Network security management
-
Feature
08 Nov 2024
Beyond VPNs: The future of secure remote connectivity
As more companies adopt cloud services and remote work, the limitations of VPNs are becoming obvious. We explore what’s next for secure remote connectivity Continue Reading
-
News
01 Nov 2024
CISA looks to global collaboration as fraught US election begins
The US' CISA cyber agency has unveiled a two-year International Strategic Plan to advance collaboration and improve resilience against shared risks and threats Continue Reading
-
Feature
05 Nov 2021
Immutable snapshots aim to neutralise ransomware
Snapshots – usually immutable anyway – get functionality to stop ransomware intruders moving or deleting snapshots, so customers know they have clean copies of data to restore from Continue Reading
-
News
04 Nov 2021
The Netherlands works on resilience with large-scale national cyber exercise
For the Netherlands, the biggest challenge in a large-scale cyber crisis is to maintain speed while exercising due care Continue Reading
-
Opinion
03 Nov 2021
Security Think Tank: SASE – marketing buzz or the future of security?
SASE architectures promise to prevent multiple types of cyber attacks, but deciding whether SASE is right for your organisation will require understanding whether SASE is a fit for your use cases in IT Continue Reading
-
News
03 Nov 2021
BlackMatter ransomware crew shuts down, leaves victims in a bind
The BlackMatter ransomware gang appears to be winding down its activities, possibly due to pressure from law enforcement Continue Reading
-
Opinion
01 Nov 2021
Is SASE mere vendor hype? It’s more nuanced than that
There’s no doubt that SASE is being overhyped, but nevertheless the concept holds value that security teams should not discount, according to PA Consulting analysts Continue Reading
-
Opinion
29 Oct 2021
Changing the rules against cyber attacks
UKRI’s John Goodacre reveals how projects supported by the Digital Security by Design Challenge aim to improve cyber security resilience, beginning with the very fundamentals of computing Continue Reading
-
News
27 Oct 2021
Government commits millions to security investment
Spending Review adds more than £750m of funding to improve cyber security resilience across government Continue Reading
-
News
26 Oct 2021
Cyber experts on how to nobble a Nobelium attack
A recent spate of attempted Nobelium cyber attacks were mostly unsuccessful, but serve as a reminder to pay attention to some more fundamental aspects of security Continue Reading
-
News
21 Oct 2021
Airport operator MAG boosts threat visibility with hybrid SOC
With budget concerns weighing heavy during the pandemic, Manchester Airports Group ditched an impending capex-heavy cyber investment in favour of a hybrid managed/in-house approach. Learn more about its experience Continue Reading
-
News
21 Oct 2021
APAC organisations warm to zero trust
Two-thirds of APAC organisations have a zero-trust strategy even as they grapple with the lack of skills and other organisational challenges, study finds Continue Reading
-
News
20 Oct 2021
US intelligence agencies issue advisory on BlackMatter gang
Joint advisory on ransomware gang warns about potential of further attacks on critical infrastructure providers Continue Reading
-
News
20 Oct 2021
LightBasin hackers breach 13 telcos in two years
Hackers have obtained an undisclosed volume of subscriber information and call metadata in a sustained campaign against telecommunications firms Continue Reading
-
Feature
19 Oct 2021
Back on the office network: What are the risks for mobile users?
Many people are returning to offices and bringing their mobile devices with them. What are the cyber security implications of this? Continue Reading
-
News
18 Oct 2021
How Samlesbury, Lancashire became the home of the National Cyber Force
The National Cyber Force, a new branch of the military, is gearing up to fight battles in cyber space from the fields of Lancashire. Its presence is expected to bring a high-tech renaissance to the region Continue Reading
-
News
18 Oct 2021
DCMS appoints Plexal to drive telecoms diversity strategy
Government chooses UK innovation company to understand and develop the role of SMEs in the telecoms market with particular reference to how to create a diverse market that supports the creation of home-grown, sovereign technology Continue Reading
-
E-Zine
14 Oct 2021
CW APAC, October 2021: Tech Career Guide
Despite marked improvements, tech still faces a diversity problem. In this handbook, focused on cyber security’s gender gap in the Asia-Pacific region, Computer Weekly looks at the mentoring programmes aiming to combat the issue, the career path of IAG’s Elaine Muir, how hacking won Claudean Zheng a job and what else needs to be done to tackle the ongoing gender imbalance Continue Reading
-
News
14 Oct 2021
NHS Digital enhances in-house cyber awareness drive
Keep IT Confidential campaign aims to help NHS staff understand more about security threats and learn how to reduce risk Continue Reading
-
News
13 Oct 2021
Google Cybersecurity Action Team springs into life
Google has announced a new Cybersecurity Action Team, with a mission to support security and digital transformation in governments, critical infrastructure, enterprises and small businesses Continue Reading
-
News
13 Oct 2021
FCA warns over future hybrid working security risks
Earlier this week, the Financial Conduct Authority issued fresh guidance to regulated organisations on keeping hybrid workers safe and secure Continue Reading
-
News
12 Oct 2021
Microsoft thwarts mega-DDoS attack on Azure platform
2.4Tbps DDoS attack on an undisclosed Microsoft Azure customer may have been the largest ever attempted against a single target Continue Reading
-
News
11 Oct 2021
Singapore refreshes cyber security strategy
The city-state updates its national cyber security strategy to shore up the security of critical infrastructure and enterprises while growing its cyber security industry, among other goals Continue Reading
-
News
08 Oct 2021
Fast-moving Ryuk campaign targets healthcare organisations
Newly designated FIN12 gang leverages the work of the cyber criminal ecosystem to conduct lightning-fast ransomware attacks Continue Reading
-
Opinion
07 Oct 2021
Addressing the backup dilemma to ransomware recovery
Everyone knows good backups are essential if one is to recover from a ransomware attack, but using them effectively poses challenges that IT teams need to know about Continue Reading
-
News
07 Oct 2021
Twitch data breach investigations continue
Investigations are ongoing into a 125GB data breach that hit livestreaming platform Twitch, apparently the work of hacktivists Continue Reading
-
News
06 Oct 2021
Israeli Orca to invest in UK cyber scene
Tel Aviv-headquartered Orca Security wants to set up a new R&D centre in the UK Continue Reading
-
Definition
05 Oct 2021
Layer Two Tunneling Protocol (L2TP)
Layer Two Tunneling Protocol (L2TP) is an extension of the Point-to-Point Tunneling Protocol (PPTP) used by an internet service provider (ISP) to enable the operation of a virtual private network (VPN) over the internet. Continue Reading
-
News
05 Oct 2021
Facebook unplugged for six hours due to configuration error
A configuration change effectively disconnected Facebook from the internet, with billions affected by loss of services Continue Reading
-
News
30 Sep 2021
NUS and Thales to develop quantum technologies
The National University of Singapore and Thales have joined hands to test quantum technologies for commercial applications in security and sensing Continue Reading
-
News
28 Sep 2021
How one red team exercise averted a new SolarWinds-style attack
Palo Alto Networks shares details of how its red teamers found and sealed a customer vulnerability that could have led to another SolarWinds-style supply chain attack Continue Reading
-
News
23 Sep 2021
Threat actors target VMware vCenter Server users
Users of VMware vCenter Server are advised to patch a series of vulnerabilities post haste Continue Reading
-
News
16 Sep 2021
Dutch education administrators underestimate threat of cyber crime
Research shows educational establishments in the Netherlands are becoming favoured targets of cyber criminals and administrators are underestimating the risks Continue Reading
-
News
14 Sep 2021
BT advances hollow core fibre research with world’s first trial of quantum-secure comms
Incumbent UK telco announces latest innovations in hollow core fibre by conducting trial of ultra-secure network communications using commercial equipment over a 6km long Lumenisity CoreSmart cable Continue Reading
-
Definition
13 Sep 2021
promiscuous mode
In computer networking, promiscuous mode is a mode of operation, as well as a security, monitoring and administration technique. Continue Reading
-
Definition
13 Sep 2021
deep packet inspection (DPI)
Deep packet inspection (DPI) is an advanced method of examining and managing network traffic. Continue Reading
-
News
09 Sep 2021
Latest Microsoft zero-day being actively exploited
New Microsoft zero-day CVE-2021-40444 affects multiple versions of Windows and is probably being exploited through convincing phishing attacks Continue Reading
-
News
08 Sep 2021
REvil reappearance may herald new ransom campaigns
The re-emergence of the infamous REvil ransomware gang is a likely sign that more high-profile attacks will unfold over the coming weeks Continue Reading
-
News
07 Sep 2021
OT security in APAC remains work in progress
Two operational technology security experts shed light on the state of OT security in the region, and what’s being done to address skills, competency and organisational challenges Continue Reading
-
News
07 Sep 2021
ICO in bid to end cookie pop-ups
Outgoing information commissioner Elizabeth Denham will call on her equivalents across the G7 group of countries to collaborate on an overhaul of cookie consent pop-ups Continue Reading
-
News
06 Sep 2021
How NZ schools are tapping managed network services
Using managed network services has freed up time and resources for New Zealand school teachers and alleviated the pressure and challenges of maintaining technology infrastructure Continue Reading
-
News
02 Sep 2021
Finance firms faced up to £760,000 costs per DNS attack during pandemic
Financial services firms have been the focus of attacks by cyber criminals during the Covid-19 crisis Continue Reading
-
News
01 Sep 2021
Remote workers routinely bypassed security tools during pandemic
New data from Palo Alto Networks reveals that over 25% of UK security leaders saw their employees circumventing or switching off security measures at the height of the pandemic Continue Reading
-
Opinion
27 Aug 2021
Supply chain cyber security is only as strong as the weakest link
A spate of high-profile cyber attacks has highlighted the criticality of supply chain security and put new pressures on security leaders. How can we ensure that cyber security remains robust down the full length of supply chains? Continue Reading
-
Opinion
27 Aug 2021
How the cyber security market is evolving
The cyber security market has gained even greater importance in the post-Covid era and continues to grow and evolve. But what factors are driving trends in that market and what should your organisation consider when making cyber security investments? Continue Reading
-
News
26 Aug 2021
Tech giants commit to Biden's cyber security action plan
Some of the world’s most prominent tech giants have made a series of commitments to enhance the US’ national cyber security posture following a high-profile meeting with president Biden Continue Reading
-
News
24 Aug 2021
Half of MS Exchange servers at risk in ProxyShell debacle
Up to 50% of MS Exchange users in the UK are exposed to three vulnerabilities that are now being actively exploited Continue Reading
-
News
20 Aug 2021
Swedish IT industry braced for China’s response to Huawei 5G ban
Swedish IT and communications equipment suppliers fear economic backlash from China following Huawei ban Continue Reading
-
News
18 Aug 2021
MoD seeks security tech to harden military systems
The Defence and Security Accelerator has launched a programme to root out technology that will reduce the military’s exposure to cyber attacks Continue Reading
-
E-Zine
17 Aug 2021
How to choose between SIEM and SOAR
In this week’s Computer Weekly, our buyer’s guide examines the use of SIEM and SOAR to improve IT security, and asks which you should use, and when? We look at what you need to know about NVMe over Fabrics, the emerging storage networking technology. And we find out how Oracle customers are introducing its Fusion Cloud suite. Read the issue now. Continue Reading
-
News
13 Aug 2021
Cyber Runway programme supports new security businesses
The Cyber Runway programme is a government-backed scheme to support entrepreneurs, startups and scaleups in launching and growing new security businesses Continue Reading
-
News
11 Aug 2021
Microsoft fixes seven critical bugs on light Patch Tuesday
All seven critical vulnerabilities in Microsoft’s August Patch Tuesday were related to remote code execution, and there was one zero-day related to Windows Update Medic Service Continue Reading
-
News
11 Aug 2021
The Netherlands still lacks digital resilience, says report
Report by National Coordinator for Counterterrorism and Security says the Netherlands’ digital resilience has improved, but is still insufficient Continue Reading
-
News
10 Aug 2021
Researchers uncover database with 126 million unsecured records
Business-to-business marketing firm OneMoreLead was storing tens of millions of records in an unsecured database, exposing at least 63 million people to fraud, identify theft and phishing campaigns Continue Reading
-
News
09 Aug 2021
Possible ransomware attack hits Italian vaccine booking system
It is still unclear who is behind the attack that caused Covid-19 vaccine bookings in Lazio, Italy, to grind to a halt, as despite masses of files being encrypted no specific ransom demands have been made for the decryptor Continue Reading
-
News
05 Aug 2021
Nine security flaws found in critical hospital infrastructure
The ‘PwnedPiper’ vulnerabilities identified in systems used by 80% of US hospitals could be used to launch ransomware attacks Continue Reading
-
News
05 Aug 2021
Cloud misconfiguration a growing cause of security incidents
Rapid cloud adoption during the pandemic has increased the attack surface and heightened the risk of misconfiguring services, leaving organisations more vulnerable to cyber attacks Continue Reading
-
News
04 Aug 2021
Six Isle of Wight schools hit by ransomware attack
Authorities are still working to manage the fallout from the attack, which has already forced at least one school to delay the start of the new term in September Continue Reading
-
News
04 Aug 2021
Initial access brokers unaffected by ransomware content bans
Banning ransomware content from cyber crime forums has done little to prevent initial access brokers from advertising their services, with the number of access listings increasing in the second quarter of 2021 Continue Reading
-
News
03 Aug 2021
UK MoD turns to hackers to help secure digital assets
Hackers given direct access to internal Ministry of Defence systems to identify and report security vulnerabilities Continue Reading
-
Definition
02 Aug 2021
FCAPS (fault, configuration, accounting, performance and security)
FCAPS (fault, configuration, accounting, performance and security) is a network management framework created by the International Organization for Standardization (ISO). Continue Reading
-
News
29 Jul 2021
Technical hiccups force Babuk ransomware gang to change tactics
The Babuk ransomware operation backed away from encrypting its victims’ files, and technical difficulties may be to blame, reports McAfee Continue Reading
-
News
28 Jul 2021
Top vulnerabilities target perimeter devices
The most frequently exploited CVEs of the year so far are to be found in perimeter and network access devices, according to a joint advisory from the NCSC and partners Continue Reading
-
Opinion
28 Jul 2021
Security Think Tank: Consider cyber policies and procedures as you welcome employees back
With Covid-19 restrictions easing, offices are welcoming back remote workers this summer, bringing with them their notebooks and mobiles, and creating an endpoint management headache for CISOs. What do security teams need to account for to protect their returning office workers? Continue Reading
-
News
27 Jul 2021
TikTok sets up cyber security hub in Dublin
Dublin-based cyber centre will oversee the security of TikTok’s users across Europe Continue Reading
-
News
27 Jul 2021
How IBM is solving the data privacy problem
IBM’s fully homomorphic encryption technology lets enterprises apply analytics and machine learning to encrypted data without compromising data privacy Continue Reading
-
Definition
26 Jul 2021
network access control (NAC)
Network access control (NAC), also called network admission control, is a method to bolster the security, visibility and access management of a proprietary network. Continue Reading
-
News
26 Jul 2021
No More Ransom initiative saves £850m over five years
Initiative’s free ransomware decryption tools have been used by more than six million people since 2016 Continue Reading
-
Opinion
26 Jul 2021
Government-led innovation can help cyber startups find a market
There are many reasons why early-stage cyber startups often struggle to get off the ground, but government-backed programmes can help them find a path Continue Reading
-
News
25 Jul 2021
Tokyo 2020 hit by data breach
The user names and passwords of Tokyo 2020 ticket holders and event volunteers were reportedly compromised, but government official claims the data leak was not large Continue Reading
-
Definition
22 Jul 2021
SYN scanning
SYN scanning is a tactic that a malicious hacker can use to determine the state of a communications port without establishing a full connection. Continue Reading
-
Feature
21 Jul 2021
Five ways to ensure remote working security and compliance
A mix of on-site and remote working has become a fact of life for many organisations. We look at five key things you should consider to ensure compliance and security Continue Reading
-
Opinion
20 Jul 2021
Sparsely staffed offices: the new post-pandemic cyber gap
With many offices still operating at limited capacity, a red teaming expert reveals how his job is getting easier, and why this is a problem Continue Reading
-
Opinion
20 Jul 2021
The Secret IR Insider’s Diary: It’s all gone quie...
The ‘Q’ word isn’t one that’s really used in incident response, says the Secret IR Insider, largely because as soon as you use it, something happens Continue Reading
-
Opinion
20 Jul 2021
Security Think Tank: A return to the office is not a return to normal
With Covid-19 restrictions easing, offices are welcoming back remote workers this summer, bringing with them their notebooks and mobiles, and creating an endpoint management headache for CISOs. What do security teams need to account for to protect their returning office workers? Continue Reading
-
News
19 Jul 2021
UK, US confirm Chinese state backed MS Exchange Server attacks
UK and US governments, alongside the EU and Nato, have formally attributed the March 2021 Microsoft Exchange Server attacks to Chinese state-backed actors Continue Reading
-
News
19 Jul 2021
Pegasus mobile RAT abused to monitor journalists and activists
Israel-based surveillance specialist NSO Group is facing renewed pressure after it emerged its Pegasus mobile surveillance tool may be being widely abused by repressive regimes Continue Reading
-
News
16 Jul 2021
Legacy SonicWall kit exploited in ransom campaign
Users of older versions of SonicWall Secure Mobile Access 100 and Secure Remote Access products are at risk from a new ransomware campaign Continue Reading
-
E-Zine
15 Jul 2021
CW APAC: Trend Watch on supply chain security
In this handbook, Computer Weekly looks at the rise of supply chain attacks, the challenges that come with zero trust security and attacks on the Covid-19 vaccine supply chain Continue Reading
-
News
15 Jul 2021
Privacy Shield: US surveillance law reforms essential for EU-US data, says EU parliamentary study
EU Committee on Civil Liberties, Justice and Home Affairs study calls for major reforms of US spying laws to enable an EU-US data-sharing agreement to replace Privacy Shield Continue Reading
-
News
15 Jul 2021
Singapore to invest S$50m in ‘digital trust’ capabilities
The Singapore government is pumping in S$50m to bolster research in technologies that will foster digital trust in areas such as privacy protection and identity management Continue Reading
-
News
14 Jul 2021
REvil ransomware crew drops offline, reasons murky
The REvil ransomware operation appears to have gone dark, but claims about its demise are almost certainly exaggerated Continue Reading
-
News
14 Jul 2021
Multiple Microsoft bugs being actively exploited
Microsoft’s July Patch Tuesday update fixes 117 vulnerabilities, 13 rated as critical and four already being actively exploited Continue Reading
-
Definition
13 Jul 2021
passive attack
A passive attack is a network attack in which a system is monitored and sometimes scanned for open ports and vulnerabilities. Continue Reading
-
News
13 Jul 2021
Modipwn vulnerability puts millions of building systems at risk
Authentication bypass vulnerability in a Schneider Electric product could lead to device takeover Continue Reading
-
News
13 Jul 2021
Secureworks sets up in EU datacentre for XDR services
New datacentre location helps Secureworks’ customers meet EU data residency requirements Continue Reading
-
News
12 Jul 2021
Kaseya VSA services coming online after week-long outage
Kaseya has successfully deployed a patch to its ransomware-hit VSA product as per a revised schedule, and customers are beginning to come back online Continue Reading
-
News
12 Jul 2021
NSW department of education hit by cyber attack
Australia’s New South Wales department of education takes some systems offline as a precautionary measure in response to a cyber attack last Thursday Continue Reading
-
News
11 Jul 2021
Ransomware and botnets among top cyber threats in Singapore
The city-state saw more ransomware threats and command-and-control servers hosted out of its highly connected network infrastructure last year, as threat actors capitalised on the pandemic Continue Reading
-
Definition
08 Jul 2021
Snort
Snort is an open source network intrusion detection system (NIDS) created by Sourcefire founder and former CTO Martin Roesch. Continue Reading
-
News
08 Jul 2021
PrintNightmare haunts Microsoft as patch may miss mark
Microsoft dropped an out-of-band patch to fix PrintNightmare, but there are concerns it may not be totally effective. This does not mean it shouldn’t be applied Continue Reading
-
Opinion
08 Jul 2021
Security Think Tank: Reopening is an opportunity to reassess wider security posture
With Covid-19 restrictions easing, offices are welcoming back remote workers this summer, bringing with them their notebooks and mobiles, and creating an endpoint management headache for CISOs. What do security teams need to account for to protect their returning office workers? Continue Reading
-
News
07 Jul 2021
Opportunists seen targeting Kaseya REvil victims
Malwarebytes researchers highlight new spam campaign targeting businesses impacted by the ongoing Kaseya REvil ransomware incident Continue Reading
-
News
06 Jul 2021
BA reaches settlement in data breach group action
A group action against BA following its 2018 data breach has been successfully settled Continue Reading
-
Opinion
06 Jul 2021
Security Think Tank: Returning workers to the office: Is your security posture up to date?
With Covid-19 restrictions easing, offices are welcoming back remote workers this summer, bringing with them their notebooks and mobiles, and creating an endpoint management headache for CISOs. What do security teams need to account for to protect their returning office workers? Continue Reading
-
05 Jul 2021
Buying a VPN? Here’s what you need to know
VPNs are an effective cyber security tool for businesses and remote workers, but there are many things to consider before purchasing and implementing one. We explore some of these Continue Reading
-
Opinion
05 Jul 2021
Going back to office networks, only to dismantle them once and for all
With Covid-19 restrictions easing, offices are welcoming back remote workers this summer, bringing with them their notebooks and mobiles, and creating an endpoint management headache for CISOs. What do security teams need to account for to protect their returning office workers? Continue Reading
-
News
02 Jul 2021
Cyber attackers up the ante on embattled IT teams
Opportunistic threat actors are pouncing on embattled IT teams that are under pressure to expand remote work arrangements Continue Reading
-
News
01 Jul 2021
US Cybersecurity and Infrastructure Security Agency launches ransomware assessment tool
Newly launched service will help US organisations understand how prepared they are to deal with a ransomware attack Continue Reading
-
News
01 Jul 2021
Cyber espionage campaign targeted central Asian states
The Afghan, Kyrgyz and Uzbek governments are all thought to have been targeted by the same APT Continue Reading
-
News
01 Jul 2021
Nominations open for 2021 Security Serious Unsung Heroes Awards
Nominations are now open for this year’s edition of the Unsung Heroes Awards for cyber professionals and educators Continue Reading
-
News
30 Jun 2021
Cops seize criminal VPN used by ransomware gangs
A coordinated sting has ended the operations of the DoubleVPN service, the owners of which are accused of harbouring cyber criminal activity Continue Reading