Web application security
-
Feature
08 Nov 2024
What are the security risks of bring your own AI?
The rise of generative AI has led to a plethora of publicly accessible artificial intelligence tools, but what are the risks when external AI tools are used with corporate data? Continue Reading
-
News
25 Oct 2024
Dutch critical infrastructure at risk despite high leadership confidence
Stark paradox in Dutch cyber security landscape has business leaders expressing high confidence in their IT infrastructure as cyber attacks rise Continue Reading
-
News
21 Sep 2022
15-year-old Python bug present in 350,000 open source projects
A Python tarfile vulnerability first disclosed in 2007 still persists to this day, according to analysis from Trellix Continue Reading
By- Alex Scroxton, Security Editor
-
News
16 Sep 2022
Uber suffers major cyber attack
Details are trickling out of an apparent ‘near total’ compromise of ride-sharing service Uber by an alleged teenage hacktivist Continue Reading
By- Alex Scroxton, Security Editor
-
News
14 Sep 2022
Microsoft patches 64 vulnerabilities on September Patch Tuesday
Microsoft drops fixes for five critical vulnerabilities and one zero-day in its latest monthly update Continue Reading
By- Alex Scroxton, Security Editor
-
News
13 Sep 2022
Cloud compromise a doddle for threat actors as victims attest
Two separate studies into the state of public cloud security reveal insight into the ease with which threat actors can compromise vast numbers of targets, and some of the challenges security teams are facing in the cloud Continue Reading
By- Alex Scroxton, Security Editor
-
News
13 Sep 2022
Users warned over Azure Active Directory authentication flaw
Secureworks researchers found what they say is a serious vulnerability in an Azure Active Directory authentication method, but Microsoft says it should not pose a serious risk to users Continue Reading
By- Alex Scroxton, Security Editor
-
News
12 Sep 2022
CISOs should spend on critical apps, cloud, zero-trust, in 2023
Faced with a global recession next year, security buyers should try to direct investment towards technology that protects customer-facing and revenue-generating workloads, say analysts Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
09 Sep 2022
Security Think Tank: Adding trust to AppSec and DevSecOps
When building in trust and assurance into app development through standards, it is critically important not to stifle innovation Continue Reading
By- Rowland Johnson
-
News
08 Sep 2022
Dutch cyber security organisations to join forces
Cyber security organisations in the Netherlands are going to merge into a single central expertise centre and information hub, which all organisations in the country will soon be able to tap into Continue Reading
By- Kim Loohuis
-
Opinion
08 Sep 2022
Security Think Tank: Creating a DevSecOps-friendly cyber strategy
When slowing down is not an option, you need to find a security strategy that is DevSecOps friendly, says Airbus Protect’s Olivier Allaire Continue Reading
By- Olivier Allaire, Airbus Protect
-
News
07 Sep 2022
August ’22 a bumper month for high-impact vulnerabilities
Bugs in products from Apple, Google, Microsoft and VMware dominated the threat landscape in August, says Recorded Future Continue Reading
By- Alex Scroxton, Security Editor
-
News
07 Sep 2022
Prince’s Trust teams with threat management specialist in skills push
Prince’s Trust hopes to address shortfall in cyber professionals and improve diversity in the industry Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
07 Sep 2022
Security Think Tank: The many dimensions of DevSecOps
It is imperative to make our colleagues and customers know that when we talk DevSecOps, we are facing a multiphase challenge that starts at the very beginning of DevOps, and one that never ends Continue Reading
By- Alejandro Bernal
-
Opinion
05 Sep 2022
Security Think Tank: Good procurement practices pave the way to app security
Application security is as much a question of good procurement practice as it is good development practice, says Petra Wenham of the BCS Continue Reading
By -
Opinion
02 Sep 2022
Security Think Tank: Shift left, shift right. What about shift everywhere?
The concepts of shift left and shift right are highly effective in securing the development process, but for those who want to take things that step further there is shift everywhere Continue Reading
By- Paul Holland, Information Security Forum
-
Opinion
01 Sep 2022
Security Think Tank: Effective DevSecOps requires collaboration
Application security and effective DevSecOps can only be achieved through collaboration with the business – the ultimate goal is to make it safer to do business, which requires considering integrated risk management and identity and access management alongside cyber security and application security Continue Reading
By- Andrew Morris, Turnkey Consulting
-
News
31 Aug 2022
Google debuts open source bug bounty programme
Google is calling on hackers to take pot-shots at its open source projects for the first time through a new vulnerability research programme Continue Reading
By- Alex Scroxton, Security Editor
-
News
30 Aug 2022
LastPass breach limited in scale and well-managed, say experts
A breach of LastPass’s developer environment does not seem to have affected users of the password management service, but it may still be time for a credential reset Continue Reading
By- Alex Scroxton, Security Editor
-
News
25 Aug 2022
Millions of Plex users may be at risk in password breach
Up to half of Plex’s 30 million users may have had their personal data stolen by an unknown threat actor Continue Reading
By- Alex Scroxton, Security Editor
-
News
23 Aug 2022
DevSecOps: Software developers lack sufficient security focus
GitLab survey shows developers want to produce high-quality code, but ‘shifting’ security left is hard to achieve Continue Reading
By- Cliff Saran, Managing Editor
-
News
19 Aug 2022
Cozy Bear targets MS 365 environments with new tactics
Cozy Bear, or APT29, is trying out new tricks as it seeks access to its targets’ Microsoft 365 environments Continue Reading
By- Alex Scroxton, Security Editor
-
News
19 Aug 2022
Apple patches two zero-days in macOs, iOS
Mac users should urgently apply new patches addressing vulnerabilities in its desktop and mobile operating systems Continue Reading
By- Alex Scroxton, Security Editor
-
News
18 Aug 2022
Growing MFA use spurs ‘pass-the-cookie’ attacks
The exploitation of stolen session cookies by cyber criminals is once again back on the agenda, thanks to the growing popularity of multifactor authentication tools Continue Reading
By- Alex Scroxton, Security Editor
-
News
12 Aug 2022
Microsoft doles out $13.7m in bug bounties
Microsoft’s Bug Bounty programme has paid a total of $13.7m to more than 300 researchers in almost 50 countries Continue Reading
By- Alex Scroxton, Security Editor
-
News
11 Aug 2022
NHS may take a month to recover from supply chain attack
Ransomware attack victim Advanced warns its NHS customers they could be waiting until early September to fully recover their operations Continue Reading
By- Alex Scroxton, Security Editor
-
News
10 Aug 2022
GitHub targets vulnerable open source components
There are thousands of vulnerabilities in open source code – GitHub aims to help developers see if their projects are impacted Continue Reading
By- Cliff Saran, Managing Editor
-
News
10 Aug 2022
Microsoft fixes two-year-old MSDT vulnerability in August update
August’s Patch Tuesday drop fixes more than 120 CVEs, including another MSDT RCE zero-day that is being actively exploited. Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
05 Aug 2022
The dangers of the UK’s illogical war on encryption
The unintended consequences of the Online Safety Bill will have a dramatic effect on our ability to communicate securely, including in Ukraine, where it is needed most Continue Reading
By- Robin Wilton
-
News
04 Aug 2022
Spyware activity particularly impactful in July
After a quiet June, vulnerability exploitation ramped up in July, with intrusions linked to spyware seeing unusually high volumes of activity, according to a report Continue Reading
By- Alex Scroxton, Security Editor
-
News
28 Jul 2022
NCSC startups scheme turns focus to operational technology, SME security
NCSC for Startups initiative turns its focus to supporting innovation around securing operational technology and addressing the challenges facing small businesses Continue Reading
By- Alex Scroxton, Security Editor
-
News
28 Jul 2022
Cyber criminals pivot away from macros as Microsoft changes bite
As Microsoft resumes blocking macros by default in its Office application suite, reversing a temporary reversal, analysis from Proofpoint suggests the action has had a remarkable effect Continue Reading
By- Alex Scroxton, Security Editor
-
News
27 Jul 2022
Retail software firm PrestaShop warns users about SQL injection attacks
Open source e-commerce platform PrestaShop warns thousands of small retailers that their customers’ credit card details may be at risk of compromise Continue Reading
By- Alex Scroxton, Security Editor
-
News
26 Jul 2022
Ducktail infostealer targets Facebook Business users
Newly uncovered Ducktail operation targets individuals with access to Facebook Business service and tries to steal their accounts Continue Reading
By- Alex Scroxton, Security Editor
-
E-Zine
26 Jul 2022
Inside Russia’s Ukraine information operations
In this week’s Computer Weekly, we get the inside track on Russia’s disinformation operations attempting to spread propaganda and cyber threats about the invasion of Ukraine. Our new buyer’s guide looks at customer and employee experience management. And we assess 10 top Kubernetes backup suppliers. Read the issue now. Continue Reading
-
News
25 Jul 2022
Latest Atlassian Confluence vulnerability raises concerns
CVE-2022-26138 is the second major vulnerability disclosure made for Atlassian’s Confluence collaboration platform in recent months Continue Reading
By- Alex Scroxton, Security Editor
-
News
22 Jul 2022
LinkedIn most impersonated brand in phishing attacks
Social network LinkedIn, along with Microsoft and DHL, are just some of the brands that are most frequently imitated by cyber criminals conducting phishing attacks Continue Reading
By- Alex Scroxton, Security Editor
-
News
21 Jul 2022
Buy ‘plug-n-play’ malware for the price of a pint of beer
Three-quarters of malwares and almost 90% of exploits retail on the dark web for about £8.40 or less, according to a report Continue Reading
By- Alex Scroxton, Security Editor
-
News
20 Jul 2022
(ISC)² expands entry-level cyber programme after UK success
Flush with success from a UK certification programme, reaching 100k in the UK, (ISC)² now wants to provide free security certification to a million people worldwide Continue Reading
By- Alex Scroxton, Security Editor
-
News
20 Jul 2022
Cato aims to bust cyber myths as it extends network protections
Cato Networks is beefing up its platform’s security features with ransomware and data loss protections, and the firm’s security strategy lead Etay Maor is using the occasion – and his unique access to billions of data points from the firm’s network – to explode some cyber myths Continue Reading
By- Alex Scroxton, Security Editor
-
News
15 Jul 2022
Log4Shell on its way to becoming ‘endemic’
US government report concludes that, like Covid, Log4Shell will be with us for a long time to come Continue Reading
By- Alex Scroxton, Security Editor
-
News
13 Jul 2022
Slippery phish wriggles around MFA protections, says Microsoft
Microsoft’s threat researchers share details of a phishing campaign that hit 10,000 organisations, against which standard multifactor authentication provides little defence Continue Reading
By- Alex Scroxton, Security Editor
-
News
13 Jul 2022
Digital break-up kit to help women get out of bad relationships safely
Domestic abuse charity Refuge teams up with Avast to equip women with the knowledge to effectively and safely end a relationship digitally Continue Reading
By- Alex Scroxton, Security Editor
-
News
13 Jul 2022
July Patch Tuesday brings more than 80 fixes, one zero-day
While some admins can put their feet up and let Windows Autopatch do the hard work of updating their Microsoft estates, for the rest of us, the Patch Tuesday bandwagon keeps on keeping on Continue Reading
By- Alex Scroxton, Security Editor
-
News
12 Jul 2022
Microsoft Windows Autopatch now generally available
Microsoft customers with Windows Enterprise E3 and E5 licences can now take full advantage of its new automated patching service Continue Reading
By- Alex Scroxton, Security Editor
-
News
11 Jul 2022
Microsoft VBA macro block will return
Microsoft provides more details about its sudden decision to rollback a landmark security policy, and reassures users it is a temporary measure Continue Reading
By- Alex Scroxton, Security Editor
-
News
08 Jul 2022
Microsoft appears to reverse VBA macro-blocking
Microsoft quietly reverses VBA macro-blocking across its Office portfolio in a move that has left security experts puzzled Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
07 Jul 2022
The evolution of threat modelling as a DevSecOps practice
Threat modelling is becoming ever more integrated into software architecture design. Here, Stephen de Vries of IriusRisk looks at the evolution of the process Continue Reading
By- Stephen de Vries
-
News
06 Jul 2022
Plexal seeks new scaleups for next phase of Cyber Runway
Established security startups looking to grow and scale their operations are being invited to join the next phase of Plexal’s Cyber Runway programme Continue Reading
By- Alex Scroxton, Security Editor
-
E-Zine
05 Jul 2022
How to get the right level of cyber insurance
In this week’s Computer Weekly, we look at how the market for cyber insurance is evolving and how to avoid buying the wrong level of cover. We find out what role hydrogen technologies could play in reducing datacentre carbon emissions. And we hear how a 125-year-old bicycle maker is embracing digital innovation. Read the issue now. Continue Reading
-
News
29 Jun 2022
Romance scammers exploit Ukraine war in cynical campaign
Romance scammers can make easy money exploiting people looking for love, but in this newly observed campaign linked to the Ukraine war they are playing on deeper emotions Continue Reading
By- Alex Scroxton, Security Editor
-
News
28 Jun 2022
Avast uncovers ‘thieves’ kitchen’ of malware-writing teens
Researchers stumble across online community of 11 to 18-year-olds constructing, exchanging and spreading malware Continue Reading
By- Alex Scroxton, Security Editor
-
News
24 Jun 2022
US cyber agency in fresh warning over Log4Shell risk to VMware
Many VMware Horizon and UAG servers remain defenceless against Log4Shell, and organisations continue to fall victim to the vulnerability Continue Reading
By- Alex Scroxton, Security Editor
-
News
24 Jun 2022
Developers grapple with open source software security
Software developers are taking longer to fix vulnerabilities and many do not know about the dependencies of open source software components they are using, study finds Continue Reading
By- Aaron Tan, TechTarget
-
News
23 Jun 2022
SolarWinds unveils new development model to avoid a repeat of Sunburst
SolarWinds has unveiled a new, secure-by-design software development model to protect itself from a repeat of the infamous 2020 cyber attack on its systems, and serve as a blueprint for the industry Continue Reading
By- Alex Scroxton, Security Editor
-
News
16 Jun 2022
Dundee security research centre opens with support from SBRC
An £18m hub at Abertay University in Dundee forms the centrepiece of Scotland’s first security research cluster Continue Reading
By- Alex Scroxton, Security Editor
-
News
16 Jun 2022
Office 365 loophole may give ransomware an easy shot at your files
Researchers at Proofpoint have discovered potentially dangerous Microsoft Office 365 functionality that they believe may give ransomware a clear shot at files stored on SharePoint and OneDrive Continue Reading
By- Alex Scroxton, Security Editor
-
News
15 Jun 2022
Patch Tuesday dogged by concerns over Microsoft vulnerability response
The last Patch Tuesday in its current form is overshadowed by persistent concerns about how Microsoft deals with vulnerability disclosure Continue Reading
By- Alex Scroxton, Security Editor
-
News
14 Jun 2022
MS Azure Synapse vulnerability fixed after six-month slog
Microsoft patched a critical Azure Synapse vulnerability twice, but each time the researcher who discovered it was able to bypass it with ease, leading to a lengthy saga Continue Reading
By- Alex Scroxton, Security Editor
-
News
13 Jun 2022
Qatar bolsters cyber security in preparation for World Cup
With hackers honing their cyber weapons to target the upcoming football World Cup, Qatar is busy developing countermeasures and raising awareness Continue Reading
By- Pat Brans, Pat Brans Associates/Grenoble Ecole de Management
-
News
10 Jun 2022
Commercialising open source
Most software developed today takes advantage of open source, but there are still gaps in understanding what open source means in business Continue Reading
-
News
09 Jun 2022
Cyber researchers step in to fill Patch Tuesday’s shoes
Afraid you’ll miss Patch Tuesday when it’s gone? You’re not alone, but security analysts at Recorded Future are taking action to help the community come to terms with its loss Continue Reading
By- Alex Scroxton, Security Editor
-
News
07 Jun 2022
Software house Mega achieves holistic SaaS security with Synopsys
Mega International, a supplier of IT management software, turned to Synopsys’s Coverity and Black Duck products to reassure both itself and its customers that its software-as-a-service offerings were built to the best possible security standards Continue Reading
By- Alex Scroxton, Security Editor
-
News
31 May 2022
Researchers discover zero-day Microsoft vulnerability in Office
Malicious Word documents have been used to invoke a previously undisclosed vulnerability in Microsoft Office without user interaction through Windows utility functions Continue Reading
By- Sebastian Klovig Skelton, Data & ethics editor
-
Feature
31 May 2022
Attack of the clones: the rise of identity theft on social media
The proliferation of social media has resulted in the rise of identity theft on these platforms, with accounts copied for fraudulent or malicious purposes. What can be done to mitigate it? Continue Reading
-
News
31 May 2022
Singapore doubles down on quantum technology
The city-state is shoring up its quantum talent and quantum device manufacturing capabilities in a bid to advance its knowhow in the emerging technology Continue Reading
By- Aaron Tan, TechTarget
-
News
24 May 2022
Bad bots make up a quarter of APAC’s web traffic
Bots that run automated tasks have been responsible for stealing personal information among other malicious activities in the Asia-Pacific region, study finds Continue Reading
By- Aaron Tan, TechTarget
-
News
23 May 2022
How Ivanti views patch management with a security lens
Bringing development, operations and security teams together will help organisations to improve their visibility of IT assets and vulnerabilities while keeping threat actors at bay Continue Reading
By- Aaron Tan, TechTarget
-
News
19 May 2022
Red teaming will be standard in Dutch governmental organisations by 2025
The Dutch government wants to include the testing of the digital security of systems, processes and people – also known as red teaming – in all of its governmental organisations’ test planning and budgeting by 2025 at the latest Continue Reading
By- Kim Loohuis
-
News
13 May 2022
Open source community sets out path to secure software
A 10-point plan to improve the security and resilience of open source software was presented this week at a summit in the US Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
12 May 2022
Security Think Tank: Your path to understanding attack paths
The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these attack pathways better in order to fight back Continue Reading
-
News
11 May 2022
Emotet has commanding lead on Check Point monthly threat chart
Emotet remains by some margin the most prevalent malware, according to Check Point’s latest monthly statistics Continue Reading
By- Alex Scroxton, Security Editor
-
News
11 May 2022
Microsoft fixes three zero-days on May Patch Tuesday
It’s the second-to-last Patch Tuesday as we know it, and Microsoft has fixed a total of 75 bugs, including three zero-days Continue Reading
By- Alex Scroxton, Security Editor
-
News
10 May 2022
CyberUK 22: NCSC refreshes cloud security guidance
The National Cyber Security Centre is revising its cloud guidance as increasing uptake of potentially vulnerable cloud services puts more organisations at risk of compromise Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
05 May 2022
Security Think Tank: Identify, assess and monitor to understand attack paths
The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to understand these attack pathways better in order to fight back Continue Reading
By- Rob McElvanney
-
Opinion
04 May 2022
Security Think Tank: Defenders must get out ahead of complexity
The modern-day abundance of platforms, apps and IT tools presents malicious actors with a web of interconnection that is easily exploited to move rapidly through the network to compromise critical assets. Security teams need to better understand these attack pathways to fight back Continue Reading
By- Jack Chapman
-
Opinion
03 May 2022
Security Think Tank: Solving for complexity in the network
The modern-day abundance of IT platforms, apps and tools gives the bad guys ample opportunity to move rapidly through the network to hit critical assets. Security teams must understand these attack pathways better in order to fight back Continue Reading
By- Mike Lloyd, RedSeal
-
News
28 Apr 2022
Manufacturer sues JPMorgan after cyber criminals stole $272m
Manufacturer files lawsuit alleging that US bank failed to inform it of suspicious transaction activity Continue Reading
By- Karl Flinders, Chief reporter and senior editor EMEA
-
News
27 Apr 2022
Log4Shell, ProxyLogon, ProxyShell among most exploited bugs of 2021
These 15 CVEs were the most commonly exploited last year, and if you haven’t mitigated against them, now is the time Continue Reading
By- Alex Scroxton, Security Editor
-
News
26 Apr 2022
Emotet tests new tricks to thwart enhanced security
The operators of the Emotet botnet seem to be trying to find a way to get around recent changes made by Microsoft to better protect its users Continue Reading
By- Alex Scroxton, Security Editor
-
Blog Post
22 Apr 2022
Singing the key management blues
We need cryptographic keys, but who is going to manage them? How do you make an obscure topic like cryptographic key management interesting? And can you then persuade people to move this security ... Continue Reading
By- Bryan Betts, Freeform Dynamics
-
News
22 Apr 2022
UAE bolsters cyber security
The United Arab Emirates has successfully improved its security posture amid mounting cyber threats Continue Reading
By- Pat Brans, Pat Brans Associates/Grenoble Ecole de Management
-
News
21 Apr 2022
Zoom adds new round of cyber security enhancements
Videoconferencing platform Zoom adds multiple third-party security certifications and service enhancements Continue Reading
By- Alex Scroxton, Security Editor
-
News
21 Apr 2022
Impact of Lapsus$ attack on Okta less than feared
Okta’s investigation into Lapsus$ breach of its systems via a Sitel workstation has concluded that the impact was significantly less than the maximum potential Continue Reading
By- Alex Scroxton, Security Editor
-
News
20 Apr 2022
AWS fixes vulnerabilities in Log4Shell hot patch
AWS issues fixes for a series of Log4Shell hot patches after they turned out to leave its services vulnerable to further exploitation Continue Reading
By- Alex Scroxton, Security Editor
-
News
13 Apr 2022
Microsoft patches two zero-days, 10 critical bugs
Patch Tuesday is here once again. This month, security teams must fix two privilege escalation zero-days in the Windows Common Log File System Driver and the Windows User Profile Service Continue Reading
By- Alex Scroxton, Security Editor
-
News
12 Apr 2022
Universal IAM policy failings put cloud environments at risk
Almost all organisations lack appropriate IAM policy controls to effectively secure their data in the cloud, according to a damning study Continue Reading
By- Alex Scroxton, Security Editor
-
News
11 Apr 2022
Singapore to start licensing cyber security service providers
Those providing penetration testing and SOC services will need to apply for a licence under a new licensing regime that is expected to safeguard consumer interests and improve service standards Continue Reading
By- Aaron Tan, TechTarget
-
News
11 Apr 2022
Open source CMS platform Directus patches XSS bug
A stored cross-site scripting vulnerability in the Directus platform could have enabled malicious actors to gain access to valuable data Continue Reading
By- Alex Scroxton, Security Editor
-
News
08 Apr 2022
Was Spring4Shell a lot of hot air? No, but...
Find out why Spring4Shell was apparently not as impactful a security problem as many had at first feared, and why it’s on the cyber community as a whole to do better Continue Reading
By- Alex Scroxton, Security Editor
-
News
06 Apr 2022
Denonia malware may be first to target AWS Lambda
The newly discovered Denonia malware appears to be custom designed to target AWS Lambda environments, and may be the first of its kind Continue Reading
By- Alex Scroxton, Security Editor
-
Blog Post
06 Apr 2022
Scoop: Zero Trust Network Access Becomes Your Flexible Friend!
In my last blog, I highlighted the ongoing debate within IT security that is zero trust or, to use the full acronym, ZTNA (Zero Trust Network Access) and that – in theory, at least – it is kind of ... Continue Reading
By- Steve Broadhead, Broadband Testing
-
Definition
05 Apr 2022
content filtering
Content filtering is a process involving the use of software or hardware to screen and/or restrict access to objectionable email, webpages, executables and other suspicious items. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
- Andrew Zola
-
News
04 Apr 2022
How remote browser isolation can mitigate cyber threats
Remote browser isolation can help to mitigate browser-based attacks by separating a user’s browsing activity from the device Continue Reading
By- Aaron Tan, TechTarget
-
News
31 Mar 2022
Spring4Shell zero-day sprung on security teams
Some are describing a newly disclosed Spring Java framework vulnerability as the next Log4Shell, but what is Spring4Shell, and what can we do about it? Continue Reading
By- Alex Scroxton, Security Editor
-
News
30 Mar 2022
Australia to spend A$9.9bn on intelligence and cyber capabilities
The Morrison government is investing in a landmark package of measures to shore up the intelligence and cyber security capabilities of the Australian Signals Directorate Continue Reading
-
News
29 Mar 2022
Wave of Log4j-linked attacks targeting VMware Horizon
Sophos issues a new warning to organisations that have so far failed to patch their VMware Horizon servers against Log4Shell Continue Reading
By- Alex Scroxton, Security Editor
-
Blog Post
24 Mar 2022
The Importance of CASB And Its Limitations
It’s been over two years since I introduced the Gartner-defined SASE (“sassy”) to my CW readers – in that time the world has changed somewhat, but the requirement for an intensified, integrated ... Continue Reading
By- Steve Broadhead, Broadband Testing
-
News
17 Mar 2022
Kaspersky CEO: Ukraine war must end through diplomacy
Eugene Kaspersky speaks out on the war in Ukraine, and rebuffs Germany’s BSI, branding its warnings over his company’s trustworthiness as insulting Continue Reading
By- Alex Scroxton, Security Editor
-
News
16 Mar 2022
Kubernetes vulnerability underscores repeated security warnings
The disclosure of a new vulnerability in an important container runtime engine that underpins Kubernetes has drawn fresh warnings to pay attention to securing Kubernetes environments Continue Reading
By- Alex Scroxton, Security Editor
-
News
10 Mar 2022
Tech brands sign on to HackerOne responsible security drive
Tech companies sign HackerOne’s new corporate security responsibility pledge to bring cyber out of the shadows and promote effective, secure development practices Continue Reading
By- Alex Scroxton, Security Editor
-
News
10 Mar 2022
Government to force tech firms to stop fraudsters using their platforms for scams
Changes to legislation will make social media and search engine firms responsible for preventing fraudsters using their platforms to commit crimes Continue Reading
By- Karl Flinders, Chief reporter and senior editor EMEA