Security policy and user awareness
-
News
19 Dec 2024
LockBit ransomware gang teases February 2025 return
An individual associated with the LockBit ransomware gang has broken cover to tease details of a new phase of the cyber criminal operation's activity, which they claim is set to begin in February 2025 Continue Reading
-
News
19 Dec 2024
Latest attempt to override UK’s outdated hacking law stalls
Amendments to the Data Bill that would have given the UK cyber industry a boost by updating restrictive elements of the Computer Misuse Act have failed to progress beyond a Lords committee Continue Reading
-
E-Zine
26 May 2020
Can Lady Gaga and Madonna get people to take IT security seriously?
In this week’s Computer Weekly, after hackers threatened to release data from a US law firm’s celebrity clients, will people finally take cyber security seriously? Designing software for older users makes systems better for all – we examine how. And the IT chief at TSB explains how the bank recovered from its 2018 IT disaster. Read the issue now. Continue Reading
-
News
25 May 2020
Coronavirus: Australia calls for stronger defences amid cyber attacks
The Australian Cyber Security Centre offers guidance for critical infrastructure operators to guard against cyber attacks which have already hit the healthcare sector Continue Reading
-
Opinion
22 May 2020
How effective security training goes deeper than ‘awareness’
Cyber criminals are constantly developing their techniques and strategies, so security training needs to do the same Continue Reading
-
News
22 May 2020
Covid-19 will leave organisations exposed to higher cyber risks
Hacking attacks and phishing emails could become the new norm, according to research by the World Economic Forum Continue Reading
-
Opinion
22 May 2020
Identification and access management: some possible futures
Learn about how we might be using our heartbeats, brainwaves and eye movements to unlock our mobiles in the future Continue Reading
-
News
20 May 2020
Serco exposes contact tracers’ data in email error
Error saw almost 300 coronavirus contact tracers’ email addresses made visible to other recipients of the message Continue Reading
-
News
20 May 2020
Personal devices putting Singapore employers at risk
More than half of Singapore respondents to a CrowdStrike-commissioned survey believe their devices are only somewhat secure against advanced cyber threats Continue Reading
-
News
19 May 2020
Cancelled NCSC CyberUK event gets green light for 2021
The NCSC’s popular CyberUK event has been rescheduled to next year, and will again take place in Newport in south Wales Continue Reading
-
News
19 May 2020
GDPR wholly inappropriate to govern contact-tracing data
Human Rights Committee Chair Harriet Harman says current data protection law is not up to the job of governing the data collected by the Covid-19 contact-tracing app Continue Reading
-
News
19 May 2020
Nine million EasyJet customer details lost in data breach
Cyber attack on EasyJet’s systems originated from a highly sophisticated source, says the airline Continue Reading
-
Blog Post
19 May 2020
Blue tooth, not privacy, is the problem with NHSX
He would never enable Bluetooth on a mobile phone because of its inherent security problems. It is unclear how many of these have been fixed with the latest releases. But some are unlikely to be ... Continue Reading
-
News
19 May 2020
Vast majority of cyber attacks are easy to stop, says Verizon
Almost 90% of data breaches are motivated by the prospect of financial gain, but cyber criminals have clearly defined breach pathways, giving the good guys an advantage if they care to use it Continue Reading
-
News
14 May 2020
Venafi buys cloud protection service Jetstack
Jetstack specialises in open source machine identity protection software for Kubernetes and cloud native ecosystems Continue Reading
-
News
14 May 2020
China targeting Covid-19 researchers through IT suppliers, claims US
The US CISA says it is seeing targeting and attempted network compromise of Covid-19 research centres by China Continue Reading
-
News
14 May 2020
UK’s contact-tracing app targeted by scammers
Even though it is only operational on the Isle of Wight as a beta test, the UK government’s coronavirus contact-tracing app has already attracted the attention of cyber criminals Continue Reading
-
News
13 May 2020
Report reveals inadequate cyber security at Schiphol Airport
A report has revealed problems with critical security systems in Amsterdam’s Schiphol Airport Continue Reading
-
Podcast
13 May 2020
Podcast: UK SME planning and compliance for ‘the new normal’
We look at how UK SMEs face a “new normal” following the coronavirus lockdowns and how they can plan for compliance with more remote working and a new data landscape Continue Reading
-
Opinion
13 May 2020
Security Think Tank: Burnt out CISOs are a huge cyber risk
Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security pros manage their increased workload, safeguard their mental wellbeing, and avoid burnout? Continue Reading
-
News
13 May 2020
Nation state APT groups prefer old, unpatched vulnerabilities
The Cybersecurity and Infrastructure Security Agency and the FBI have published details of the most commonly exploited vulnerabilities of recent years, and there are some “classics” on the list Continue Reading
-
News
13 May 2020
Can Lady Gaga and Madonna get people to take security seriously?
What does it take to get people to pay attention to cyber security? A celebrity law firm hack may hold some answers Continue Reading
-
News
12 May 2020
Draft Covid-19 contact tracing legislation proposes formal oversight
Human Rights Committee chair Harriet Harman has outlined a proposed bill to guarantee the security and privacy of data generated by the UK’s Covid-19 contact tracing app Continue Reading
-
News
12 May 2020
MPs take part in first live test of remote voting during Covid-19 debate
MPs will use phones and computers to vote from their homes in a House of Commons debate today in the biggest change in parliamentary procedure for 150 years Continue Reading
-
News
12 May 2020
Pay the ransom and double your recovery costs, report warns
Paying cyber criminals a ransom to recover your data adds over half a million dollars to the cost of organisational recovery, says Sophos Continue Reading
-
Opinion
12 May 2020
Security Think Tank: Create healthy habits to avoid burnout
Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security professionals manage their increased workload, safeguard their mental well-being and avoid burnout? Continue Reading
-
News
12 May 2020
APAC firms still coming to grips with data protection
More governments in Asia are implementing data protection regimes, but challenges such as checkbox compliance and the lack of effective staff training remain Continue Reading
-
Feature
11 May 2020
What are the security priorities for the post-coronavirus world?
The Covid-19 pandemic is forcing massive change across the business world and things may never go back to normal. What does security look like in this new world, and what will buyers be prioritising? Continue Reading
-
News
07 May 2020
SilverTerrier cyber crime group targets Covid-19 key workers
Organisations on the front line in the fight against coronavirus are under attack from Nigeria’s SilverTerrier criminal gang Continue Reading
-
News
07 May 2020
Contact-tracing app fails to protect privacy and human rights
Reassurances over the security and human rights implications of NHSX’s approach to developing its Covid-19 contact-tracing app are insufficient, says the cross-bench Human Rights Committee Continue Reading
-
News
07 May 2020
Next round of Zoom updates targets consumer security
Casual consumer users of Zoom will get additional protections in an update to be released over the long weekend Continue Reading
-
News
07 May 2020
NCSC Covid-19 scam reporting service sees more than 160,000 reports
The general public has taken to the NCSC’s scam reporting service like ducks to water, with thousands of suspicious emails reported to it in just two weeks Continue Reading
-
News
06 May 2020
Criminal justice system is failing cyber crime victims
Victims of cyber crime face barriers to reporting, receiving support and achieving justice, says a Home Office-backed study Continue Reading
-
News
06 May 2020
HMRC tackles almost 300 coronavirus phishing websites
Of 292 websites removed since lockdown began on 23 March, 237 were proactively identified by HMRC and 55 were flagged by the public Continue Reading
-
News
06 May 2020
End-users failing to protect themselves online
Remote workers and stuck-at-home consumers are taking silly risks with their security during the coronavirus pandemic, according to a report Continue Reading
-
Opinion
06 May 2020
Security Think Tank: Security teams are key workers and need support
Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security pros manage their increased workload, safeguard their mental wellbeing, and avoid burnout? Continue Reading
-
Feature
05 May 2020
Contact tracing: The privacy vs protection debate
The Covid-19 pandemic has necessitated extreme measures not seen in peacetime for over 100 years. Contact-tracing apps are being developed as a tool for managing the pandemic, but are they a step too far? Continue Reading
-
News
05 May 2020
Coronavirus: NCSC issues urgent alert for healthcare sector
UK National Cyber Security Centre and US Cybersecurity and Infrastructure Security Agency say they are seeing large-scale campaigns targeting healthcare bodies and medical research organisations Continue Reading
-
News
05 May 2020
GoDaddy owns up to October 2019 data breach
Web hosting services provider has suffered yet another security incident, confirming that an unauthorised individual accessed hosting accounts Continue Reading
-
Opinion
05 May 2020
Security Think Tank: Caring for the IT security caretakers
Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security professionals manage their increased workload, safeguard their mental well-being and avoid burnout? Continue Reading
-
Opinion
04 May 2020
Four risks to data privacy and governance amid Covid-19
EY privacy experts assess some of the novel risks to data privacy, protection and governance during the Covid-19 coronavirus pandemic Continue Reading
-
Opinion
04 May 2020
Security Think Tank: CISOs must adapt to fight Covid-19 burnout
Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security pros manage their increased workload, safeguard their mental wellbeing, and avoid burnout? Continue Reading
-
News
04 May 2020
IT Priorities 2020: Compliance and risk are top security concerns
When it comes to security, buyers are prioritising solutions and services that address compliance issues, risk management and data protection, according to the Computer Weekly/TechTarget IT Priorities 2020 study Continue Reading
-
News
01 May 2020
NCSC tackles unconscious bias in security terminology
The terms whitelisting and blacklisting are out at the UK’s National Cyber Security Centre Continue Reading
-
Opinion
01 May 2020
Why you should think before you Zoom
Feel free to use Zoom during the coronavirus lockdown, but think before you discuss anything confidential Continue Reading
-
Opinion
01 May 2020
Security Think Tank: How to manage security team well-being
Cyber criminals are enjoying a boom during the Covid-19 pandemic, and security teams are working overtime as a result. How can security professionals manage their increased workload, safeguard their mental well-being and avoid burnout? Continue Reading
-
News
30 Apr 2020
Cyber security skills courses go online during pandemic
The government is turning to online learning to find the next generation of cyber security talent Continue Reading
-
News
30 Apr 2020
Critical SaltStack vulnerability affects thousands of datacentres
Critical vulnerabilities in the Salt remote task and configuration framework enable hackers to take control of cloud servers and must be patched right away Continue Reading
-
News
30 Apr 2020
Mobile banking customers at risk from new EventBot trojan
Customers of Barclays, HSBC, Santander and many other banks should be alert to a dangerous new trojan Continue Reading
-
Blog Post
30 Apr 2020
Covid-19 is driving need for zero trust security
This is a guest post by Michael Warnock, Australian head of growth for SecureAuth Cyber attackers are turning their attention to identity, raising the security stakes for Australian companies ... Continue Reading
-
News
29 Apr 2020
IMDA to issue 5G spectrum to Singtel and StarHub-M1 venture
Singapore’s telco regulator will award 5G spectrum to major operators whose proposals have exceeded its requirements in some cases Continue Reading
-
News
29 Apr 2020
Coronavirus: Call for extension to European payment security standard deadline
Payment processors across Europe want more time to meet the SCA payment security standard Continue Reading
-
News
28 Apr 2020
Under the spotlight, video apps rush to strengthen security
Most popular videoconferencing applications now meet Mozilla’s minimum security standards, with fierce competition and public pressure driving rapid improvement Continue Reading
-
News
28 Apr 2020
Almost half of security pros being redeployed during pandemic
Close to half of cyber security professionals say they have been taken off some or all of their security duties to focus attention elsewhere during the Covid-19 coronavirus pandemic Continue Reading
-
News
28 Apr 2020
Black Rose Lucy ransomware now posing as FBI porn warning
A new strain of Russian-developed ransomware impersonates US federal law enforcement to force payment, says Check Point Continue Reading
-
Blog Post
27 Apr 2020
When IT met Covid: The World Changed
This the first plague where predictions of its likely local impact reached rulers/politicians/journalists before their subjects/voters/readers starting falling ill and/or dying in large numbers ... ... Continue Reading
-
News
27 Apr 2020
Microsoft patches .gif file vulnerability in Teams
Vulnerability could have enabled cyber criminals to use a malicious .gif file to scrape user data and take over Teams accounts Continue Reading
-
News
24 Apr 2020
The Security Interviews: Can AV go from dodgy scareware to cyber hero?
Alun Baker, CEO of Clario, is on a mission to rehabilitate the image of consumer security products and take the fear out of selling antivirus. We find out how things are changing Continue Reading
-
News
23 Apr 2020
iOS zero-day leaves iPhone users dangerously exposed
Researchers identify dangerous vulnerabilities in Apple’s iOS operating system that allow remote code execution on target devices Continue Reading
-
News
23 Apr 2020
Zoom to roll out fresh cyber security updates
New features include support for advanced AES 256-bit encryption Continue Reading
-
Feature
23 Apr 2020
A carrot-and-stick approach to fixing cyber security complacency
With a majority of IT decision-makers holding the opinion that their employers are complacent when it comes to data protection, we look at what needs to be fixed, and how to fix it Continue Reading
-
News
22 Apr 2020
NCSC overwhelmed by response to coronavirus campaign
The UK’s NCSC has taken down more than 80 malicious web campaigns and received 5,000 reports of suspicious emails within 24 hours of launching reporting service Continue Reading
-
News
22 Apr 2020
Coronavirus: Banking and mobile sectors collaborate to stop text scams
Initiative aims to protect 50 genuine brands and government organisations from being impersonated by cyber criminals Continue Reading
-
News
22 Apr 2020
Coronavirus: Cyber criminals may be changing tactics
Cyber criminals “may soon shift to heavier exploitation of footholds established through phishing and other scams”, warns Cyber Threat Coalition Continue Reading
-
News
21 Apr 2020
Coronavirus: HMRC job retention scheme targeted by cyber criminals
The UK government’s scheme to pay furloughed employees 80% of their wages is being targeted by cyber criminals Continue Reading
-
News
21 Apr 2020
When data protection is not enough
Organisations should take a holistic approach to data protection and cyber security in what the CEO of Acronis deems a “cyber protection” strategy Continue Reading
-
News
20 Apr 2020
NCSC launches coronavirus cyber security campaign
The National Cyber Security Centre has launched a reporting service for scam emails as part of a campaign to help people protect themselves from cyber criminals exploiting the pandemic Continue Reading
-
News
20 Apr 2020
Zoom and WebEx users targeted by credential stealing attempts
Videoconferencing apps such as Zoom and Cisco’s WebEx are being targeted by cyber criminals trying to steal users’ personal data Continue Reading
-
News
20 Apr 2020
Dutch organisations address business email compromise fraud
Public-private partnership in the Netherlands works to break the chains used by fraudsters to carry out BEC attacks Continue Reading
-
News
20 Apr 2020
Australian workers are weakest link in fight against cyber attacks
About four in 10 employees are sharing inappropriate data across mobile devices and half of all security incidents in 2019 occurred through inappropriate IT use, new study finds Continue Reading
-
News
17 Apr 2020
Coronavirus: How Nominet fights back against malicious domains
Domain name registry has thwarted hundreds of attempts to register malicious .uk domain names during the coronavirus pandemic Continue Reading
-
News
17 Apr 2020
Coronavirus: Security certification body puts exams online
Candidates for certification by the International Association of Privacy Professionals will now be able to sit their exams remotely Continue Reading
-
News
16 Apr 2020
Check Point sounds alarm over double extortion ransomware threat
Researchers say double extortion ransomware attacks are likely to increase in frequency, and warn organisations to be on guard Continue Reading
-
News
15 Apr 2020
Coronavirus: ICO temporarily relaxes regulatory approach
The Information Commissioner’s Office sets out a revised approach to its regulatory duties during the Covid-19 coronavirus pandemic Continue Reading
-
News
15 Apr 2020
Coronavirus: Standard Chartered bans employees from Zoom
Standard Chartered is the first bank to have instructed its staff to refrain from using Zoom Continue Reading
-
Feature
15 Apr 2020
Do IT service providers need MSP cybersecurity insurance?
Today's fraught threat landscape puts MSPs and customers at risk. Purchasing liability insurance reassures subscribers while protecting providers in case of a malware incident. Continue Reading
-
News
15 Apr 2020
Coronavirus: Researcher finds security vulnerability in Slack
Some common assumptions about the security of cloud-based messaging platform Slack may not be entirely accurate, says an Alien Labs researcher Continue Reading
-
News
15 Apr 2020
Microsoft patches 19 critical bugs in another heavy Patch Tuesday
The volume of vulnerabilities being uncovered by Microsoft remains high, with more than 100 fixes pushed out in April’s Patch Tuesday Continue Reading
-
Opinion
15 Apr 2020
A legal perspective on data breaches and home working
Legal experts from Fieldfisher share guidance on how to deal with cyber attacks during the coronavirus crisis, and what the ICO expects in terms of notification Continue Reading
-
News
14 Apr 2020
Apple and Netflix most imitated brands in phishing attacks
A new report highlights the brands which are being most frequently spoofed by cyber criminals in phishing attacks Continue Reading
-
News
14 Apr 2020
Coronavirus: Zoom user credentials for sale on dark web
IntSight researchers say they have found a database containing thousands of Zoom usernames and passwords being sold on the dark web Continue Reading
-
News
10 Apr 2020
Coronavirus: Warning over surge in Zoom security incidents
Check Point researchers have observed a surge in suspicious Zoom domains as cyber criminals target popular remote working and collaboration tools Continue Reading
-
News
09 Apr 2020
Coronavirus: Zoom restricted or banned at multiple organisations
Use of videoconferencing tool has been banned at Google and in parts of the German and US governments Continue Reading
-
News
08 Apr 2020
Revealed: Estonia targeted by Russia-linked disinformation deluge
Kremlin-linked threat actors are undermining the government of Estonia and its relationship with the European Union through a concerted disinformation campaign, with wider ramifications Continue Reading
-
News
08 Apr 2020
Despite coronavirus, overall cyber crime volumes hold steady
The UK’s NCSC and the US’s CISA see little change in overall volumes of cyber crime in spite of the coronavirus crisis – for the time being Continue Reading
-
News
08 Apr 2020
Coronavirus: McAfee unearths dark web blood bank
Cyber criminals are selling fake goods and running scams on online marketplaces during the Covid-19 pandemic. Don’t be taken in Continue Reading
-
News
08 Apr 2020
Coronavirus threats ramp up as more hospitals come under attack
The Covid-19 Cyber Threat Coalition finds the majority of security pros have been targeted by cyber criminals exploiting the coronavirus pandemic, and adds to warnings of increased activity targeting the health sector Continue Reading
-
News
07 Apr 2020
Judge refuses to delay Assange's extradition hearing over coronavirus pandemic
District Judge Vanessa Baraitser says extradition proceedings will go ahead against Julian Assange, after his lawyers argued that the coronavirus lockdown means they cannot prepare their defence Continue Reading
-
News
07 Apr 2020
Happy developers write secure code, report claims
DevOps specialist Sonatype claims to have found a direct correlation between satisfied developers and application security hygiene Continue Reading
-
News
07 Apr 2020
Coronavirus: Criminals using Zoom installer to spread cryptominer
Videoconferencing application targeted to deliver cryptomining malware to unsuspecting victims Continue Reading
-
Blog Post
07 Apr 2020
Combatting Covid Fraud: both doorstep and on-line: clarifying the sources of guidance
The UK is apparently the number one target for covid-related on-line fraud but doorstep fraudsters are targeting those who do not go on-line with “testing” and “decontamination” services. Continue Reading
-
News
06 Apr 2020
Two-factor authentication is broken: What comes next?
Two-factor authentication is seen by many as a robust authentication method, but is it really as impervious as it seems? Continue Reading
-
News
06 Apr 2020
Zero-day exploits increasingly commodified, say researchers
The exploitation of zero-day vulnerabilities increasingly demonstrates access to cash, rather than skills Continue Reading
-
Opinion
06 Apr 2020
Security Think Tank: Why and how cyber criminals exploit world events
In our globalised world, high-profile events such as Covid-19 have huge business impacts, some of which may be felt by CISOs. What responsibilities do security professionals have in such circumstances? Continue Reading
-
News
05 Apr 2020
Google data shows high interest in security and remote working
An analysis of the most Googled technology terms during the Covid-19 coronavirus pandemic has highlighted the scale of the cyber security challenge presented by the crisis Continue Reading
-
Blog Post
03 Apr 2020
100,000 Community and Cyber Police volunteers to help handle the Covid aftermath
The proportion of special constables to full time police has fallen over the past 20 years from 16% in 1996 to 9% in 2019. The trend is distorted by the Metropolitan Police where the proportion ... Continue Reading
-
Opinion
03 Apr 2020
Security Think Tank: Continuity planning doesn’t have to be complex
In our globalised world, high-profile events such as Covid-19 have huge business impacts, some of which may be felt by CISOs. What responsibilities do security professionals have in such circumstances? Continue Reading
-
News
02 Apr 2020
Morrisons appeal success is cold comfort for enterprises
The success of Morrisons’ appeal against judgments that it should be held vicariously liable for an insider data breach will be welcomed by businesses, but may be of limited comfort to them Continue Reading
-
News
02 Apr 2020
Coronavirus: Is Zoom safe and should security teams ban it?
Zoom’s rapid rise to prominence has highlighted a score of security problems with the service. Should CISOs try to steer their organisations away from it, or ban it outright? Continue Reading
-
Podcast
02 Apr 2020
Podcast: Covid-19, compliance risk, remote assessment and training
We talk to Mathieu Gorge, CEO of Vigitrust, about why organisations cannot drop their guard on compliance during the increased risks faced as a result of the coronavirus crisis Continue Reading
-
News
01 Apr 2020
What we can learn from Marriott’s new data breach embarrassment
Marriott International has egg on its face once again following a second data breach in as many years, but there are encouraging signs in its response that suggest it is at least trying to learn from its experiences Continue Reading
-
News
01 Apr 2020
Morrisons not liable for 2014 data breach, says Supreme Court
Court allows supermarket chain’s appeal against judgments holding it liable for a 2014 insider data breach, saying previous rulings misunderstood the concept of vicarious liability Continue Reading