IT security
-
News
25 Oct 2024
Dutch critical infrastructure at risk despite high leadership confidence
Stark paradox in Dutch cyber security landscape has business leaders expressing high confidence in their IT infrastructure as cyber attacks rise Continue Reading
-
News
11 Jul 2024
Dutch research firm TNO pictures the SOC of the future
In only a few years, security operations centres will have a different design and layout, and far fewer will remain Continue Reading
-
News
22 Apr 2021
Researchers shed more light on APT29 activity during SolarWinds attack
RiskIQ’s Atlas threat intel team uncovers new patterns and threat infrastructure used in the SolarWind’s attacks Continue Reading
-
News
22 Apr 2021
Automation, zero-trust, API-based security priorities for EMEA CISOs
Report by FireMon sheds light on buyer behaviour across the EMEA region Continue Reading
-
News
22 Apr 2021
ToxicEye malware exploits Telegram messaging service
The Telegram instant messaging service is being used by malicious actors to manage a remote access trojan called ToxicEye Continue Reading
-
Opinion
22 Apr 2021
Security Think Tank: Security culture must underpin vaccine passports
What are the security challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind? Continue Reading
-
News
21 Apr 2021
NCSC offers teachers free cyber security training
The NCSC’s latest security training offer builds on a package of measures designed to protect schools from cyber attack Continue Reading
-
Definition
21 Apr 2021
IPsec (Internet Protocol Security)
IPsec (Internet Protocol Security) is a suite of protocols and algorithms for securing data transmitted over the internet or any public network. Continue Reading
-
News
21 Apr 2021
EU lays out plans to regulate AI development
Proposal aims to encourage the development of ethical artificial intelligence systems that do not infringe the human rights of EU citizens Continue Reading
-
News
21 Apr 2021
SonicWall Email Security zero-days need urgent patch
Users of SonicWall Email Security are advised to patch immediately, but the supplier is being criticised for the pace of its response Continue Reading
-
News
21 Apr 2021
Time is running out to probe networks for Emotet
Security teams will lose an unprecedented opportunity to gain valuable intelligence to enhance their defences when Emotet is finally ‘executed’ in a few days’ time Continue Reading
-
News
20 Apr 2021
Health app myGP adds Covid-19 vaccine passport function
The new feature is described as the UK’s first NHS-assured Covid-19 certification feature Continue Reading
-
News
20 Apr 2021
UK’s proposed IoT cyber security law gathers momentum
New statistics appear to vindicate UK government proposals to force suppliers to be upfront about IoT security Continue Reading
-
News
20 Apr 2021
Chinese APT exploits critical CVE in Pulse Secure VPN
A newly disclosed vulnerability in Pulse Secure’s VPN is being exploited by a Chinese advanced persistent threat group – assume compromise and mitigate today Continue Reading
-
Opinion
20 Apr 2021
Security Think Tank: ‘Legitimate interest’ crucial for vaccine passports
What are the security issues and challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind? Continue Reading
-
News
20 Apr 2021
Codecov supply chain attack has echoes of SolarWinds
Supply chain attack on code auditing service may have compromised the likes of HPE and IBM Continue Reading
-
Blog Post
20 Apr 2021
Lack of leadership, confusion and frustration - the state of digital identity in the UK
To nobody’s surprise, efforts by a group of peers to force the government to accelerate progress on digital identity in the UK foundered in the House of Lords yesterday (20 April 2021). Baroness ... Continue Reading
-
E-Zine
20 Apr 2021
Shop and go – will Amazon’s cashless ‘just walk out’ store work?
In this week’s Computer Weekly, Amazon has opened its first ‘just walk out’ grocery store in the UK, but is it the right time to hit the high street? We examine the human and technical issues around email security. And we analyse Microsoft’s $19bn purchase of voice recognition supplier Nuance. Read the issue now. Continue Reading
-
20 Apr 2021
Does email security need a human solution or a tech solution?
People spend a lot of time using email systems, but many do not realise that this makes them attractive targets for cyber criminals. With education and technology, businesses can tackle this problem head-on. Continue Reading
-
News
20 Apr 2021
Singapore’s ViewQwest debuts security service
ViewQwest’s SecureNet service uses Palo Alto Networks’ next-generation firewall with deep packet inspection capabilities to guard against cyber threats Continue Reading
-
News
19 Apr 2021
YouGov incentivises sharing of personally identifiable information
YouGov Safe is a new service to help organisations target consumers more precisely, where people can select how much personal data they wish to share Continue Reading
-
News
18 Apr 2021
Government puts Facebook under pressure to stop end-to-end encryption over child abuse risks
Facebook faces growing government pressure to abandon its plans to offer users end-to-end encryption to secure the privacy of their messages as the NSPCC raises concerns about child protection Continue Reading
-
Opinion
16 Apr 2021
The Secret IR Insider’s Diary – from Sunburst to DarkSide
From dealing with SolarWinds fallout to ransomware attacks, it’s been a busy few weeks for the Secret IR Insider, but they've picked up some new tricks along the way Continue Reading
-
Definition
16 Apr 2021
denial-of-service attack
A denial-of-service (DoS) attack is a security event that occurs when an attacker makes it impossible for legitimate users to access computer systems, devices, services or other IT resources. Continue Reading
-
News
16 Apr 2021
Finnish government strengthens country’s IT network security
Finland’s government has created a new national organisation to help public and private bodies improve network security Continue Reading
-
News
15 Apr 2021
Dutch accuse UK of ‘damaging confidence’ by disclosing details of EncroChat police collaboration
The Dutch Public Prosecution Service claims Britain has damaged confidence by disclosing details of an international investigation into the EncroChat encrypted phone network to the courts Continue Reading
-
News
15 Apr 2021
Biden sanctions Russia over SolarWinds cyber attacks
US president imposes new sanctions on Russia following malicious cyber attacks against the US and allies Continue Reading
-
Definition
15 Apr 2021
user authentication
User authentication verifies the identity of a user attempting to gain access to a network or computing resource by authorizing a human-to-machine transfer of credentials during interactions on a network to confirm a user's authenticity. Continue Reading
-
News
15 Apr 2021
University of Hertfordshire is latest academic cyber attack victim
Multiple systems are offline at the University of Hertfordshire following a cyber attack Continue Reading
-
News
15 Apr 2021
Microsoft is most impersonated brand in phishing attempts
Technology companies continue to be frequently spoofed by cyber criminals in their phishing attempts Continue Reading
-
News
15 Apr 2021
Ireland’s DPC launches probe into Facebook leak
The Irish Data Protection Commission has launched an ‘own volition’ inquiry into the leak of data from 500 million Facebook profiles Continue Reading
-
E-Zine
15 Apr 2021
CW Middle East: Qatari regulator launches platform to help combat money laundering
The Qatar Financial Markets Authority is using a digital platform to enable financial services professionals to assess their knowledge of anti-money laundering and combating the financing of terrorism. Also in this issue, read how the Covid-19 pandemic has changed the IT spending patterns among enterprises in Saudi Arabia. Continue Reading
-
News
15 Apr 2021
How Windows patching leaves security exposed
Four years on since it devastated IT systems across the NHS, WannaCry remains a threat to organisations around the world Continue Reading
-
News
14 Apr 2021
FBI accesses ProxyLogon target servers to disrupt cyber criminals
US Justice Department reveals successful court-authorised effort to clamp down on ProxyLogon exploitation Continue Reading
-
Definition
14 Apr 2021
compliance risk
Compliance risk is an organization's potential exposure to legal penalties, financial forfeiture and material loss, resulting from its failure to act in accordance with industry laws and regulations, internal policies or prescribed best practices. Continue Reading
-
News
14 Apr 2021
NSA unearths more MS Exchange vulnerabilities
Microsoft patches more critical vulnerabilities in Exchange Server a month after the ProxyLogon incident, after being warned by the US National Security Agency Continue Reading
-
Opinion
14 Apr 2021
Security Think Tank: Vaccine passports cannot be taken lightly
What are the security issues and challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind? Continue Reading
-
Opinion
14 Apr 2021
Security Think Tank: Vaccine passports must be secure by design
What are the security issues and challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind? Continue Reading
-
News
13 Apr 2021
MP told to ditch official email over hacking fears
MP Tom Tugendhat claims the intelligence services advised him to switch to the Gmail service due to concerns his parliamentary email could be hacked Continue Reading
-
News
13 Apr 2021
Covid-19 left people feeling vulnerable to cyber crime
Around 15 million people in the UK experienced cybercrime in the past 12 months, with a cumulative 64 million hours wasted dealing with the fallout Continue Reading
-
News
13 Apr 2021
Millions of devices at risk from NAME:WRECK DNS bugs
Newly disclosed set of nine DNS vulnerabilities puts over 100 million consumer, enterprise and industrial IoT devices at risk Continue Reading
-
News
13 Apr 2021
EncroChat lawyers raise questions over use of PII secrecy orders on UK decryption capabilities
Lawyers claim that public interest immunity certificates may have been used to withhold information on UK intelligence agencies’ ability to decrypt encrypted communications Continue Reading
-
Definition
12 Apr 2021
What is endpoint detection and response (EDR)?
Endpoint detection and response (EDR) is a system to gather and analyze security threat-related information from computer workstations and other endpoints, with the goal of finding security breaches as they happen and facilitating a quick response to discovered or potential threats. Continue Reading
-
News
12 Apr 2021
Vaccine passports and travel plans race up Covid threat charts
With lockdown restrictions easing in the UK, cyber criminals are tailoring their phishing lures to new areas of interest Continue Reading
-
Feature
12 Apr 2021
Why some jobseekers have turned to cyber crime during the pandemic
Research shows that many people have been seeking cyber crime-related work on the dark web, but why? Continue Reading
-
Opinion
12 Apr 2021
What has a year of home working meant for the DPO?
Byron Shirley of The Compliance Space explores how the role of the data protection officer has changed in the past 12 months Continue Reading
-
News
11 Apr 2021
Executive interview: Unleashing blockchain’s potential
Labrys founder and CEO Lachlan Feeney offers his observations about blockchain adoption in Australia, and what his firm is doing to help organisations unleash the full potential of the technology Continue Reading
-
Blog Post
11 Apr 2021
How do YOU find and attract the Cybersecurity skills/talent YOU need?
Review the salaries you offer to Cybersecurity and Computer Science Graduates - unless your policy is to pay more for those implementing security by design. If you are worried about losing those ... Continue Reading
-
News
09 Apr 2021
Egypt, Italy and US most affected in Facebook leak
Researchers at VPN firm Surfshark have been analysing data on 533 million people leaked from Facebook Continue Reading
-
News
09 Apr 2021
NCSC: Using your pet’s name as a password is very stupid
If your email password is still Rex, Rover or Mr Fluffles, it’s probably best to change it, the NCSC has said Continue Reading
-
News
09 Apr 2021
Cring ransomware hits ICS through two-year-old bug
A long-disclosed vulnerability in Fortinet’s Fortigate VPN servers is being exploited to distribute Cring ransomware Continue Reading
- Definition 08 Apr 2021
-
News
08 Apr 2021
Nation-state cyber attacks double in three years
Cyber attacks backed by nation states are becoming more frequent and varied, moving the world closer to a point of ‘advanced cyber-conflict’, according to a University of Surrey research project Continue Reading
-
News
07 Apr 2021
Facebook ducks calls to apologise over huge data leak
Facebook gives its side of the story as data on millions of its users leaks, but is yet to apologise for security lapses that put half a billion people at risk of compromise Continue Reading
-
News
07 Apr 2021
A billion extra contactless payments in year since limit increase
Visa said there was an extra one billion contactless payments made by its customers last year Continue Reading
-
News
07 Apr 2021
Unpatched SAP applications are target-rich ground for hackers
Report from SAP and cyber threat research company Onapsis warns that hackers are attacking mission-critical SAP business applications that contain unpatched vulnerabilities Continue Reading
-
News
06 Apr 2021
Facebook data leak could be outside scope of GDPR
Regulators may be unable to do much about leaked data on 533 million Facebook users, as it seems to have been stolen before GDPR came into force Continue Reading
-
Definition
06 Apr 2021
side-channel attack
A side-channel attack is a security exploit that aims to gather information from or influence the program execution of a system by measuring or exploiting indirect effects of the system or its hardware -- rather than targeting the program or its code directly. Continue Reading
-
Blog Post
06 Apr 2021
API Daze
Earlier this week, the US Supreme Court ruled that Google did not infringe Oracle copyright on the Java SE API (application programming edition). The fact the US Supreme Court has digested a load ... Continue Reading
-
Blog Post
06 Apr 2021
What Agenda is the new GDS Director, Identity Assurance Programme expected to deliver?
Experience in "Significant agile programme management and/or major change delivery" will not be enough. The appointee will need the skills of Machiavelli and the luck of the Devil. Continue Reading
-
Definition
05 Apr 2021
cyber hijacking
Cyber hijacking, or computer hijacking, is a type of network security attack in which the attacker takes control of computer systems, software programs and/or network communications. Continue Reading
-
Tip
01 Apr 2021
5 endpoint security best practices to keep company data safe
With an expanding company perimeter, it's time to implement these endpoint security best practices, from asset discovery to device profiling. Continue Reading
-
News
01 Apr 2021
EncroChat hearings delayed as lawyers seek disclosure on police hacking
Court hearings precipitated by police cracking the EncroChat secure mobile phone network have been delayed after defence lawyers request further disclosures on police decryption capabilities Continue Reading
-
Report
01 Apr 2021
Ultimate guide to cybersecurity incident response
Learn actionable incident response strategies that your IT and enterprise security teams can use to meet today's security threats and vulnerabilities more effectively. Continue Reading
-
Feature
31 Mar 2021
How to build a honeypot to increase network security
Create a honeypot that will trap attackers and monitor their activities to enhance your organization's network security. This step-by-step guide takes you through the process. Continue Reading
-
News
31 Mar 2021
NHS is apparently closing security skills gap
By the end of 2020, there were more than twice as many in-house security professionals at NHS trusts as there were two years before Continue Reading
-
Opinion
31 Mar 2021
Security Think Tank: Evolving threats, tech, leaves CNI exposed
In light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
News
31 Mar 2021
Cyber Security Council to champion UK security pros
A new cyber security professional body has launched with the aim of developing and promoting UK cyber security excellence globally and growing the skills base Continue Reading
-
News
31 Mar 2021
Nordics run information sharing on digital vaccination passports
Nordic countries advance plans for digital Covid-19 vaccination passports in a bid to kick-start their economies Continue Reading
-
Feature
30 Mar 2021
Create an incident response plan with this free template
Want to boost your organization's ability to fight cybersecurity threats? Uncover the essentials to creating an incident response plan and download our free, editable template. Continue Reading
-
News
30 Mar 2021
Privacy campaigners hail legal victory over Hancock and Palantir
Civil liberties organisation OpenDemocracy says it has scored a legal victory over health secretary Matt Hancock regarding the involvement of Palantir in the NHS Covid-19 data store Continue Reading
-
News
30 Mar 2021
Ransomware attack on London schools highlights warnings
Ransomware attack on Harris Federation comes just days after a fresh NCSC alert for the education sector Continue Reading
-
Blog Post
30 Mar 2021
New cyberthreats remind us of the need for hyper-vigilance
This is a guest post by Kerry Singleton, managing director for cyber security at Cisco Asia-Pacific, Japan and China In recent weeks, we’ve seen a number of significant cybersecurity threats ... Continue Reading
-
News
30 Mar 2021
The Security Interviews: How to secure an F1 team in a pandemic
A multi-year digital transformation programme paid off for F1 team Williams Racing when the 2020 season was abruptly postponed thanks to Covid-19. Learn how the team’s CIO has been supporting remote working and protecting data Continue Reading
-
News
29 Mar 2021
UK courts face evidence ‘black hole’ over police EncroChat mass hacking
French investigators have refused to disclose how they downloaded millions of messages from a supposedly secure cryptophone network used by organised criminals – leaving UK courts to grapple with a forensic ‘black hole’ of evidence Continue Reading
-
News
29 Mar 2021
Cyber attack takes Channel Nine off-air
The Australian broadcaster was hit by an alleged ransomware attack that disrupted broadcasting operations in its Sydney studio Continue Reading
-
Feature
29 Mar 2021
Ecolabels and data sanitisation key to recycling and reusing IT assets
Ecolabels on hardware and data sanitisation of devices are key to recycling and reusing old IT equipment respectively, helping enterprises avoid unnecessary asset destruction and contributing to increasingly high levels of electronic waste globally Continue Reading
-
News
29 Mar 2021
CW Innovation Awards: SIA taps blockchain for loyalty app
Singapore Airlines, winner of the transportation category in this year’s CW Innovation Awards APAC, expands its blockchain-based digital wallet into a broader digital lifestyle platform Continue Reading
-
News
26 Mar 2021
Surveillance expert ‘unfairly’ refused job at intelligence regulator after MI5 intervened
The Home Office unfairly refused Eric Kind, a specialist in criminal justice and UK surveillance law, clearance for a job at an intelligence watchdog after MI5 claimed he was “insufficiently deferential” Continue Reading
-
Feature
26 Mar 2021
Backup appliances the hot topic for Pas-de-Calais fire brigade
With requirements for strict, long-duration backup and archiving, French fire brigade set out to replace optical media with a StorageCraft appliance and disaster-proof storage Continue Reading
-
News
26 Mar 2021
Retailer FatFace pays $2m ransom to Conti cyber criminals
Retailer FatFace paid out a $2m ransom to restore its data following a January 2021 cyber attack by the Conti ransomware syndicate Continue Reading
-
News
26 Mar 2021
Leading Israeli IoT firm lands in US as worldwide malware attacks surge
With US end-user internet of things devices expected to grow to $1.6tn by 2025 and with more than 5.4 billion IoT connected devices in North America alone, tech firms and the black hat community are weighing up the potential Continue Reading
-
Blog Post
26 Mar 2021
Zombified Gov.uk Verify is officially dead - so what's next?
The UK government has finally admitted in public for the first time that its flagship digital identity programme, Gov.uk Verify, is dead. This will be no surprise to anyone following the project, ... Continue Reading
-
News
26 Mar 2021
Remote working burn-out a factor in security risk
After a year of working from the kitchen table, stress and burn-out are increasing, giving rise to more security risks – and Millennials seem to be particularly affected Continue Reading
-
News
26 Mar 2021
‘Major’ security flaw detected in 5G core network slicing design
Mobile security specialist details potentially revenue-threatening vulnerabilities with key element of next-generation networks and reveals plans to work with industry to provide mitigation prior to widespread deployments Continue Reading
-
News
25 Mar 2021
Cyber security complacency puts UK at risk, says NCSC head
National Cyber Security Centre CEO Lindy Cameron, in her maiden speech in the role, warns of challenges ahead for the UK and sets out the future agenda for cyber Continue Reading
-
News
25 Mar 2021
TUC warns of gaps in British law over use of AI at work
The TUC has published a report warning of AI-powered discrimination against working people enabled by gaps in existing British employment law Continue Reading
-
News
25 Mar 2021
Warning: AWS IAM behaves differently to directory services
IT admins use group policies to manage user access via Active Directory, but AWS takes a subtly different approach, which can be exploited Continue Reading
-
News
25 Mar 2021
Four in five UK businesses seek new security suppliers
Decision-makers are ready to buy new security technology, but suppliers must pay close attention to how they present themselves Continue Reading
-
News
25 Mar 2021
Facebook disrupts Chinese espionage operation
Social media giant’s in-house security team has tracked down and disrupted a long-running Chinese campaign targeting the Uighur Muslim minority Continue Reading
-
News
25 Mar 2021
More than £34.5m stolen in pandemic scams over past year
City of London Police and National Cyber Security Centre report large uptick in threats and crime related to Covid-19 over the past year, in some cases directed specifically at health organisations Continue Reading
-
News
24 Mar 2021
Oil giant Shell hit through Accellion FTA breach
Energy firm discloses cyber attack through Accellion File Transfer Appliance Continue Reading
-
News
24 Mar 2021
Apparent drop in cyber incidents highlights underlying problems
UK organisations report fewer cyber security incidents, but the headline data masks more serious issues, according to a report Continue Reading
-
News
24 Mar 2021
UK faces significant cyber talent shortfall
Cyber security sector is struggling to attract the talented workforce it needs Continue Reading
-
News
24 Mar 2021
Cyber criminals forging Covid-19 vaccine certificates
Vaccine passports and certificates are gaining mainstream traction, which means cyber criminals are also on the bandwagon Continue Reading
-
Feature
24 Mar 2021
How to choose the right email security service for your organisation
With email security threats growing rapidly, businesses can quickly identify and block these by using a top email security service. Here’s how to select the right provider Continue Reading
-
Opinion
24 Mar 2021
Employees must be given the right to disconnect
As enterprises increasingly turn to workplace monitoring technologies and more of the workforce moves to remote or hybrid working, unions are campaigning for workers’ ‘right to disconnect’ and not engage in digitally enabled work after hours Continue Reading
-
Feature
23 Mar 2021
Anti-money laundering technology must operate in a collaborative ecosystem
With new technologies making it easier for banks to spot money laundering activity, we look at why the problem persists at scale, finding that ecosystems and collaborative processes need to be built Continue Reading
-
News
23 Mar 2021
NCSC beefs up support for education sector after spate of attacks
Refreshed guidance from the NCSC recommends a defence-in-depth strategy as schools and universities face a renewed wave of cyber attacks Continue Reading
-
Opinion
23 Mar 2021
Security Think Tank: Attacks on CNI – an evolving frontier in warfare
In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
23 Mar 2021
Cyber sector welcomes PM’s defence review
Security commentators approve of measures to improve the UK’s cyber resilience, strengthen its R&D and skills base, lead on the development of new technology and promote a free, open, peaceful and secure global internet Continue Reading
-
E-Zine
23 Mar 2021
Would the UK really nuke a cyber attacker?
In this week’s Computer Weekly, did the UK’s defence and security review really suggest a nuclear response to a cyber attack? Data visualisation has been widely used to explain the Covid-19 pandemic, but not always that effectively. And jewellery retailer Pandora explains how it kept the personal touch as customers went online. Read the issue now. Continue Reading
