the EU and the UK, but warns it may yet be revoked Continue Reading
-
Opinion
29 Jun 2021
Banking tech fraud: How to trace and recover your money
Even when stolen assets are sent offshore, the special powers of the English civil court system mean all may not be lost Continue Reading
-
E-Zine
29 Jun 2021
Is the UK government planning to rewrite GDPR?
In this week’s Computer Weekly, a government taskforce on post-Brexit regulations has recommended changes to GDPR in the UK – we examine the implications. The NHS has launched a new data strategy - we look at what it means for your medical records. And we ask how to avoid the performance problems that affect private cloud. Read the issue now. Continue Reading
-
News
29 Jun 2021
Video game industry under relentless cyber attacks
Web application attacks against the global video game industry grew by 340% in 2020 as more people turn to gaming during pandemic lockdowns Continue Reading
-
News
28 Jun 2021
Insurers unprepared for challenges of underwriting ransomware
RUSI think tank calls for an industry-wide reset amid intense challenges for providers of cyber security insurance Continue Reading
-
News
28 Jun 2021
UK’s FCA bans crypto exchange Binance as crackdown spreads
Ban on Binance Markets comes amid a wider global crackdown on the largely unregulated global market for cryptocurrencies and related assets. Continue Reading
-
Definition
28 Jun 2021
public key
In cryptography, a public key is a large numerical value that is used to encrypt data. Continue Reading
-
News
28 Jun 2021
HMRC-branded phishing scams surge despite protections
The number of HMRC-branded phishing scams surged 87% in the past 12 months, according to latest revealed figures Continue Reading
-
Opinion
28 Jun 2021
How CIOs can help their organisations accelerate digital transformation
Companies need to win the trust of their customers to gather the data they need to transform their businesses Continue Reading
-
News
28 Jun 2021
Lazada rolls out public bug bounty programme
Regional e-commerce giant Lazada is looking to uncover more vulnerabilities that could compromise data security in a public bug bounty programme that offers up to $10,000 per bounty Continue Reading
-
Definition
25 Jun 2021
end-to-end encryption (E2EE)
End-to-end encryption (E2EE) is a method of secure communication that prevents third parties from accessing data while it's transferred from one end system or device to another. Continue Reading
-
News
25 Jun 2021
NCSC CEO: UK-Ireland collaboration crucial to stop cyber threats
Speaking at a conference in Dublin, NCSC Lindy Cameron is highlighting the importance of continued collaboration between the UK and Ireland to protect shared interests and counter security threats Continue Reading
-
News
25 Jun 2021
Anglesey schools offline after cyber attack
Isle of Anglesey County Council is investigating a cyber attack that has forced it to shut down systems at all five secondary schools on the island Continue Reading
-
News
25 Jun 2021
CMA to probe Amazon and Google over fake reviews
The CMA has opened an investigation into Amazon and Google over possible breaches of consumer protection law Continue Reading
-
News
25 Jun 2021
AWS launches bug-busting programme for developers
Amazon Web Services is inviting customers to probe their code for software bugs and vulnerabilities using its CodeGuru console Continue Reading
-
News
24 Jun 2021
Google hands third-party cookies a stay of execution
Google’s proposed Privacy Sandbox initiative – which will see third-party cookies phased out in the Chrome web browser – has been pushed back to 2023 Continue Reading
-
News
24 Jun 2021
NCSC recognises cyber degree apprenticeships for the first time
Addition of new cyber courses to National Cyber Security Centre’s accredited list will supposedly help students make better choices and help universities get more funding Continue Reading
-
News
24 Jun 2021
Revealed: Crypto platform’s role in Cl0p ransomware raid
Crypto infrastructure provider Binance provided assistance to law enforcement after finding its exchange was being used by cyber criminals to launder their ransomware profits Continue Reading
-
News
24 Jun 2021
Stalkerware apps becoming normalised among young people
Data in a new report appears to show that dangerous stalkerware apps are becoming normalised in younger age groups Continue Reading
-
News
24 Jun 2021
(ISC)² makes ransomware education course free through 31 July
Cyber security association is making its Professional Development Institute course on ransomware free to the general public until the end of July Continue Reading
-
News
24 Jun 2021
Controversial cyber tycoon John McAfee dead at 75
Founder of the eponymous cyber security firm has committed suicide in a Spanish prison Continue Reading
-
News
24 Jun 2021
Make ransomware payments illegal, say 79% of cyber pros
Report produced for MSSP Talion claims overwhelming support for the criminalisation of ransomware payments Continue Reading
-
News
23 Jun 2021
City of York picks Barracuda Networks for data protection
York Council needed to refresh its backup service to bring new security protections after it went ‘all-in’ on Microsoft Office 365 Continue Reading
-
News
23 Jun 2021
How containerisation helps VW develop car software
Volkswagen’s R&D centre is working with Red Hat to use containerisation to improve how it develops and tests software for the control systems in cars Continue Reading
-
Definition
23 Jun 2021
proxy firewall
A proxy firewall is a network security system that protects network resources by filtering messages at the application layer. Continue Reading
-
News
23 Jun 2021
European Union to set up new cyber response unit
Proposed Joint Cyber Unit will tackle a rising number of serious incidents impacting public services, businesses and citizens of the EU Continue Reading
-
News
23 Jun 2021
Time to patch increases significantly during pandemic
New data from US-based endpoint management specialist Automox reveals some of the challenges security teams face in keeping up with endpoint security Continue Reading
-
News
23 Jun 2021
UK councils reported over 700 data breaches to ICO in 2020
Data disclosed under the Freedom of Information Act reveals an estimated 700 data breaches were reported to the Information Commissioner’s Office by local councils last year Continue Reading
-
News
23 Jun 2021
Openness can protect Dutch companies against ransomware
Dutch businesses that suffer ransomware attacks need to be more open about it, if this growing problem is to be brought under control Continue Reading
-
Definition
22 Jun 2021
security
Security for information technology (IT) refers to the methods, tools and personnel used to defend an organization's digital assets. Continue Reading
-
News
22 Jun 2021
SonicWall sees 226.3 million ransomware attack attempts this year
SonicWall detected 226.3 million attempted ransomware attacks between January and May 2021, more than double the number seen in the same period last year Continue Reading
-
News
22 Jun 2021
Cloudflare announces new integrations with Microsoft, others
New security integrations with Microsoft Azure Sentinel, Splunk, Datadog and Sumo Logic will supposedly make it easier for users to analyse network security data Continue Reading
-
News
22 Jun 2021
Innova and RISE drive node development in Sweden
Swedish cyber security project, National Node, opens its doors to the country’s security firms Continue Reading
-
Opinion
22 Jun 2021
European ‘chat control’ plans in the name of ‘child safety’ threaten end-to-end encryption
Proposals by European Commission to search for illegal material could mean the end of private messaging and emails Continue Reading
-
News
22 Jun 2021
NSPCC, IWF help under-18s scrub their nude photos from the web
Report Remove tool is designed to be used by under-18s to report nude images or videos of themselves that have appeared online Continue Reading
-
News
22 Jun 2021
UK SMEs lack capacity to fend off cyber attacks
Three-quarters of UK SME leaders would not have sufficient capacity or expertise to deal with a cyber attack, according to a report Continue Reading
-
E-Zine
22 Jun 2021
A new three-year plan for digital government
In this week’s Computer Weekly, the new CEO of the Gov-ernment Digital Service, Tom Read, explains his three-year strategy for improving online public services. EU attempts to regulate AI are under fire – we examine the issues. And we find out how Bupa is turning to the cloud to deliver per-sonalised healthcare. Read the issue now. Continue Reading
-
News
21 Jun 2021
Parliamentary devices left in taxis, buses, trains and pubs
Nearly 100 devices belonging to parliamentary staffers, including MPs and peers, were lost or stolen over the course of 2019 and 2020 Continue Reading
-
Feature
21 Jun 2021
Best practices for secure printing
The reality of a paperless office remains some way off, so printers are here to stay for a while. But their increasingly connected status means securing them should be a priority Continue Reading
-
News
18 Jun 2021
NHS App reaches six million users, thanks to Covid vaccine feature
More than two million new users have downloaded the NHS App since it was updated in May to include Covid-19 vaccination status Continue Reading
-
Definition
18 Jun 2021
ping sweep (ICMP sweep)
A ping sweep (also known as an ICMP sweep) is a basic network scanning technique used to determine which of a range of IP addresses map to live hosts (computers). Continue Reading
-
News
18 Jun 2021
ICO issues guidance on facial recognition in public spaces
Information commissioner’s concern over the problematic use of facial recognition in public spaces has prompted her to publish official guidance on its deployment, while civil society calls for an outright ban Continue Reading
-
News
18 Jun 2021
Lorca Ignite programme targets breakout cyber talent
Six of the most successful companies to have come through Lorca’s existing accelerators are being inducted into an intensive programme Continue Reading
-
News
18 Jun 2021
Carnival Cruises hit by fourth cyber incident in a year
Latest data breach at Covid-hit cruise line comes hot on the heels of two recent ransomware attacks and a spring 2020 breach Continue Reading
-
Definition
17 Jun 2021
Gramm-Leach-Bliley Act (GLBA)
The Gramm-Leach-Bliley Act (GLB Act or GLBA), also known as the Financial Modernization Act of 1999, is a federal law enacted in the United States to control the ways financial institutions deal with the private information of individuals. Continue Reading
-
News
17 Jun 2021
Cyber crooks target Amazon Prime users ahead of retail bonanza
A surge in malicious domain registrations ahead of Amazon Prime Day indicates cyber criminals have set their sights on exploiting vulnerable shoppers Continue Reading
-
News
17 Jun 2021
UnitingCare Queensland restores IT systems after cyber attack
Australian healthcare service provider has restored key corporate systems and integrations between applications following a cyber attack earlier this year Continue Reading
-
News
17 Jun 2021
Biden tackles Putin on ransomware at Geneva summit
Discussions between Joe Biden and Vladimir Putin on cyber crime appear to have been somewhat positive, but the path ahead remains unclear Continue Reading
