Network security management
-
Opinion
19 Dec 2024
Innovation, insight and influence: the CISO playbook for 2025 and beyond
From Covid-19 to war in Ukraine, SolarWinds Sunburst, Kaseya, Log4j, MOVEit and more, the past five years brought cyber to mainstream attention, but what comes next? The Computer Weekly Security Think Tank looks ahead to the second half of the 2020s Continue Reading
-
News
18 Dec 2024
The Security Interviews: Martin Lee, Cisco Talos
Threat intel expert and author Martin Lee, EMEA technical lead for security research at Cisco Talos, joins Computer Weekly to mark the 35th anniversary of the first ever ransomware attack Continue Reading
-
News
06 Jul 2022
Plexal seeks new scaleups for next phase of Cyber Runway
Established security startups looking to grow and scale their operations are being invited to join the next phase of Plexal’s Cyber Runway programme Continue Reading
-
News
05 Jul 2022
LogRhythm bullish on growth in APAC
LogRhythm expects its business in the region to grow by over 20% this year thanks to demand from emerging economies where cyber security investments have not kept pace with cyber threats Continue Reading
-
News
05 Jul 2022
NCSC CEO: Why we should run towards crises to elevate cyber security
National Cyber Security Centre CEO Lindy Cameron, the 2022 Computer Weekly UKtech50 Most Influential Person in UK IT, reflects on a career immersed in crisis management, and how she is using this to elevate cyber security standards across the country Continue Reading
-
E-Zine
05 Jul 2022
How to get the right level of cyber insurance
In this week’s Computer Weekly, we look at how the market for cyber insurance is evolving and how to avoid buying the wrong level of cover. We find out what role hydrogen technologies could play in reducing datacentre carbon emissions. And we hear how a 125-year-old bicycle maker is embracing digital innovation. Read the issue now. Continue Reading
-
News
29 Jun 2022
New cyber extortion op appears to have hit AMD
Semiconductor specialist AMD has confirmed it is investigating reports that a ‘bad actor’ has stolen hundreds of gigabytes of its data Continue Reading
-
News
28 Jun 2022
Russia-aligned hacktivists behind Lithuania DDoS attack
Killnet hacktivist collective targeted Lithuania with distributed denial of service attacks after its government angered the Kremlin Continue Reading
-
News
27 Jun 2022
Commercial cyber products must be used responsibly, says NCSC CEO
NCSC’s Lindy Cameron is to speak out on responsible regulation of cyber capabilities at an event in Tel Aviv, Israel Continue Reading
-
Feature
27 Jun 2022
The cyber security impact of Operation Russia by Anonymous
The campaign against the Russian government by Anonymous surprised many with the depth and scale of the cyber attacks. What can we learn from this online war? Continue Reading
-
E-Zine
24 Jun 2022
CW APAC: Tech career guide to cyber security
The demands placed on those fighting against hackers are constantly evolving. In this handbook, focused on cyber security in the Asia-Pacific region, Computer Weekly looks at the skills required to make it in the industry, how Singapore’s critical systems remain protected, the short-term options for tech stack management and how organisations can support cyber professionals’ mental health. Continue Reading
-
News
24 Jun 2022
US cyber agency in fresh warning over Log4Shell risk to VMware
Many VMware Horizon and UAG servers remain defenceless against Log4Shell, and organisations continue to fall victim to the vulnerability Continue Reading
-
Opinion
24 Jun 2022
Assessment and knowledge: Your key tools to secure suppliers
There is no silver bullet that will resolve all the issues arising from today’s interconnected businesses and complex supply chains, but there are some key tools at your disposal Continue Reading
-
News
23 Jun 2022
Ukraine cyber agency enlists Radware to protect government networks
Ukraine’s State Service of Special Communications and Information Protection is using Radware cloud DDoS protection and web application firewall services to protect the government from persistent Russian attacks Continue Reading
-
Opinion
23 Jun 2022
Security Think Tank: Supply chain security demands systematic approach
Supply chain security measures need to be systematic and assessed so as to minimise the complexity and cost to the business Continue Reading
-
News
22 Jun 2022
How TDCX is building a people-centric business
Every digital tool deployed by the Singapore-based services firm is aimed at augmenting the performance and experience of its employees, says TDCX’s group CIO, Byron Fernandez Continue Reading
-
Opinion
22 Jun 2022
Security Think Tank: Balanced approach can detangle supply chain complexity
Achieving an appropriate balance between people, processes and technology can help to detangle the complexities of the supply chain and create better security practices Continue Reading
-
News
21 Jun 2022
CNI leaders’ attitude to ransomware lackadaisical at best
A survey of security decision-makers in sectors regarded as critical national infrastructure reveals a disappointing attitude to ransomware threats Continue Reading
-
Opinion
21 Jun 2022
Supply chain security goes deep – forget this at your peril
It may have hit the headlines as an IT issue, but supply chain security goes far deeper into an organisation than just technology Continue Reading
-
News
20 Jun 2022
Complex Russian cyber threat requires we go back to basics
The situation in Russia is anything but simple, but it is the fundamentals of cyber security hygiene that pose the best defence against the country’s digital threat, as Mandiant’s Jamie Collier explains Continue Reading
-
Feature
17 Jun 2022
What the EU’s content-filtering rules could mean for UK tech
EU proposals to clamp down on child sexual abuse material will have a material impact on the UK’s technology sector Continue Reading
-
News
16 Jun 2022
TalkTalk hacker Daniel Kelley gives up his black hat for good
After serving a four-year prison sentence for his role in the 2015 TalkTalk hack and other cyber offences, Daniel Kelley now wants to pursue a legitimate cyber security career Continue Reading
-
News
16 Jun 2022
Dundee security research centre opens with support from SBRC
An £18m hub at Abertay University in Dundee forms the centrepiece of Scotland’s first security research cluster Continue Reading
-
News
16 Jun 2022
Office 365 loophole may give ransomware an easy shot at your files
Researchers at Proofpoint have discovered potentially dangerous Microsoft Office 365 functionality that they believe may give ransomware a clear shot at files stored on SharePoint and OneDrive Continue Reading
-
Opinion
16 Jun 2022
Security Think Tank: Best practices for boosting supply chain security
In a highly connected world, managing the supply chain landscape requires an adaptation of the ‘traditional’ approach to managing cyber risk Continue Reading
-
News
15 Jun 2022
$2k to access your organisation on the dark web
Dark web brokers will sell access to company networks and systems for an average of $2,000 to $4,000 Continue Reading
-
News
15 Jun 2022
Patch Tuesday dogged by concerns over Microsoft vulnerability response
The last Patch Tuesday in its current form is overshadowed by persistent concerns about how Microsoft deals with vulnerability disclosure Continue Reading
-
Opinion
15 Jun 2022
Security Think Tank: Basic steps to secure your supply chain
When it comes to supply chain security, there are some core things you should be doing – but remember, the devil is in the detail Continue Reading
-
News
13 Jun 2022
New warning over tech suppliers in thrall to hostile governments
Ukraine war could lead to shakeup of dual-use tech exports, says former UK intelligence officer Continue Reading
-
News
13 Jun 2022
Qatar bolsters cyber security in preparation for World Cup
With hackers honing their cyber weapons to target the upcoming football World Cup, Qatar is busy developing countermeasures and raising awareness Continue Reading
-
Opinion
10 Jun 2022
Security Think Tank: Don’t trust the weakest link? Don’t trust any link
Your security model shouldn’t fall apart just because a part of your business, or a partner, has weak security. This is why information-centric security is a must Continue Reading
-
News
08 Jun 2022
China using top consumer routers to hack Western comms networks
An advisory from US cyber authorities shares details of multiple vulnerabilities exploited by Chinese state actors to hack into Western telecoms networks Continue Reading
-
News
08 Jun 2022
ProxyLogon, ProxyShell may have driven increase in dwell times
The median network intruder dwell time was up 36% to 15 days last year, thanks to massive exploitation of the ProxyLogon and ProxyShell vulnerabilities by IABs, according to new Sophos data Continue Reading
-
News
01 Jun 2022
Executive interview: Jeetu Patel, general manager of collaboration and security, Cisco
Anyone with an idea can help solve a problem if geography and distance don’t matter when bringing in talent, says Cisco’s collaboration and security chief Continue Reading
-
Opinion
01 Jun 2022
What does the EU’s NIS 2 cyber directive cover?
We run the rule over the European Union’s updated NIS2 security directive Continue Reading
-
Opinion
31 May 2022
The importance of making information security more accessible
Robin Smith, CSO of Aston Martin Lagonda, talks about how an accessible approach to cyber is helping him to keep the organisation secure Continue Reading
-
News
31 May 2022
Researchers discover zero-day Microsoft vulnerability in Office
Malicious Word documents have been used to invoke a previously undisclosed vulnerability in Microsoft Office without user interaction through Windows utility functions Continue Reading
-
News
31 May 2022
Singapore doubles down on quantum technology
The city-state is shoring up its quantum talent and quantum device manufacturing capabilities in a bid to advance its knowhow in the emerging technology Continue Reading
-
Opinion
30 May 2022
Strong internal foundations are key to withstanding external threats
The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these attack pathways better in order to fight back Continue Reading
-
News
26 May 2022
Consultation launched on datacentre, cloud security
The government is seeking views on how to boost the security and resilience of the UK’s datacentres and online cloud platforms Continue Reading
-
Opinion
26 May 2022
Security Think Tank: Core security processes must adapt in a complex landscape
The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these attack pathways better in order to fight back Continue Reading
-
News
24 May 2022
Bad bots make up a quarter of APAC’s web traffic
Bots that run automated tasks have been responsible for stealing personal information among other malicious activities in the Asia-Pacific region, study finds Continue Reading
-
News
20 May 2022
Chinese cyber spooks exploit western sanctions on Russia
The actor behind an ongoing Chinese espionage campaign targeting Russian defence research bodies is taking advantage of the Ukraine war in their phishing lures Continue Reading
-
News
19 May 2022
Defensive cyber attacks may be justified, says attorney general
Speaking ahead of a speech at the Chatham House think tank, the UK’s attorney general has suggested defensive cyber attacks against hostile countries may be legally justifiable Continue Reading
-
News
19 May 2022
Top cyber criminal earnings outpace those of business leaders
Cyber crime can pay significantly better than leading a FTSE 100 organisation, according to a report Continue Reading
-
News
19 May 2022
Nature of cyber war evolving in real time, says Microsoft president
The past three months have seen the rapid evolution of the very nature warfare to incorporate cyber attacks, Microsoft’s Brad Smith tells the audience at its Envision conference in London Continue Reading
-
News
19 May 2022
Red teaming will be standard in Dutch governmental organisations by 2025
The Dutch government wants to include the testing of the digital security of systems, processes and people – also known as red teaming – in all of its governmental organisations’ test planning and budgeting by 2025 at the latest Continue Reading
-
Opinion
19 May 2022
Security Think Tank: Yes, zero trust can help you understand attack paths
The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these attack pathways better in order to fight back Continue Reading
-
Opinion
18 May 2022
Security Think Tank: To follow a path, you need a good map
The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these attack pathways better in order to fight back Continue Reading
-
News
17 May 2022
Australian CISOs least prepared for cyber attacks
Australian CISOs are under pressure and feel the least prepared globally to deal with the consequences of a cyber attack, study finds Continue Reading
-
Opinion
12 May 2022
Security Think Tank: Your path to understanding attack paths
The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these attack pathways better in order to fight back Continue Reading
-
News
12 May 2022
APAC career guide: Becoming a cyber security pro
The region’s burgeoning cyber security industry has attracted more talent last year, but it takes more than just technical knowhow to succeed in the field Continue Reading
-
News
11 May 2022
CyberUK 22: Five Eyes focuses on MSP security
The western intelligence community has set out practical steps IT service providers and their customers can take to protect themselves Continue Reading
-
News
11 May 2022
CyberUK 22: Data-sharing service to protect public from scams
A new data-sharing service set up by the NCSC and industry partners will give ISPs access to real-time threat data that they can use to block fraudulent websites Continue Reading
-
News
11 May 2022
Analysts confirm return of REvil ransomware gang
Secureworks CTU analysis has found that the REvil ransomware is undergoing active development, possibly heralding a new campaign of cyber attacks Continue Reading
-
News
11 May 2022
Cyber accreditation body Crest forges new training partnerships
Crest says partnerships with Hack The Box and Immersive Labs will enhance its members’ defensive and offensive security skills Continue Reading
-
News
11 May 2022
Microsoft fixes three zero-days on May Patch Tuesday
It’s the second-to-last Patch Tuesday as we know it, and Microsoft has fixed a total of 75 bugs, including three zero-days Continue Reading
-
News
10 May 2022
CyberUK 22: Cyber leaders affirm UK’s whole-of-society strategy
On the opening day of CyberUK 2022, GCHQ director Jeremy Fleming and NCSC CEO Lindy Cameron have spoken of their commitment to the government’s ambition for a whole-of-society cyber strategy Continue Reading
-
News
10 May 2022
NCSC pins Viasat cyber attack on Russia
UK authorities have attributed the 24 February cyber attack on the network of satellite comms company Viasat to Russia Continue Reading
-
News
10 May 2022
CyberUK 22: NCSC refreshes cloud security guidance
The National Cyber Security Centre is revising its cloud guidance as increasing uptake of potentially vulnerable cloud services puts more organisations at risk of compromise Continue Reading
-
Opinion
05 May 2022
Security Think Tank: Identify, assess and monitor to understand attack paths
The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these attack pathways better in order to fight back Continue Reading
-
News
04 May 2022
NHS email accounts hijacked for phishing campaign
Microsoft credentials targeted in phishing operation using hijacked NHSMail accounts Continue Reading
-
News
04 May 2022
Intellectual property theft operation attributed to Winnti group
Winnti conducted a prolonged cyber espionage campaign that went undetected for years, allowing it to exfiltrate massive amounts of corporate data and intellectual property Continue Reading
-
Opinion
04 May 2022
Security Think Tank: Defenders must get out ahead of complexity
The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to better understand these attack pathways to fight back Continue Reading
-
News
03 May 2022
Five TLS comms vulnerabilities hit Aruba, Avaya switching kit
Five new vulnerabilities in the implementation of transport layer security communications leave several popular switches vulnerable to remote code execution Continue Reading
-
Opinion
03 May 2022
Security Think Tank: Solving for complexity in the network
The modern-day abundance of IT platforms, apps and tools gives the bad guys ample opportunity to move rapidly through the network to hit critical assets. Security teams must understand these attack pathways better in order to fight back Continue Reading
-
News
29 Apr 2022
Attackers enlist cloud providers in large HTTPS DDoS hit
A recent large-scale DDoS incident shows how cyber criminals are switching up their tactics to conduct more sophisticated attacks Continue Reading
-
News
29 Apr 2022
Orange Business Services delivers global SD-WAN to Siemens
Digital services company and global enterprise division of the global telco teams with leading German technology firm to complete what is said to be one of the largest software-defined wide area network deployments in the world, covering 1,168 worldwide locations across 94 countries Continue Reading
-
Definition
28 Apr 2022
Sender Policy Framework (SPF)
Sender Policy Framework (SPF) is a protocol designed to restrict who can use an organization's domain as the source of an email message. Continue Reading
-
News
28 Apr 2022
SoftBank invests in Aryaka for international SD-WAN service, SD-core
With the objective of shoring up its international networking service, enabling a flexible and highly secure network that meets overseas customer needs, Japanese multinational upgrades software-defined wide area network and core Continue Reading
-
News
28 Apr 2022
Manufacturer sues JPMorgan after cyber criminals stole $272m
Manufacturer files lawsuit alleging that US bank failed to inform it of suspicious transaction activity Continue Reading
-
News
28 Apr 2022
Russia plumbs new depths in cyber war on Ukraine
Microsoft details cyber attacks on Ukrainian civilian communications, nuclear safety authorities, and the exploitation of the destruction of Mariupol in a phishing campaign Continue Reading
-
News
27 Apr 2022
Log4Shell, ProxyLogon, ProxyShell among most exploited bugs of 2021
These 15 CVEs were the most commonly exploited last year, and if you haven’t mitigated against them, now is the time Continue Reading
-
News
27 Apr 2022
Leeds Beckett’s ethical hacking platform wins Innovate UK backing
An ethical hacking and cyber education platform developed at Leeds Beckett University has received a major funding boost to help it launch commercially Continue Reading
-
News
27 Apr 2022
BT, Toshiba team on first commercial trial of quantum secured network with EY
Revolutionary computer infrastructure to be used in trial of management consultancy’s aim to connect quantum secure data transmission between its major London offices Continue Reading
-
News
26 Apr 2022
Coralogix makes foray into cyber security with Snowbit
Observability platform supplier Coralogix has set up a cyber security venture and a global security resource centre in India to tap the growth opportunities in the subcontinent Continue Reading
-
News
25 Apr 2022
US mobile network emerges as latest Lapsus$ victim
Lapsus$ extortion gang hit T-Mobile and attempted to perform SIM-swapping attacks and code theft Continue Reading
-
News
25 Apr 2022
Sophos soaks up SOC.OS
Sophos says acquisition of BAE spinout SOC.OS will enhance its managed threat and extended detection and response services Continue Reading
-
News
22 Apr 2022
What’s up with Conti and REvil, and should we be worrying?
New intelligence on some of the world’s most prolific ransomware gangs suggests recent disruption to their activities was like water off a duck’s back Continue Reading
-
News
22 Apr 2022
How Adnovum is leveraging its Swiss roots
Software company Adnovum is leveraging its strengths in identity and access management and its Swiss heritage as it expands into new markets and areas such as zero-trust security Continue Reading
-
News
22 Apr 2022
UAE bolsters cyber security
The United Arab Emirates has successfully improved its security posture amid mounting cyber threats Continue Reading
-
News
21 Apr 2022
Zoom adds new round of cyber security enhancements
Videoconferencing platform Zoom adds multiple third-party security certifications and service enhancements Continue Reading
-
News
21 Apr 2022
Five Eyes in new Russia cyber warning
Latest cross-body alert warns of Russian threat to utilities and other core elements of national infrastructure Continue Reading
-
News
21 Apr 2022
Impact of Lapsus$ attack on Okta less than feared
Okta’s investigation into Lapsus$ breach of its systems via a Sitel workstation has concluded that the impact was significantly less than the maximum potential Continue Reading
-
20 Apr 2022
Check Point seeks to plug cyber security gap
The cyber security software provider is shoring up its sales force and partner ecosystem to address the security needs of small and mid-sized businesses in a region that is highly targeted by threat actors Continue Reading
-
News
20 Apr 2022
AWS fixes vulnerabilities in Log4Shell hot patch
AWS issues fixes for a series of Log4Shell hot patches after they turned out to leave its services vulnerable to further exploitation Continue Reading
-
News
19 Apr 2022
Median threat actor ‘dwell time’ dropped during 2021
Security teams appear to be getting better at detecting attackers within their networks, according to a report Continue Reading
-
News
14 Apr 2022
Zhadnost DDoS botnet deployed against Finland
A coordinated DDoS attack hit two government ministries in Finland at the same time as Ukrainian president Volodymyr Zelensky delivered a virtual address to the Finnish parliament Continue Reading
-
News
14 Apr 2022
Incontroller ICS malware has ‘rare, dangerous’ capabilities, says Mandiant
Mandiant joins a growing chorus of warnings over novel nation state threats to ICS systems Continue Reading
-
News
13 Apr 2022
WatchGuard firewall users urged to patch Cyclops Blink vulnerability
The US authorities have seen fit to add the WatchGuard vulnerability used by Sandworm to build the Cyclops Blink botnet to its list of must-patch vulnerabilities Continue Reading
-
News
13 Apr 2022
Criminals researched hacking TTPs post-breach in ‘messy’ cyber attack
Sophos shares details of a cyber attack that saw attackers hang out in their victim environment for five months while they prepared to sow further mischief Continue Reading
-
News
12 Apr 2022
Sandworm rolls out Industroyer2 malware against Ukraine
A second generation of the Sandworm-linked Industroyer malware has been identified by ESET researchers and Ukraine’s national CERT Continue Reading
-
News
11 Apr 2022
Singapore to start licensing cyber security service providers
Those providing penetration testing and SOC services will need to apply for a licence under a new licensing regime that is expected to safeguard consumer interests and improve service standards Continue Reading
-
News
11 Apr 2022
Open source CMS platform Directus patches XSS bug
A stored cross-site scripting vulnerability in the Directus platform could have enabled malicious actors to gain access to valuable data Continue Reading
-
News
11 Apr 2022
Nordic countries discuss joint cyber defence capability
Nordic countries are in talks to increase their cyber defences in the face of the threat from Russia Continue Reading
-
News
08 Apr 2022
Ukrainian cyber criminal gets five years in jail
A US court has sentenced Denys Iarmak, who worked as a penetration tester for the FIN7 cyber crime group, to a five-year prison sentence Continue Reading
-
News
07 Apr 2022
US shuts down Russia’s Cyclops Blink botnet operation
Operation by US authorities has taken the Russia-attributed Cyclops Blink botnet ‘off the board’ Continue Reading
-
News
05 Apr 2022
Discount retailer The Works hit by cyber attack
A small number of The Works’ bricks-and-mortar stores were forced to close amid a cyber attack of an undisclosed nature Continue Reading
-
Definition
05 Apr 2022
content filtering
Content filtering is a process involving the use of software or hardware to screen and/or restrict access to objectionable email, webpages, executables and other suspicious items. Continue Reading
-
News
04 Apr 2022
How remote browser isolation can mitigate cyber threats
Remote browser isolation can help to mitigate browser-based attacks by separating a user’s browsing activity from the device Continue Reading
-
News
01 Apr 2022
Two teenagers charged with Lapsus$ cyber attacks
City of London Police have charged two teenagers in connection with the Lapsus$ cyber crime spree Continue Reading
-
News
01 Apr 2022
Four moves to ‘checkmate’ critical assets thanks to lax cloud security
Malicious actors can compromise 94% of critical assets within four steps of the initial breach point, according to a report Continue Reading