Security policy and user awareness
-
Feature
19 Nov 2024
Storage technology explained: Ransomware and storage and backup
We look at ransomware attacks, and the importance of good backup practice as well as immutable snapshots, air-gapping, network segmentation, AI anomaly detection and supplier warranties Continue Reading
-
Opinion
19 Nov 2024
Underfunded, under pressure: We must act to support cyber teams
With almost half of cyber pros experiencing more incidents this year, security leaders say their teams are coming under increasing strain. Businesses must be more proactive approach about building a resilient, future-ready workforce Continue Reading
-
News
26 Jun 2020
Coronavirus: Cyber crime landscape evolving as lockdown eases
As some countries begin to gradually ease Covid-19 lockdown measures, cyber criminals’ tactics are changing, but the pandemic remains a tempting lure Continue Reading
-
Opinion
26 Jun 2020
Australian government has failed on cyber security
The federal government’s current approach of allowing each agency to make its own cyber decisions is not working and more needs to be done to hunt down adversaries Continue Reading
-
News
25 Jun 2020
Pub ‘check-in’ apps provoke fresh privacy concerns
With pubs and restaurants required to collect customer data for contact tracing when they reopen, data privacy risks will be heightened Continue Reading
-
News
24 Jun 2020
NCSC catches a million phishes in its nets
The NCSC has racked up a million suspicious email reports from the public just two months after launching a reporting service, but the lucky sender won’t be receiving a grand prize Continue Reading
-
Opinion
24 Jun 2020
Security Think Tank: Securing containers needn’t be taxing
Adopting containers promises great organisational efficiency advantages, but the fast-evolving technology can be problematic for security teams. What do CISOs need to know to safeguard containers? Continue Reading
-
News
24 Jun 2020
EU judges GDPR an overall success, but changes still needed
Two years after its implementation, an EU report says that the GDPR is achieving what it set out to do, with a few reservations Continue Reading
-
News
24 Jun 2020
Brits will sell their personal data for pennies
Surprising findings from an Okta report on digital identity suggest Brits would be willing to part with valuable personal data for a surprisingly low amount Continue Reading
-
Feature
24 Jun 2020
APT groups’ mobile momentum finally faces resistance
State-backed APT groups are increasingly targeting mobile devices as Covid-19 puts the spotlight on remote working infrastructure security. We explore how the industry is fighting back Continue Reading
-
Feature
23 Jun 2020
How to apply zero-trust models to container security
Containers have become a common fixture in software development, but they have resulted in new concerns for security teams. Is zero-trust the answer to tackling them? Continue Reading
-
News
23 Jun 2020
Neurodiversity on the rise among career hackers
More diverse hackers enhance the ability of both traditional and cutting-edge cyber security solutions to find and fix vulnerabilities, according to a new report from Bugcrowd Continue Reading
-
News
23 Jun 2020
Flash-based MacOS malware hides in plain sight
By masquerading as a legitimate Adobe web application, the new malware strains can trick Mac users into bypassing their on-board defences Continue Reading
-
News
23 Jun 2020
Concern over digital risk falls dramatically during pandemic
Brits are understandably more worried about the NHS than personal cyber security Continue Reading
-
News
21 Jun 2020
APAC still hotbed for cyber attacks
Individuals and organisations in APAC are encountering malware more frequently than the rest of the world, study finds Continue Reading
-
E-Zine
18 Jun 2020
CW APAC: Trend Watch – data protection
Asia-Pacific organisations see the importance of having good data protection practices, even as they are still grappling with organisational and operational challenges. In this handbook, Computer Weekly looks at the different levels of preparedness across the region and what firms can do to plug any gaps. Continue Reading
-
News
18 Jun 2020
Cisco patches dangerous Webex vulnerability
CVE-2020-3347 bug enables cyber criminals to steal meeting records from within Cisco’s Webex service Continue Reading
-
News
18 Jun 2020
Check Point uncovers targeted Microsoft Office 365 phishing campaign
Organised criminal campaign exploited Adobe, Oxford University and Samsung web domains to trick users into giving up their passwords Continue Reading
-
News
18 Jun 2020
Zoom U-turns on end-to-end encryption
Embattled video-conferencing provider Zoom backtracks on previous refusals to provide end-to-end encryption to free users Continue Reading
-
Blog Post
17 Jun 2020
Help secure the top UK entry point for cyberfraud
“NHS” is the UK’s most trusted brand. Until recently it was one of the least protected/secure. There have been significant improvements but, as a result of Covid, impersonating the NHS now comes ... Continue Reading
-
News
17 Jun 2020
Coronavirus: 50% of security pros had no pandemic contingency plan
A survey of security professionals conducted on behalf of Bitdefender reveals the lack of forward planning for events such as the Covid-19 coronavirus pandemic Continue Reading
-
News
16 Jun 2020
UK-US data deal puts Brexit data adequacy pact at risk
European Data Protection Board writes to MEPs saying the UK is at risk of failing to strike a post-Brexit data adequacy accord if its data protection agreements with the US don’t strike the right note Continue Reading
-
News
16 Jun 2020
Activists call on Zoom to implement encryption for all
A coalition of tech organisations and nonprofits have urged Zoom CEO Eric Yuan to make end-to-end encryption available to all users Continue Reading
-
News
15 Jun 2020
Banking trojans roar back to prominence in May
Check Point sees an upswing in malicious activity around a number of classic banking trojan malware variants Continue Reading
-
News
15 Jun 2020
Accessories store Claire’s hit by Magecart credit card fraudsters
Attackers gained access to retailer’s website as long ago as March Continue Reading
-
News
12 Jun 2020
NHS email service users ensnared in phishing attack
More than 100 accounts on the NHSmail service were affected by attack, but health service says no patient data was accessed Continue Reading
-
News
12 Jun 2020
Fake contact-tracing apps delivering banking trojans
Spoof government coronavirus apps are popping up all over the world, says the Anomali Threat Research team Continue Reading
-
News
12 Jun 2020
100,000 cheap wireless cameras vulnerable to hacking
Active devices built by Chinese firm HiChip have been sold in the UK as webcams and connected baby monitors Continue Reading
-
News
11 Jun 2020
Coronavirus: Bungled British response leads to rise in security risks
Covid-19 cyber security threats are evolving over the course of the pandemic, becoming more targeted to virus hotspots such as the UK Continue Reading
-
Opinion
11 Jun 2020
Security Think Tank: Container security starts with good DevOps practice
Adopting containers promises great organisational efficiency advantages, but the fast-evolving technology can be problematic for security teams. What do CISOs need to know to safeguard containers? Continue Reading
-
News
10 Jun 2020
Decade-old vulnerability among 129 Patch Tuesday fixes
A 10 year-old bug in Windows Group Policies could easily enable attackers to gain highly privileged user status on target systems, opening the doors to a wave of cyber attacks Continue Reading
-
Opinion
10 Jun 2020
Security Think Tank: Container security is evolving, so must CISOs
Adopting containers promises great organisational efficiency advantages, but the fast-evolving technology can be problematic for security teams. What do CISOs need to know to safeguard containers? Continue Reading
-
Feature
10 Jun 2020
Coronavirus: How to go back to the office safely and securely
Security teams should be used to supporting remote workers effectively by now, but what’s going to happen when people start returning to their offices? We look at the risks and how to address them. Continue Reading
-
News
10 Jun 2020
Nasty surprises lurking in furloughed employees’ inboxes
Research conducted by KnowBe4 points to a looming email security problem as furloughed employees head back to work Continue Reading
-
News
10 Jun 2020
CaixaBank introduces facial recognition ATMs
Spanish bank broadens its use of facial recognition technology on cash machines Continue Reading
-
News
10 Jun 2020
How Australian firms can defend against supply chain attacks
Supply chain security risks can wreak havoc if measures are not taken to deter cyber attackers from exploiting a supplier’s security gaps to target another firm Continue Reading
-
News
09 Jun 2020
Cyber security needs more women role models, says report
A report compiled by security assurance organisation Crest highlights the progress made on gender diversity in cyber security, and offers pointers for next steps Continue Reading
-
News
09 Jun 2020
Poorly-secured AWS buckets used to launch Magecart attacks
Cyber criminals are exploiting misconfigured AWS S3 buckets to run credit card fraud and malvertising campaigns, according to new data Continue Reading
-
E-Zine
09 Jun 2020
How retailers are staying connected during their coronavirus shutdown
In this week’s Computer Weekly, we look at how the hard-hit retail sector has turned to technology to stay connected with staff during the coronavirus lockdown. Our latest buyer’s guide examines best practice in data quality and how to avoid “garbage in garbage out” syndrome. And we look at how remote working affects software development teams. Read the issue now. Continue Reading
-
Blog Post
07 Jun 2020
Tackling the Covid Cyberfraud Pandemic
The Covid-19 lockdown has led to an explosion of fraud and abuse, both on-line and in the "real" world. Before Test and Trace is fully operational it is already being spoofed . The problems are ... Continue Reading
-
News
05 Jun 2020
Police chiefs working with Public Health England on contact-tracing security
Police force representatives are in talks with Public Health England over operational security concerns arising from the NHS Test and Trace coronavirus contact-tracing scheme Continue Reading
-
News
04 Jun 2020
Small businesses failing on remote worker protection
Only one-third of people working for small businesses have received any guidance from their employers on how to secure their remote working set-up Continue Reading
-
News
04 Jun 2020
Black Lives Matter activists targeted by cyber attacks
Civil liberties organisations are being targeted by far-right trolls as protests over the murder of George Floyd spread worldwide Continue Reading
-
News
04 Jun 2020
Coronavirus: Cyber criminals target laid-off workers
Malicious actors are targeting workers laid-off or furloughed during the coronavirus pandemic Continue Reading
-
Opinion
04 Jun 2020
Security Think Tank: Four steps to container security best practice
Adopting containers promises great organisational efficiency advantages, but the fast-evolving technology can be problematic for security teams. What do CISOs need to know to safeguard containers? Continue Reading
-
Opinion
04 Jun 2020
Why trust is the new currency
Businesses need to engender trust with customers amid the complexity of digital transactions involving multiple third parties, even as consumers are not fully cognizant of the importance of data privacy Continue Reading
-
News
03 Jun 2020
Sodinokibi data auctions highlight changing criminal tactics
The operators of the Sodinokibi ransomware strain are auctioning off swathes of stolen data in an apparent bid to raise cash. What is motivating this new tactic? Continue Reading
-
News
03 Jun 2020
Security procurement framework goes live for NHS and public sector
Cyber Security Services Framework, developed by NHS Shared Business Services, has formally launched Continue Reading
-
News
03 Jun 2020
Infosec 2020: Covid-19 an opportunity to change security thinking
The annual Infosecurity Europe is being held virtually this year, and speakers at an online panel session have been considering the impact of the pandemic on security awareness Continue Reading
-
Opinion
02 Jun 2020
A view from the SOC: Maintaining security capabilities during the pandemic
What are the challenges of maintaining security event and incident detection capabilities in these challenging times? Continue Reading
-
News
02 Jun 2020
VMware vulnerability leaves private clouds open to takeover
Ethical hackers from Citadelo uncovered a vulnerability in VMware Cloud Director that left private cloud owners open to takeover Continue Reading
-
E-Zine
02 Jun 2020
What will be the IT security priorities of the post-coronavirus world?
In this week’s Computer Weekly, with the working world after the pandemic set to be very different, we assess the IT security priorities for the ‘new normal’. Facial recognition firms are racing to identify people wearing face masks. And how did Europe’s telecoms networks cope with the switch to remote working? Read the issue now. Continue Reading
-
News
01 Jun 2020
WikiLeaks founder Julian Assange misses court hearing due to respiratory problems
The WikiLeaks founder is expected to call 21 witnesses during a three-week extradition hearing in September Continue Reading
-
News
01 Jun 2020
How managed threat hunting helps bust malicious insiders
Managed threat hunting services can help take some of the pressure off security operations centres and help ensure potential breaches don’t escalate into something far worse. We explore one such case with a happy ending Continue Reading
-
News
29 May 2020
Singapore’s contact-tracing app tops privacy study
Singapore’s TraceTogether is least intrusive in terms of privacy communications compared with similar apps in the region, study finds Continue Reading
-
Opinion
29 May 2020
Security Think Tank: CISO stress – moving from recognition to action
Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security professionals manage their increased workload, safeguard their mental well-being and avoid burnout? Continue Reading
-
News
28 May 2020
Public Health England to keep contact-tracing data for 20 years
PHE will retain the data it collects via the NHS Test and Trace programme for 20 years Continue Reading
-
Opinion
27 May 2020
Australia is painting a big red cyber target on its critical infrastructure
Australia’s critical infrastructure is particularly vulnerable to cyber attacks right now because of years of under-investment in cyber security and ageing legacy systems Continue Reading
-
Feature
27 May 2020
GDPR at two: How far we’ve come, how far we still have to go
Marking two years of the General Data Protection Regulation, industry voices weigh in on the state of data protection and privacy, consider what has changed, and what still needs to change Continue Reading
-
News
27 May 2020
Enterprise clouds hammered by cyber attacks during pandemic
Remote workers logging onto enterprise cloud service accounts are an easy access point for attackers, says McAfee Continue Reading
-
News
27 May 2020
Fears contact-tracing app will open the floodgates for cyber criminals
Study of UK consumers reveals worries over an uptick in cyber crime and a lack of trust in government Continue Reading
-
News
26 May 2020
StrandHogg mobile vulnerability has evil twin
Variant of the dangerous StrandHogg vulnerability affecting Android phones could allow hackers to access almost all apps on a target device Continue Reading
-
News
26 May 2020
Android security vulnerabilities differ by country, say researchers
Manufacturers of Android devices including Huawei, Samsung and Xiaomi shipped devices with different levels of security in different regions, leaving their users exposed to attack Continue Reading
-
News
26 May 2020
The Security Interviews: Temper tantrums ahead as GDPR enters its terrible twos?
On the General Data Protection Regulation’s second birthday, Tim Hickman, a data protection lawyer and partner at White & Case LLP, discusses the regulation’s teething troubles and assesses how best to maintain optimum compliance Continue Reading
-
E-Zine
26 May 2020
Can Lady Gaga and Madonna get people to take IT security seriously?
In this week’s Computer Weekly, after hackers threatened to release data from a US law firm’s celebrity clients, will people finally take cyber security seriously? Designing software for older users makes systems better for all – we examine how. And the IT chief at TSB explains how the bank recovered from its 2018 IT disaster. Read the issue now. Continue Reading
-
News
25 May 2020
Coronavirus: Australia calls for stronger defences amid cyber attacks
The Australian Cyber Security Centre offers guidance for critical infrastructure operators to guard against cyber attacks which have already hit the healthcare sector Continue Reading
-
Opinion
22 May 2020
How effective security training goes deeper than ‘awareness’
Cyber criminals are constantly developing their techniques and strategies, so security training needs to do the same Continue Reading
-
News
22 May 2020
Covid-19 will leave organisations exposed to higher cyber risks
Hacking attacks and phishing emails could become the new norm, according to research by the World Economic Forum Continue Reading
-
Opinion
22 May 2020
Identification and access management: some possible futures
Learn about how we might be using our heartbeats, brainwaves and eye movements to unlock our mobiles in the future Continue Reading
-
News
20 May 2020
Serco exposes contact tracers’ data in email error
Error saw almost 300 coronavirus contact tracers’ email addresses made visible to other recipients of the message Continue Reading
-
News
20 May 2020
Personal devices putting Singapore employers at risk
More than half of Singapore respondents to a CrowdStrike-commissioned survey believe their devices are only somewhat secure against advanced cyber threats Continue Reading
-
News
19 May 2020
Cancelled NCSC CyberUK event gets green light for 2021
The NCSC’s popular CyberUK event has been rescheduled to next year, and will again take place in Newport in south Wales Continue Reading
-
News
19 May 2020
GDPR wholly inappropriate to govern contact-tracing data
Human Rights Committee Chair Harriet Harman says current data protection law is not up to the job of governing the data collected by the Covid-19 contact-tracing app Continue Reading
-
News
19 May 2020
Nine million EasyJet customer details lost in data breach
Cyber attack on EasyJet’s systems originated from a highly sophisticated source, says the airline Continue Reading
-
Blog Post
19 May 2020
Blue tooth, not privacy, is the problem with NHSX
He would never enable Bluetooth on a mobile phone because of its inherent security problems. It is unclear how many of these have been fixed with the latest releases. But some are unlikely to be ... Continue Reading
-
News
19 May 2020
Vast majority of cyber attacks are easy to stop, says Verizon
Almost 90% of data breaches are motivated by the prospect of financial gain, but cyber criminals have clearly defined breach pathways, giving the good guys an advantage if they care to use it Continue Reading
-
News
14 May 2020
Venafi buys cloud protection service Jetstack
Jetstack specialises in open source machine identity protection software for Kubernetes and cloud native ecosystems Continue Reading
-
News
14 May 2020
China targeting Covid-19 researchers through IT suppliers, claims US
The US CISA says it is seeing targeting and attempted network compromise of Covid-19 research centres by China Continue Reading
-
News
14 May 2020
UK’s contact-tracing app targeted by scammers
Even though it is only operational on the Isle of Wight as a beta test, the UK government’s coronavirus contact-tracing app has already attracted the attention of cyber criminals Continue Reading
-
News
13 May 2020
Report reveals inadequate cyber security at Schiphol Airport
A report has revealed problems with critical security systems in Amsterdam’s Schiphol Airport Continue Reading
-
Podcast
13 May 2020
Podcast: UK SME planning and compliance for ‘the new normal’
We look at how UK SMEs face a “new normal” following the coronavirus lockdowns and how they can plan for compliance with more remote working and a new data landscape Continue Reading
-
Opinion
13 May 2020
Security Think Tank: Burnt out CISOs are a huge cyber risk
Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security pros manage their increased workload, safeguard their mental wellbeing, and avoid burnout? Continue Reading
-
News
13 May 2020
Nation state APT groups prefer old, unpatched vulnerabilities
The Cybersecurity and Infrastructure Security Agency and the FBI have published details of the most commonly exploited vulnerabilities of recent years, and there are some “classics” on the list Continue Reading
-
News
13 May 2020
Can Lady Gaga and Madonna get people to take security seriously?
What does it take to get people to pay attention to cyber security? A celebrity law firm hack may hold some answers Continue Reading
-
News
12 May 2020
Draft Covid-19 contact tracing legislation proposes formal oversight
Human Rights Committee chair Harriet Harman has outlined a proposed bill to guarantee the security and privacy of data generated by the UK’s Covid-19 contact tracing app Continue Reading
-
News
12 May 2020
MPs take part in first live test of remote voting during Covid-19 debate
MPs will use phones and computers to vote from their homes in a House of Commons debate today in the biggest change in parliamentary procedure for 150 years Continue Reading
-
News
12 May 2020
Pay the ransom and double your recovery costs, report warns
Paying cyber criminals a ransom to recover your data adds over half a million dollars to the cost of organisational recovery, says Sophos Continue Reading
-
Opinion
12 May 2020
Security Think Tank: Create healthy habits to avoid burnout
Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security professionals manage their increased workload, safeguard their mental well-being and avoid burnout? Continue Reading
-
News
12 May 2020
APAC firms still coming to grips with data protection
More governments in Asia are implementing data protection regimes, but challenges such as checkbox compliance and the lack of effective staff training remain Continue Reading
-
Feature
11 May 2020
What are the security priorities for the post-coronavirus world?
The Covid-19 pandemic is forcing massive change across the business world and things may never go back to normal. What does security look like in this new world, and what will buyers be prioritising? Continue Reading
-
News
07 May 2020
SilverTerrier cyber crime group targets Covid-19 key workers
Organisations on the front line in the fight against coronavirus are under attack from Nigeria’s SilverTerrier criminal gang Continue Reading
-
News
07 May 2020
Contact-tracing app fails to protect privacy and human rights
Reassurances over the security and human rights implications of NHSX’s approach to developing its Covid-19 contact-tracing app are insufficient, says the cross-bench Human Rights Committee Continue Reading
-
News
07 May 2020
Next round of Zoom updates targets consumer security
Casual consumer users of Zoom will get additional protections in an update to be released over the long weekend Continue Reading
-
News
07 May 2020
NCSC Covid-19 scam reporting service sees more than 160,000 reports
The general public has taken to the NCSC’s scam reporting service like ducks to water, with thousands of suspicious emails reported to it in just two weeks Continue Reading
-
News
06 May 2020
Criminal justice system is failing cyber crime victims
Victims of cyber crime face barriers to reporting, receiving support and achieving justice, says a Home Office-backed study Continue Reading
-
News
06 May 2020
HMRC tackles almost 300 coronavirus phishing websites
Of 292 websites removed since lockdown began on 23 March, 237 were proactively identified by HMRC and 55 were flagged by the public Continue Reading
-
News
06 May 2020
End-users failing to protect themselves online
Remote workers and stuck-at-home consumers are taking silly risks with their security during the coronavirus pandemic, according to a report Continue Reading
-
Opinion
06 May 2020
Security Think Tank: Security teams are key workers and need support
Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security pros manage their increased workload, safeguard their mental wellbeing, and avoid burnout? Continue Reading
-
Feature
05 May 2020
Contact tracing: The privacy vs protection debate
The Covid-19 pandemic has necessitated extreme measures not seen in peacetime for over 100 years. Contact-tracing apps are being developed as a tool for managing the pandemic, but are they a step too far? Continue Reading
-
News
05 May 2020
Coronavirus: NCSC issues urgent alert for healthcare sector
UK National Cyber Security Centre and US Cybersecurity and Infrastructure Security Agency say they are seeing large-scale campaigns targeting healthcare bodies and medical research organisations Continue Reading
-
News
05 May 2020
GoDaddy owns up to October 2019 data breach
Web hosting services provider has suffered yet another security incident, confirming that an unauthorised individual accessed hosting accounts Continue Reading
-
Opinion
05 May 2020
Security Think Tank: Caring for the IT security caretakers
Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security professionals manage their increased workload, safeguard their mental well-being and avoid burnout? Continue Reading