Network security management
-
Opinion
19 Dec 2024
Innovation, insight and influence: the CISO playbook for 2025 and beyond
From Covid-19 to war in Ukraine, SolarWinds Sunburst, Kaseya, Log4j, MOVEit and more, the past five years brought cyber to mainstream attention, but what comes next? The Computer Weekly Security Think Tank looks ahead to the second half of the 2020s Continue Reading
-
News
18 Dec 2024
The Security Interviews: Martin Lee, Cisco Talos
Threat intel expert and author Martin Lee, EMEA technical lead for security research at Cisco Talos, joins Computer Weekly to mark the 35th anniversary of the first ever ransomware attack Continue Reading
-
News
18 Nov 2022
Enterprises embrace SD-WAN but miss benefits of integrated approach to security
Research from managed network and security services provider finds virtually all enterprises have deployed software-defined wide area networks or plan to do so within the next 24 months, but nearly half reported they either don’t have security integrated with SD-WAN or have no specific SD-WAN security at all Continue Reading
-
News
17 Nov 2022
Another Log4Shell warning after Iranian attack on US government
The breach of a US federal body by an Iranian threat actor exploiting the Adobe Log4j Log4Shell vulnerability has prompted a fresh flurry of patching Continue Reading
-
News
16 Nov 2022
Global network fragmentation a source of increasing risk
Risk consultancy’s report says the weaponisation of cyber space and geopolitical clashes herald a breakdown of global networks into distinct regional or national architectures Continue Reading
-
Opinion
16 Nov 2022
Security Think Tank: Ransomware defences: An extended to-do list
Strategies to extend ransomware protection beyond backups and intrusion detection must centre dark web monitoring, among other things Continue Reading
-
Opinion
14 Nov 2022
Security Think Tank: Let’s be transparent about ransomware
Greater transparency regarding ransomware attacks, including details about attack methods used and what kinds of assets were compromised, would likely help the community prevent future attacks Continue Reading
-
News
11 Nov 2022
MoD recruits Immersive Labs to bolster cyber resilience
UK’s Ministry of Defence will run cyber drills and address its security talent gap with Immersive Labs’ CyberPro, Cyber Crisis Simulator and Application Security products Continue Reading
-
Opinion
11 Nov 2022
Security Think Tank: To stop ransomware, preparation is the best medicine
You can’t ‘stop’ ransomware, but you can do a lot to keep yourself from becoming ensnared when it strikes Continue Reading
-
News
09 Nov 2022
Optus earmarks A$140m to cover cost of data breach
Optus sets aside A$140m as an exceptional expense for a customer remediation programme following a massive data breach that affected 10 million customers Continue Reading
-
Definition
09 Nov 2022
What is Wi-Fi Piggybacking?
Piggybacking, in the context of Wi-Fi, is the use of a wireless connection to gain access to the internet without proper authority. Continue Reading
-
Opinion
09 Nov 2022
Security Think Tank: Anti-ransomware strategies should be as easy as ABC
When developing and implementing ransomware protection strategies, the importance of paying thorough attention to security measures you might consider elementary cannot be understated Continue Reading
-
News
04 Nov 2022
Microsoft: Nation-state cyber attacks became increasingly destructive in 2022
The willingness of nation-state actors to conduct destructive cyber attacks is a source of grave concern, as Microsoft’s latest annual Digital Defence Report lays bare Continue Reading
-
News
03 Nov 2022
Microsoft pledges $100m in new IT support for Ukraine
Microsoft will continue to offer free-of-charge technology support to Ukraine for the foreseeable future Continue Reading
-
News
03 Nov 2022
Automated threats biggest source of cyber risk for retailers
Threat actors targeting retailers during the coming holiday season are increasingly turning to automated forms of cyber attack, according to a report Continue Reading
-
Opinion
02 Nov 2022
Security Think Tank: Know your networks, know your suppliers
To combat the ransomware scourge, we must work harder to monitor and learn from the increasingly complex threat environment, keep a closer eye on supply chains, and share our insights Continue Reading
-
News
01 Nov 2022
NCSC looks back on year of ‘profound change’ for cyber
The NCSC ramped up its support for UK plc in the past 12 months, but it was events beyond the UK’s borders that proved the most impactful Continue Reading
-
Opinion
31 Oct 2022
Security Think Tank: Container security: why so different?
Done well, container security can be a model for securing the enterprise, and businesses that focus their teams on solving it can help accelerate positive change in other areas Continue Reading
-
Opinion
28 Oct 2022
How has container security changed since 2020, and have we taken it too far?
While containers are now one of the most popular ways to deploy applications, it is fair to say that the adoption and implementation of security best practice to govern their use has not kept up Continue Reading
-
Feature
27 Oct 2022
Will the OCSF create an open and collaborative cyber industry?
The Open Cybersecurity Schema Framework promises to transform security data analysis and collection, but there are challenges around adoption Continue Reading
-
News
27 Oct 2022
NHS to get new national CISO
The Department for Health and Social Care is seeking a new national CISO, who will be tasked with providing strategic cyber leadership, direction and expertise across DHSC and the wider NHS Continue Reading
-
News
27 Oct 2022
Medibank breach casts spotlight on data security
Health insurer Medibank Private recently suffered a major data breach involving the personal and health information of millions of customers, once again casting the spotlight on data security in Australia Continue Reading
-
News
25 Oct 2022
US authorities charge two Chinese spies over telco security probe
Two Chinese nationals have been charged with attempting to obstruct the criminal prosecution of a prominent Chinese telecoms firm Continue Reading
-
News
20 Oct 2022
The Security Interviews: Why now for ZTNA 2.0?
With organisations facing escalating online threats, security teams need to improve their defences using zero-trust network access to preserve the integrity of their systems. Palo Alto Networks’ Simon Crocker shares his views on zero-trust network access Continue Reading
-
Feature
20 Oct 2022
VPN vs. zero trust vs. SDP: What's the difference?
For strong network security, many vendors say VPNs don't cut it anymore. Enter the zero-trust security model and SDPs. Continue Reading
-
News
20 Oct 2022
Cyber professional shortfall hits 3.4 million
Shortage of cyber security professionals continues to grow and shows no signs of abating, says report Continue Reading
-
Tip
19 Oct 2022
The future of VPNs in the enterprise
VPNs have been the workhorse of online connectivity. Enhancements to software and processing power in end devices will transform how companies use the technology going forward. Continue Reading
-
News
14 Oct 2022
Protecting children by scanning encrypted messages is ‘magical thinking’, says Cambridge professor
Ross Anderson argues in a rebuttal to GCHQ experts that using artificial intelligence to scan encrypted messaging services is the wrong approach to protecting children and preventing terrorism Continue Reading
-
News
14 Oct 2022
Australia becoming hotbed for cyber attacks
Research by Imperva shows an 81% increase in cyber security incidents in Australia between July 2021 and June 2022, including automated attacks that doubled in frequency Continue Reading
-
News
13 Oct 2022
Gartner: Remote work, zero trust, cloud still driving cyber spend
Security leaders are eager to spend on categories including remote and hybrid cyber offerings, zero-trust network access, and cloud Continue Reading
-
E-Zine
13 Oct 2022
CW Middle East: Qatar strengthens cyber defences ahead of FIFA World Cup
Being the first Arab country to host the World Cup is pressure enough on Qatar, but there is also a massive cyber security challenge associated with any event of this magnitude. Read about its preparations. Also in this issue, find out about the unique challenges of hiring IT professionals in Saudi Arabia. Continue Reading
-
News
12 Oct 2022
NCSC urges organisations to secure supply chains
NCSC’s latest guidance package centres supply chain security, helping medium to large organisations assess and mitigate cyber risks from suppliers Continue Reading
-
News
12 Oct 2022
French Supreme Court rejects EncroChat verdict after lawyers question secrecy over hacking operation
France’s Supreme Court has sent a case back to the court of appeal after police failed to disclose technical details of EncroChat hacking operation Continue Reading
-
Tip
11 Oct 2022
What is zero-trust network access? ZTNA basics explained
Zero-trust network access is touted as the solution to replace the VPN. As the potential future of network security, learn more about ZTNA, including its benefits and challenges. Continue Reading
-
News
10 Oct 2022
How Cloudflare is staying ahead of the curve
Cloudflare co-founder and CEO Matthew Prince talks up what has changed since the company’s first business plan was written in 2009 and how it keeps pace with the fast-moving network security landscape Continue Reading
-
Feature
05 Oct 2022
Air gaps for backup and how they help against ransomware
The air gap is a basic of backups and storage. We look at what’s meant by an air gap, the rise of the logical air gap, and its place in the fight against ransomware Continue Reading
-
Definition
05 Oct 2022
network security
Network security encompasses all the steps taken to protect the integrity of a computer network and the data within it. Continue Reading
-
News
05 Oct 2022
Inside Dell Technologies’ zero-trust approach
Dell Technologies’ zero-trust reference model starts with defining business controls and having a central control plane that manages all the security aspects of an organisation’s infrastructure Continue Reading
-
Tip
29 Sep 2022
The 5 principles of zero-trust security
Zero trust is a journey, not a destination. Ensure your corporate network is safe from internal and external threats by implementing these five principles of zero-trust security. Continue Reading
-
News
29 Sep 2022
Failure of Russia’s cyber attacks on Ukraine is most important lesson for NCSC
Russia has so far failed in its attempts to destabilise Ukraine through cyber attacks due to strength of Ukrainian, security industry and international efforts Continue Reading
-
News
28 Sep 2022
UK suffers third highest number of ransomware attacks globally
Based on an analysis of around 5,000 ransomware incidents, NordLocker has found that UK businesses, and small businesses in particular, are a priority target for ransomware gangs Continue Reading
-
News
28 Sep 2022
Most hackers exfiltrate data within five hours of gaining access
Insights from more than 300 sanctioned adversaries, otherwise known as ‘ethical’ hackers, reveal that around two-thirds are able to collect and exfiltrate data within just five hours of gaining access Continue Reading
-
News
27 Sep 2022
Fraudsters adapt phishing scams to exploit cost-of-living crisis
Around 80,000 Brits a month are falling victim to phishing attacks as fraudsters switch up tactics to take advantage of cost-of-living crisis and behavioural changes prompted by pandemic Continue Reading
-
Definition
23 Sep 2022
Google dork query
A Google dork query, sometimes just referred to as a dork, is a search string or custom query that uses advanced search operators to find information not readily available on a website. Continue Reading
-
News
23 Sep 2022
Threat actors abused lack of MFA, OAuth in spam campaign
Microsoft threat researchers have reported on a series of cyber attacks in which enterprises with lax IAM policies had their systems hijacked to conduct spam email campaigns Continue Reading
-
News
22 Sep 2022
Nordic private equity firms pursue cyber security acquisitions
Increasing interest in the security sector from Nordic private equity firms is a reflection of growing threats and increasing enterprise security budgets Continue Reading
-
News
22 Sep 2022
Privacy Pledge signatories dream of alternative internet
A group of privacy-focused organisations have come together to establish a set of principles for taking the internet back from big tech and surveillance capitalism Continue Reading
-
News
20 Sep 2022
Reports Uber and Rockstar incidents work of same attacker
Rockstar Games was hit over the weekend by an attacker who claimed to have accessed its Slack channel to steal data on an upcoming release, and may be the same person who compromised Uber Continue Reading
-
Definition
19 Sep 2022
cryptojacking
Cryptojacking is a cybercrime in which another party's computing resources are hijacked to mine cryptocurrency. Continue Reading
-
News
16 Sep 2022
Six new vulnerabilities added to CISA catalogue
CISA adds six new vulnerabilities to its most-wanted list, including one that dates back to 2010 Continue Reading
-
News
16 Sep 2022
Uber suffers major cyber attack
Details are trickling out of an apparent ‘near total’ compromise of ride-sharing service Uber by an alleged teenage hacktivist Continue Reading
-
News
15 Sep 2022
Nominations closing soon for annual cyber awards
Nominations for the annual Security Serious Unsung Heroes Awards closes 16 September Continue Reading
-
News
15 Sep 2022
US charges three Iranians over CNI cyber attacks
Three Iranian nationals have been indicted over a spate of ransomware attacks against organisations in the US, UK, Israel and Iran Continue Reading
-
News
14 Sep 2022
FormBook knocks Emotet off top of malware chart
FormBook emerged as the most widely seen malware in August, according to Check Point’s latest data Continue Reading
-
News
14 Sep 2022
Microsoft patches 64 vulnerabilities on September Patch Tuesday
Microsoft drops fixes for five critical vulnerabilities and one zero-day in its latest monthly update Continue Reading
-
News
14 Sep 2022
DDoS attacks on UK financial sector surged during Ukraine war
A quarter of cyber security incidents reported to the Financial Conduct Authority in the first six months of 2022 involved DDoS, with a likely link to events in Ukraine Continue Reading
-
News
13 Sep 2022
Cloud compromise a doddle for threat actors as victims attest
Two separate studies into the state of public cloud security reveal insight into the ease with which threat actors can compromise vast numbers of targets, and some of the challenges security teams are facing in the cloud Continue Reading
-
News
13 Sep 2022
Cisco confirms leaked data was stolen in Yanluowang ransomware hit
Cisco has confirmed that data leaked last week by the Yanluowang ransomware gang was that stolen during a May 2022 cyber attack Continue Reading
-
News
12 Sep 2022
CISOs should spend on critical apps, cloud, zero-trust, in 2023
Faced with a global recession next year, security buyers should try to direct investment towards technology that protects customer-facing and revenue-generating workloads, say analysts Continue Reading
-
News
08 Sep 2022
NCSC CyberUK event heads to Belfast in 2023
National Cyber Security Centre’s annual CyberUK roadshow is crossing the Irish Sea to Belfast in April 2023 Continue Reading
-
News
08 Sep 2022
Chinese APT using PlugX malware on espionage targets
China’s Bronze President APT is once again targeting government officials of interest to its paymasters, this time using forged diplomatic correspondence, according to the Secureworks Counter Threat Unit Continue Reading
-
News
08 Sep 2022
Dutch cyber security organisations to join forces
Cyber security organisations in the Netherlands are going to merge into a single central expertise centre and information hub, which all organisations in the country will soon be able to tap into Continue Reading
-
News
07 Sep 2022
August ’22 a bumper month for high-impact vulnerabilities
Bugs in products from Apple, Google, Microsoft and VMware dominated the threat landscape in August, says Recorded Future Continue Reading
-
News
07 Sep 2022
Prince’s Trust teams with threat management specialist in skills push
Prince’s Trust hopes to address shortfall in cyber professionals and improve diversity in the industry Continue Reading
-
News
07 Sep 2022
Hotel group IHG confirms cyber attack after two-day outage
IHG, the operator of hotel chains Crowne Plaza, Holiday Inn, Intercontinental and Kimpton, says it has been targeted by an unknown threat actor Continue Reading
-
News
07 Sep 2022
Cyber threats to Europe’s grid: Utilities rethink strategy
The separation of operational and information technology at utilities across Europe is opening doors for cyber criminals Continue Reading
-
News
01 Sep 2022
New (ISC)² cyber careers schemes go live
(ISC)² has opened up two new global cyber careers schemes to applicants to try to help organisations fill 2.7 million vacant roles worldwide Continue Reading
-
News
30 Aug 2022
UK government presses on with new cyber rules for telcos
Government has finalised new security rules for telecoms companies and will move to make them binding in the near future Continue Reading
-
News
24 Aug 2022
Most CISOs think they’ve been attacked by a nation state
Most organisations have made changes to their cyber strategies and policies following Russia’s invasion, and almost two-thirds suspect they have been directly targeted or impacted by a nation-state cyber attack Continue Reading
-
News
24 Aug 2022
Alleged Twitter security failings spell trouble ahead
Twitter’s former security head, Peiter Zatko, has alleged a number of serious cyber failures at the social media platform, raising the spectre of investigations and sanctions Continue Reading
-
News
23 Aug 2022
NCSC shares cyber guidance for large infrastructure builds
Balfour Beatty and McAlpine are among the large construction firms to have input into latest NCSC guidance for ensuring the security of major infrastructure projects Continue Reading
-
News
22 Aug 2022
Kaspersky threat data added to Microsoft Sentinel service
Microsoft and Kaspersky have agreed a collaboration to integrate Kaspersky’s threat data feeds into Microsoft’s cloud-native SIEM/SOAR service Continue Reading
-
News
19 Aug 2022
Cradlepoint unveils networking architecture addressing 5G, SD-WAN, zero-trust intersection
Cloud-delivered LTE and 5G wireless network services provider launches software-based offering to manage remote connections and provide flow-level visibility Continue Reading
-
News
19 Aug 2022
Cozy Bear targets MS 365 environments with new tactics
Cozy Bear, or APT29, is trying out new tricks as it seeks access to its targets’ Microsoft 365 environments Continue Reading
-
News
18 Aug 2022
Amazon Ring vulnerability could have been used to spy on users
A now-patched vulnerability in the Amazon Ring mobile app could have been exploited to expose users’ video recordings, but was complex to exploit, according to the researchers who stumbled upon it Continue Reading
-
News
18 Aug 2022
Ukraine war drives DDoS attack volumes ever higher
There has been a boom in distributed denial-of-service attacks in the first six months of 2022, according to a report, with Russia’s war on Ukraine helping to drive activity Continue Reading
-
Opinion
18 Aug 2022
Why you should start your post-quantum encryption migration now
Some say we have the best part of a decade to prepare for the security risks that quantum computing presents to current encryption tech, but PA Consulting experts believe that timeframe is shrinking dramatically Continue Reading
-
News
15 Aug 2022
Report reveals consensus around Computer Misuse Act reform
A study produced by the CyberUp campaign reveals broad alignment among security professionals on questions around the Computer Misuse Act, which it hopes will give confidence to policymakers as they explore its reform Continue Reading
-
News
12 Aug 2022
How critical infrastructure operators can secure OT data
Cohesity’s CISO discusses the challenges of securing data in operational technology systems and what can be done to mitigate security threats Continue Reading
-
News
11 Aug 2022
Researcher finds 10 vulnerabilities in Cisco firewalls
At Black Hat USA, Rapid7 researchers report on 10 security issues in popular Cisco firewall products, many of which do not yet have patches Continue Reading
-
News
11 Aug 2022
Cisco averts cyber disaster after successful phishing attack
A potentially serious cyber attack on Cisco’s systems that began after a threat actor successfully exploited an employee’s carelessly secured credentials was thwarted without major damage Continue Reading
-
News
11 Aug 2022
Seacom teams up with BT to deliver enterprise communications services across Africa
Deal with leading UK telco intended for customers of Africa’s first broadband submarine cable system to benefit from what is claimed to be world-class portfolio of network services Continue Reading
-
News
09 Aug 2022
Cyber insurance getting harder to obtain
Organisations looking to shore up their security postures face more and more barriers to obtaining cyber insurance Continue Reading
-
News
05 Aug 2022
Reliance on PSN may have exacerbated cyber attack impact
As it seeks a new supplier to reinvigorate the migration away from the Public Services Network, the Cabinet Office says relying on the legacy network may be putting public sector bodies at heightened risk in cyber attacks Continue Reading
-
News
03 Aug 2022
Shift to remote work sees major rise in cyber crime
Survey finds almost four in five cyber security teams agree that recent changes to working practices have adversely affected their organisation’s cyber security, with one-fifth banning the use of public Wi-Fi by policy Continue Reading
-
News
03 Aug 2022
DrayTek patches SOHO router bug that left thousands exposed
Network hardware supplier has fixed an unauthenticated RCE vulnerability in multiple routers in its Vigor line, after being alerted by Trellix researchers Continue Reading
-
News
29 Jul 2022
Austrian data firm accused of selling malware, conducting cyber attacks
Microsoft has accused DSIRF, an Austrian data services firm, of involvement in a string of cyber attacks Continue Reading
-
News
28 Jul 2022
NCSC startups scheme turns focus to operational technology, SME security
NCSC for Startups initiative turns its focus to supporting innovation around securing operational technology and addressing the challenges facing small businesses Continue Reading
-
News
27 Jul 2022
Cyber security training ‘boring’ and largely ignored
Two-thirds of employees don’t bother to pay attention to cyber security training – and the fault does not lie with them Continue Reading
-
News
26 Jul 2022
Visibility and proactive stance needed to secure OT systems
Critical infrastructure operators need to have more visibility into their IT and operational technology environment, and take a more active stance to fend off sophisticated adversaries, expert says Continue Reading
-
News
25 Jul 2022
NCSC seeks community input for Cyber Advisor service
The NCSC is proposing to establish a new Cyber Advisor service to train up experts in security guidance, and is inviting interested parties to come forward Continue Reading
-
News
25 Jul 2022
The Security Interviews: Why you need to protect abandoned digital assets
The war in Ukraine and subsequent boycott of Russia resulted in a swathe of digital infrastructure being abandoned, becoming a potential vulnerability for many organisations, says Cyberpion’s Ran Nahmias Continue Reading
-
News
21 Jul 2022
Buy ‘plug-n-play’ malware for the price of a pint of beer
Three-quarters of malwares and almost 90% of exploits retail on the dark web for about £8.40 or less, according to a report Continue Reading
-
News
21 Jul 2022
Russia-linked APTs targeted fleeing Ukrainian civilians
Mandiant and the US authorities have shared details of a phishing campaign that spoofed humanitarian information on evacuation procedures to target Ukrainians fleeing Russian bombardment Continue Reading
-
News
20 Jul 2022
(ISC)² expands entry-level cyber programme after UK success
Flush with success from a UK certification programme, reaching 100k in the UK, (ISC)² now wants to provide free security certification to a million people worldwide Continue Reading
-
News
20 Jul 2022
Cato aims to bust cyber myths as it extends network protections
Cato Networks is beefing up its platform’s security features with ransomware and data loss protections, and the firm’s security strategy lead Etay Maor is using the occasion – and his unique access to billions of data points from the firm’s network – to explode some cyber myths Continue Reading
-
News
20 Jul 2022
Russia’s Cozy Bear abusing Dropbox, Google Drive to target victims
Russian APT known as Cozy Bear has become adept at quickly incorporating popular cloud storage services into its attack chain to avoid detection Continue Reading
-
News
15 Jul 2022
NHS trust ‘deliberately’ deleted up to 90,000 emails before tribunal hearing
A high-profile case brought by NHS whistleblower Chris Day raises questions about the adequacy of information governance practices in NHS hospital trusts Continue Reading
-
News
14 Jul 2022
Videogame maker Bandai Namco confirms cyber attack
Bandai Namco, developer of videogames including Pac-Man, Tekken and Dark Souls, has broken days of silence to confirm it has been hit by a cyber attack Continue Reading
-
News
13 Jul 2022
July Patch Tuesday brings more than 80 fixes, one zero-day
While some admins can put their feet up and let Windows Autopatch do the hard work of updating their Microsoft estates, for the rest of us, the Patch Tuesday bandwagon keeps on keeping on Continue Reading
-
News
12 Jul 2022
Singapore doubles down on OT security
The Cyber Security Agency of Singapore will fund 80 scholarships to groom a talent pool of operational technology security experts, among other efforts to bolster the security of critical infrastructure in the city-state Continue Reading
-
News
07 Jul 2022
Latest Marriott data breach not as serious as others
Questions are again being raised over Marriott’s cyber security practices following yet another incident, but fortunately it seems limited in its scope, and the company is responding appropriately Continue Reading