IT security
-
E-Zine
07 Dec 2023
CW EMEA: Prepare for cyber war
When the war between Hamas and Israel began in October, cyber security professionals and major government and private organisations braced for an inevitable accompanying online war. In this issue of CW EMEA, we outline cyber war, patterns of threat activity, and find out what security teams can do to protect their organisations. We also look at Finland’s advances in quantum computing, how Belgian researchers have developed technology to help datacentres process data faster, and the secrets of KPN’s successful business transformation. Read the issue now. Continue Reading
-
E-Zine
09 Nov 2023
Heineken lets the data flow
In this month’s CW EMEA ezine, we find out about Heineken’s mission to make the most out of the data it holds through an enterprise-wide data ecosystem. We also look at how the UK has turned its back on the German government-funded Gaia-X data platform, why cyber experts are urging the EU to rethink vulnerability disclosure plans, and how the IT industry is responding to the software developer skills shortfall. Read the issue now. Continue Reading
-
Photo Story
26 May 2011
The computers that won the war: Bletchley Park's codebreaking equipment is rebuilt
The Tunny Gallery, opened at The National Museum of Computing at Bletchley Park on 26 May 2011, tells the incredible story of the interception and decryption of German High Command radio teleprinter messages during World War Two. Continue Reading
-
News
25 May 2011
Apple issues Max OS X update to remove fake AV MacDefender malware
Apple is to release a Mac OS X update to tackle fake antivirus software or "scareware" known as MacDefender, MacSecurity and MacProtector. Continue Reading
-
News
25 May 2011
Virtual desktop benefits include tighter security, hot desking
With the help of hot desking and other virtualisation technologies, the Basildon Borough Council was able to centralise its security administration and reduce its number of desks by more than 30%. Continue Reading
-
Tip
24 May 2011
Three automated penetration testing tools for your arsenal
Automated penetration testing tools provide effective exploit libraries and processes to detect network, as well as application vulnerabilities. Our picks. Continue Reading
-
News
18 May 2011
Future of NHS National Programme for IT in critical condition following NAO report
The remaining NHS National Programme for IT could be scrapped entirely, as the project's aim to deliver electronic records for every patient has fallen far below expectations, according to a National Audit Office report. Continue Reading
-
News
17 May 2011
Government vigilance steps up after George Osborne reveals extent of cyber attacks
Security experts have called for UK government departments to be vigilant after chancellor George Osborne revealed that 20,000 e-mails are sent by hostile intelligence agencies to the UK government each month. Continue Reading
-
Tip
13 May 2011
VA/PT technical report writing best practices for pen testers
A good technical report is indispensible to vulnerability analysis/penetration testing (VA/PT) exercises. Guidelines on how to write concise VA/PT reports. Continue Reading
-
News
12 May 2011
Analysis: Will Android dominance increase IT security threats for business?
The Android Market is forecast to become the world's biggest mobile content platform by August 2011, according to research by mobile application research firm Distimo. Continue Reading
-
News
10 May 2011
New ICO guidance issued on EU cookie law
The Information Commissioner's Office has released practical guidance for companies to comply with the new EU cookie law. Continue Reading
-
News
06 May 2011
Hackers plan third attack on Sony
Hackers are planning a third attack on Sony in retaliation for its handling of the PlayStation Network and Online Entertainment services data breaches, according to US reports. Continue Reading
-
News
05 May 2011
What cloud risks should business consider after Amazon's EC2 outage?
Amazon's recent outage has raised questions over the reliability of cloud services. If Amazon, with its global reach, cannot get IT right, how can CIOs expect other operators to cope? Jenny Williams investigates. Continue Reading
-
Photo Story
05 May 2011
Oracle JDeveloper review
Tim Anderson finds that Oracle's home-grown tool for Java development, JDeveloper, may have a traditional feel, but its smart editor and productivity tools make it particularly useful if you are working with the powerful Oracle ADF. Continue Reading
-
Tip
04 May 2011
Demystifying wardriving: An overview
With companies like Google being criticized for wardriving, this tip aims at decoding the concept and the associated legal implications. Continue Reading
-
News
29 Apr 2011
Store dealing with dishonest employees uses internal theft prevention software
A London-based sushi chain expects to save almost £1 million this year with the help of new fraud-detection software. Continue Reading
-
News
27 Apr 2011
HSBC Insurance works with IBM to solve Solvency II
HSBC Insurance in the UK is using IBM Global Services to support its European Solvency... Continue Reading
-
News
20 Apr 2011
Infosec 2011: APT attacks a real threat to business, says security panel
Advanced Persistent Threats are a reality and cannot be dismissed as a myth or media hype, according to a panel of experts debating the top threats at Infosecurity Europe 2011 in London. Continue Reading
-
News
20 Apr 2011
Shutting down a botnet, US Government disables Coreflood
Coreflood, a botnet almost ten years old, has been taken down by the FBI and US Department of Justice by obtaining permission to hijack the command and control servers and send a 'stop' command to infected PCs. Is this overstepping the privacy line? Continue Reading
-
News
19 Apr 2011
Infosec 2011: Cisco announces new tools for securing the mobile enterprise
Cisco has introduced new security products to its Borderless Networks portfolio to help IT departments manage mobile devices, changing workforce habits and the impact of video on the network. Continue Reading
-
Tip
19 Apr 2011
Secure SDLC best practices
While focus on technicalities is a given during the SDLC, this tip explains how to secure the SDLC, from the analysis phase right through to deployment. Continue Reading
-
News
18 Apr 2011
Growth of NFC to drive overhaul of Chip and PIN equipment
The growth of near-field communication (NFC) in the UK will drive the replacement of retailers' Chip and PIN point of sale (PoS) equipment, according to an analyst. Continue Reading
-
News
13 Apr 2011
Building an Olympics network
Preparation is clearly the key to Olympic success, as players on 27 July 2012 will see years of finely honed practice condensed into one gruelling fortnight Continue Reading
-
News
13 Apr 2011
Infosec 2011: Charity sector shows the way to balance budget and security
Tackling security project by project is an effective way of securing data on a limited budget, says Matt Holland, head of information security at children's charity NSPCC. Continue Reading
-
News
12 Apr 2011
Infosec 2011: Compliance the biggest security juggernaut, says security expert
The biggest security compliance juggernaut for businesses is concentrating on achieving compliance rather than changing they way they work, says Des Ward, president of the Cloud Security Alliance UK and Ireland chapter. Continue Reading
-
News
11 Apr 2011
Manageability issues impede adoption of virtualisation
Virtual infrastructure management challenges are hindering the adoption of virtualisation within businesses, according to research. Continue Reading
-
Tip
11 Apr 2011
Identity and access management (IAM) program implementation guidelines
The first part of this identity and access management (IAM) program guide details how to optimally structure the implementation’s foundation. Continue Reading
-
News
08 Apr 2011
Motivated, information security policye-aware employees are the best defence
Keeping employees motivated is the best way to ensure you have satisfied customers, and if it is an employee's responsibility to keep the customers happy,...
Continue Reading -
News
08 Apr 2011
Admins face huge April Patch Tuesday security update from Microsoft
Microsoft has announced that it will release 17 security bulletins to address 64 vulnerabilities Continue Reading
-
Photo Story
08 Apr 2011
In 1966 England won the World Cup and Computer Weekly launched the world's first weekly IT newspaper
After 45 years in print, Computer Weekly, the award-winning title for senior IT decision-makers, is to become a 100% online publication. Here is a celebration of 45 years in print. Continue Reading
-
News
08 Apr 2011
After breach at RSA, two-factor authentication options abound
Companies specialising in two-factor authentication hope to boost business following the breach of RSA's SecurID, and many plan to capitalise with new products at Infosecurity Europe. Continue Reading
-
News
07 Apr 2011
Sophisticated cyber thieves behind Epsilon data breach, says parent company
US marketing firm Epsilon was hit by one of the biggest data thefts to date, the work of highly sophisticated cyber thieves, says parent company Alliance... Continue Reading
-
Tip
06 Apr 2011
Botnet detection through DNS behavior and clustering analysis
Botnets are fast emerging as one of the most serious threats to Internet security today. This expert tip looks at how botnets can be detected analyzing their unique fast flux characteristics. Continue Reading
-
News
05 Apr 2011
Sex offence technology helps business avoid legal liability
Technology that cross references image hash codes against child sexual abuse material will help businesses avoid legal liability. Continue Reading
-
News
05 Apr 2011
City of York falls foul of data protection act following printer mix-up
The City of York Council has fallen foul of the Data Protection Act after having accidentally disclosed personal data following a printer mix-up. Continue Reading
-
News
04 Apr 2011
RSA discloses phishing-attack data breach details
RSA, the security division of EMC, has revealed the firm's data breach in mid March was the result of a spear phishing attack. The spear phishing attack exploited an Adobe Flash vulnerability that was unpatched at the time. Continue Reading
-
Feature
01 Apr 2011
Secure your SCADA architecture by separating networks
Many critical national infrastructure systems include supervisory control and data acquisition (SCADA) functionality. These systems can be viewed as the set of software, computers and networks that provide remote co-ordination of controls systems for tangible infrastructures such as power generation systems, chemical plants, manufacturing equipment and transportation systems Continue Reading
-
News
31 Mar 2011
Microsoft publishes report on its Security Development Lifecycle
Microsoft has published a new report that outlines nine years of progress in developing, improving and sharing the Security Development Lifecycle (SDL) process. Continue Reading
-
Tip
30 Mar 2011
Advanced Wireshark tutorial: Packet and network security analysis
This Wireshark tutorial will familiarize you with Wireshark’s advanced features, such as analyzing packets and undertaking packet level security analysis. Continue Reading
-
News
30 Mar 2011
Two-factor authentication alternatives
Worried by the breach at RSA? Here are some two-factor authentication alternatives to consider. Continue Reading
-
News
29 Mar 2011
Open Group launches guide to boost ISO 27005 efforts
A new guide from the Open Group is designed to help organisations meet ISO 27005 standards, but some risk management professionals feel it may not be so effective. Continue Reading
-
News
28 Mar 2011
Spotify hit by malicious ads
Spotify, the popular streaming music service, has been displaying malicious advertisements to users of its Free version. Continue Reading
-
News
28 Mar 2011
Businesses spend over £600k a week on data security abroad
Companies are spending up to £624,000 a week to secure their most sensitive business data abroad, a study has revealed. Continue Reading
-
News
25 Mar 2011
Hackers steal member email details from TripAdvisor site
A number of TripAdvisor members may receive spam after hackers stole email details from the travel website. Continue Reading
-
Tip
25 Mar 2011
Mature data loss prevention: 8 questions to ask your vendor
To determine if a data loss prevention (DLP) solution truly meet your organization’s needs, there are certain clarifications you always require. Continue Reading
-
News
23 Mar 2011
SAP combines GRC and BI in new platform
SAP has launched a new governance, risk and compliance platform that combines and integrates existing GRC and business intelligence technologies. Continue Reading
-
News
23 Mar 2011
Budget 2011: UK public worried spending cuts will impact data security
A large proportion of the UK public is worried that government spending cuts will have a negative effect on data security, a survey has revealed. Continue Reading
-
Tip
23 Mar 2011
How to stop a DDoS attack after initiation
In this expert response, Nick Lewis explains how to stop a DDoS attack after it has been initiated. Continue Reading
-
News
22 Mar 2011
What is OpenID? How to use OpenID SSO in your organisation
An OpenID SSO system allows organisations to simplify website user authentication management. But is OpenID security an issue? Expert Michael Cobb explains. Continue Reading
-
Tip
22 Mar 2011
Shodan search engine for penetration tests: How-to
A very handy yet simple to use VA/PT tool, Shodan can be of great use to ethical hackers. Here’s a quick Shodan tutorial. Continue Reading
-
News
18 Mar 2011
RSA hit by advanced persistent threat attacks
RSA, the security division of EMC, has revealed that attackers have stolen information from the company's IT systems Continue Reading
-
News
17 Mar 2011
Twitter increases security with HTTPS encrypted tweets setting
Twitter has added a new profile setting to increase the level of security when accessing the mobile blogging site over an unsecured Wi-Fi connections. Continue Reading
-
News
17 Mar 2011
Ban threat looms for Blackberry services as India demand corporate data access
India could block Research in Motion (RIM) from 31 March 2011 after government officials expressed dissatisfaction with access to Blackberry services. Continue Reading
-
News
16 Mar 2011
Trusteer debuts no-software malware protection
Secure web access firm Trusteer has announced a web login and transaction monitoring service to detect malware without installing software. Continue Reading
-
News
16 Mar 2011
RIM urges Blackberry users to disable Javascript after web browsing vulnerability revealed
Research in Motion (RIM) is advising Blackberry smartphone users to disable Javascript to protect against a security vulnerability in its web browser. Continue Reading
-
News
15 Mar 2011
IT failures blamed for immigration system faults
IT failures have been blamed for failures of the points based immigration system in a National Audit Office (NAO) report. Continue Reading
-
News
15 Mar 2011
Adobe warns of zero-day vulnerability in Adobe Flash
Adobe has published a security advisory for a critical vulnerability in Adobe Flash that can be used to take control of an attacked machine. Continue Reading
-
Tip
15 Mar 2011
Top 7 anti rootkit software for Windows
It can be quite a tough task to kick out rootkits from infected Windows systems. Our list of top anti rootkit software will prove handy. Continue Reading
-
News
10 Mar 2011
Most organisations approach IAM in the wrong way, says Gartner
Most organisations are approaching identity and access management (IAM) in the wrong way, by planning deployments around technologies, says Gartner. Continue Reading
-
News
10 Mar 2011
Advanced persistent threats - are businesses prepared?
Businesses usually attain adequate levels of IT defences at the point that it becomes more cost effective for cyber criminals to target someone else. Continue Reading
-
News
09 Mar 2011
Industry calls on employers to say what security skills are needed
The National Skills Academy for IT is calling on employers to address the cyber security skills gap by sharing views on the most useful courses and qualifications. Continue Reading
-
Tip
09 Mar 2011
PCI DSS compliance checklist for virtualized environments
A comprehensive Payment Card Industry Data Security Standard (PCI DSS) compliance checklist for protection of cardholder data in virtual environments. Continue Reading
-
News
08 Mar 2011
Exclusive: Free software guru Richard Stallman on government IT and why he hates the cloud
The founding father of the free software movement tells Computer Weekly why government just doesn't "get it" Continue Reading
-
News
07 Mar 2011
France's G20 files target of cyber attack
France's files on the G20 meetings were the target of a cyber attack, the country's finance minister has confirmed. Continue Reading
-
News
07 Mar 2011
Western Digital bids $4.3 billion for Hitachi Global Storage Technologies
Western Digital has tabled a bid of $4.25m (£2.6bn) to acquire Hitachi Global Storage Technologies ending the Japanese HDD vendor's previous preparations for an IPO. Continue Reading
-
News
07 Mar 2011
HSBC uses token to secure smartphone banking
HSBC is sending four million online banking customers a security token which will enable them to log in to their online bank account wherever they are, without using a card reader. Continue Reading
-
News
07 Mar 2011
Malvertising, pop-up ad virus problems demand more user protection
A recent pop-up ad infection on the London Stock Exchange's website highlights the growing scourge of malicious advertising, or malvertising. Continue Reading
-
Tip
02 Mar 2011
Employee information awareness training: PCI policy templates
To comply with PCI DSS -- and keep cardholder data secure -- organisations must train their employees on data handling best practices. This tip explains how. Continue Reading
-
News
01 Mar 2011
Intel finalises £5bn acquisition of McAfee
Intel has confirmed the completion of its $7.7bn (£5bn) acquisition of security software giant McAfee. Continue Reading
-
E-Zine
01 Mar 2011
Data dedupe: A natural fit with backup
The Spring edition of Storage Europe featured articles and the lastest information on data deduplication, backup, and cloud technologies. Download it now for all this and more. Sponsored by: Hewlett-Packard Company, EMC and Dell Compellent. Continue Reading
-
Tip
01 Mar 2011
10 identity and access management (IAM) implementation mistakes
An overview of the common issues organizations overlook while deploying an identity and access management (IAM) solution. Continue Reading
-
News
25 Feb 2011
nullcon 2011 Day Zero: Photo feature
Botnet detection, fuzzing intricacies, Zeus MitMo, VoIP attacks, and more. nullcon Day Zero saw considerable action worth the capture. Continue Reading
-
News
24 Feb 2011
ISC releases security fix for Bind DoS vulnerability
The Internet Systems Consortium has published an advisory and an update for the Bind domain name system software versions 9.7.1 to 9.7.2-P3. Continue Reading
-
News
24 Feb 2011
Exxon, Shell, BP hacked in Night Dragon attacks
Exxon Mobil, Royal Dutch Shell and BP were among the oil companies targeted by hackers working through internet servers in China, say US reports. Continue Reading
-
News
24 Feb 2011
Microsoft fixes security flaw in malware protection engine
Microsoft has patched a flaw in its malware protection engine that could be exploited to gain control of victim's computer. Continue Reading
-
News
22 Feb 2011
Legacy kit and lack of skills hold back digital video surveillance
A huge legacy investment in analogue equipment and a lack of data integration skills are holding back more widespread adoption of fully digital video surveillance systems, according to research just published. Continue Reading
-
News
22 Feb 2011
Middle East governments stepping up internet control, study shows
The internet has proved to be a powerful tool for rallying social and political change, but Middle East governments have also recognised their capability to disrupt communications Continue Reading
-
Tutorial
22 Feb 2011
Information security tutorials
SearchSecurity.co.uk's tutorials offer a variety of online information security training courses you can take on your own time at your own pace specifically for UK readers. They are designed to arm you with the foundational and tactical information you need to deal with the increasingly challenging job of keeping your organization's information secure. Continue Reading
-
Tutorial
22 Feb 2011
Quick and dirty Wireshark tutorial
Wireshark has become a very useful tool for many infosec pros. This hands-on Wireshark tutorial will acquaint you with the network sniffer’s capabilities. Continue Reading
-
News
21 Feb 2011
RSA 2011: Microsoft promotes co-ordinated vulnerability disclosure
Software producers remain largely unresponsive to input from security researchers, according to Aaron Portnoy, manager of the security research team HP TippingPoint. Continue Reading
-
News
21 Feb 2011
RSA 2011: Top attacks business will face in 2011
Social networking will be the attacker platform of choice in 2011, says Ed Skoudis, founder and senior security consultant with InGuardians. Continue Reading
-
News
17 Feb 2011
New SMB vulnerability identified in Windows XP and Server 2003
A new SMB vulnerability discovered in Windows could open systems to DoS attacks and remote access. The vulnerability, tagged as CVE-2011-0654, has been rated "critical" and confirmed on Windows Server 2003 SP2 and Microsoft Windows XP SP3. Continue Reading
-
News
17 Feb 2011
RSA 2011: RSA, EMC and VMWare advise on defending against advanced persistent threats
Security leaders have outlined ways organisations can better defend against advanced persistent threats (APTs) in a paper published by RSA, the security division of EMC. Continue Reading
-
News
17 Feb 2011
Optus email rejects shortened URLs
Optus has adjusted its email security regime to repel incoming emails that use URLs shortened by services like bit.ly or TinyURL. Continue Reading
-
News
15 Feb 2011
RSA 2011: Cybersecurity leads conference with cloud security keynote
Cybersecurity is one of the key topics at the RSA Conference 2011 taking place this week in San Francisco. Continue Reading
-
News
14 Feb 2011
Dell rolls out services for enterprise mobility
Dell has introduced a portfolio of services to help businesses manage mobile devices and an increasingly mobile workforce. Continue Reading
-
News
11 Feb 2011
Mobile hacker attacks will damage business in 2011
Businesses cannot afford to ignore mobile hacking attacks as they are proving extremely lucrative over shorter periods, a study of mobile threats has found. Continue Reading
-
News
10 Feb 2011
ID card database is destroyed
The National Identity Register (NIR), which was built to hold the fingerprints and personal details of millions of ID card holders, has been publicly destroyed. Continue Reading
-
News
10 Feb 2011
IT departments are unable to support employee devices
Security concerns are holding companies back from allowing staff to use their own technology at work. Continue Reading
-
News
10 Feb 2011
Mobile workers practise lax security
More than half of Europeans practise unsafe networking when they work away from the office, according to research by German remote access experts NCP Engineering. Continue Reading
-
News
09 Feb 2011
Microsoft's February Patch Tuesday outlines five critical vulnerabilities
Microsoft has released 12 security bulletins addressing 22 vulnerabilities in its monthly security update for February Continue Reading
-
News
08 Feb 2011
Post Office faces legal action over alleged accounting system failures
More than 50 postmasters are planning legal action against the Post Office to reclaim money they paid to the Post Office after being accused of theft and false accounting. Continue Reading
-
News
08 Feb 2011
AXA in £150m settlement for software glitch
Financial services giant AXA will be forced to pay millions of pounds to clients after it emerged that errors in trading software were hidden by three of its subsidiaries, prompting bad performance in investment portfolios. Continue Reading
-
News
08 Feb 2011
Businesses must learn how to defend against cyberattack, says McAfee
Cybercrime has thrived over the past decade according to recent reports from security firm McAfee, but business can expect even more dramatic change in the next ten years, researchers say. Continue Reading
-
Photo Story
08 Feb 2011
Ten most dangerous places to offshore your IT
A report published by the Brown-Wilson Group details which locations are the most risky places to outsource. Continue Reading
-
E-Zine
01 Feb 2011
Handle with care: Calculating and managing risk is tricky business
Faced with an ever increasing bevy of sophisticated threats, information security risk managers have a difficult job. This edition of IT in Europe: Information Security e-zine assesses the reputation of risk management, considers the role of the CISO when sharing sensitive data with third parties, and ranks the global cyberthreat. Continue Reading
-
News
31 Jan 2011
Vodafone restores services to Egypt after mobile shutdown
Mobile operator, Vodafone, has restored mobile phone services in Egypt after a 24-hour shutdown. Continue Reading
-
News
28 Jan 2011
SMEs still lack data backup
Many small business lack data recovery plans, despite a recent uptake in cloud adoption, according to a survey. Continue Reading
-
Tip
28 Jan 2011
Seven social media security best practices
This tip aims to highlight seven crucial factors to be considered while devising a strategy for optimal social media security. Continue Reading
-
News
26 Jan 2011
Cybercriminals target data in transit
Cybercriminals are shifting away from basic "smash and grab" attacks targeting stored data to more complex methods of data harvesting in transit, security research reveals. Continue Reading
-
News
25 Jan 2011
Spam level dips
The recent decline in global spam was the result of a halt in the spam-sending activities of three botnets and unrest among pharmaceutical spam-sending gangs, Symantec's latest MessageLabs Intelligence Report has revealed. Continue Reading
-
News
25 Jan 2011
Smart meter and smart grids: security risk or opportunity?
A smart meter in every home in the UK by 2017 is the government plan as a first step towards a smart grid, but how can we ensure the benefits will outweigh the security risks? Continue Reading