Hackers and cybercrime prevention
-
Opinion
23 Apr 2024
Security Think Tank: Cyber sector, you have failed this community
In the wake of renewed calls for lawmakers to consider enacting legal bans on ransomware payments, the Computer Weekly Security Think Tank weighs in to share their thoughts on how to tackle the scourge for good. Continue Reading
-
News
23 Apr 2024
GooseEgg proves golden for Fancy Bear, says Microsoft
Microsoft’s threat researchers have uncovered GooseEgg, a never-before-seen tool being used by Forest Blizzard, or Fancy Bear, in conjunction with vulnerabilities in Windows Print Spooler Continue Reading
-
News
18 Apr 2024
International police operation infiltrates LabHost phishing website used by thousands of criminals
The Metropolitan Police working with international police forces have shut down LabHost, a phishing-as-a-service website that has claimed 70,000 victims in the UK Continue Reading
-
News
18 Apr 2024
CSA warns of emerging security risks with cloud and AI
Few users appreciate the security risks of cloud and have the expertise to implement the complex security controls, says CSA chief executive David Koh Continue Reading
-
Opinion
18 Apr 2024
Security Think Tank: Approaches to ransomware need a course correction
In the wake of renewed calls for lawmakers to consider enacting legal bans on ransomware payments, the Computer Weekly Security Think Tank weighs in to share their thoughts on how to tackle the scourge for good. Continue Reading
-
News
17 Apr 2024
Mandiant formally pins Sandworm cyber attacks on APT44 group
Mandiant has formally attributed a long-running campaign of cyber attacks by a Russian state actor known as Sandworm to a newly designated advanced persistent threat group to be called APT44 Continue Reading
-
News
16 Apr 2024
US provides assurances over extradition of WikiLeaks founder Julian Assange
Extradition of the WikiLeaks founder moves a step closer after the US government gives diplomatic assurances over his treatment in the US. Assange supporters accuse the US of ‘weasel words’ Continue Reading
-
News
16 Apr 2024
CISOs not yet convinced to invest in AI
CISOs say their eyes are fixed firmly on threats like ransomware and supply chain attacks, and while AI is becoming a threat that needs to be dealt with, it’s not yet an immediate spending priority Continue Reading
-
News
16 Apr 2024
CW Innovation Awards: Balancing security and user experience
The National University of Singapore’s Safe initiative has strengthened the security of IT systems and end-user devices while prioritising user experience through passwordless access Continue Reading
-
Opinion
16 Apr 2024
2024 election security: Confronting disinformation and deepfakes
Although disinformation and deepfakes are a threat to electoral integrity, we already have ways to counter emerging threats and there is an opportunity is to adapt and scale these approaches to counter the challenge to democracy, writes Saj Huq. Continue Reading
-
News
16 Apr 2024
Recognising APAC’s trailblazers in digital transformation
DBS Bank and NUS were among the top industry innovators that were lauded for various transformational initiatives at the Computer Weekly Innovation Awards APAC 2024 Continue Reading
-
News
15 Apr 2024
More social engineering attacks on open source projects observed
In the wake of the recent XZ Utils scare, maintainers of another open source project have come forward to say they may have experienced similar social engineering attacks Continue Reading
-
Opinion
15 Apr 2024
Threat actors look to stolen credentials
In 2023, threat actors wrought havoc on corporate networks by logging in through valid accounts, and as bad actors begin investing in AI to help them identify priority targets, this problem is only expected to worsen in the future Continue Reading
-
News
12 Apr 2024
Apple iPhone security alert renews spyware concerns
An Apple security alert received by users in 92 countries raises fresh fears over ongoing campaigns by users of mercenary spyware products Continue Reading
-
News
10 Apr 2024
Cyber crooks poison GitHub search to fool developers
Researchers share data on new technique whereby malicious actors are manipulating GitHub’s search function and using cleverly crafted repositories to distribute malware Continue Reading
-
News
10 Apr 2024
Biden considering whether to end prosecution of WikiLeaks founder Julian Assange
US president Joe Biden says he is considering requests by Australia to end the prosecution of WikiLeaks founder Julian Assange under espionage and computer fraud charges Continue Reading
-
News
09 Apr 2024
UK plc failing on multiple cyber measures
Government report shows 50% of businesses and 32% of charities reported a cyber attack or breach in the past 12 months and organisations across the UK are failing on multiple cyber measures Continue Reading
-
News
09 Apr 2024
Is a cyber arms control treaty out of reach?
The world needs cyber arms control more than ever, but the challenges facing a multilateral agreement will be hard to surmount, according to researchers at Germany’s Digital Society Institute Continue Reading
-
News
08 Apr 2024
UK vet network CVS hit by cyber attack
Operations at UK-based veterinary network CVS have been disrupted by a cyber incident of an as-yet undisclosed nature Continue Reading
-
News
05 Apr 2024
China ramps up use of AI misinformation
Microsoft researchers have identified a growing pattern of AI-laced misinformation and political interference coming from Chinese threat actors Continue Reading
-
News
05 Apr 2024
Europol offers law enforcement agencies data on Europe’s most threatening crime networks
Europol has collected and analysed data from over 40 countries to identify 800 most threatening criminal networks operating in Europe in what it describes as a unique dataset for law enforcemnt Continue Reading
-
News
05 Apr 2024
UKtech50 2024 – help us find the most influential people in UK IT
Computer Weekly’s annual search for the 50 most influential people in UK IT is on – let us know who you would like to nominate for this year's list Continue Reading
-
News
05 Apr 2024
How Oracle Red Bull Racing guards against cyber threats
The F1 team is tapping managed security services, conducting penetration tests and improving security awareness among employees to fend off cyber threats such as phishing and ransomware Continue Reading
-
News
04 Apr 2024
Changes needed for SOCs and CSIRTs, claims Dutch research institute
Cyber security specialists need a game-changer to keep up with their adversaries, who increasingly use automation and AI for their attacks Continue Reading
-
News
04 Apr 2024
Obituary: Professor Ross Anderson, pioneer in security engineering and campaigner
Ross Anderson, a titan in the field of security engineering and campaigner for privacy and security, has passed away Continue Reading
-
Opinion
03 Apr 2024
Security Think Tank: Banning ransomware payments is not so straightforward
In the wake of renewed calls for lawmakers to consider enacting legal bans on ransomware payments, the Computer Weekly Security Think Tank weighs in to share their thoughts on how to tackle the scourge for good. Continue Reading
-
News
03 Apr 2024
RDP abused in over 90% of cyber attacks, Sophos finds
Threat actors continue to see great success using simple, tried and tested methods, and many defenders are failing to do the basics Continue Reading
-
News
03 Apr 2024
Ransomware kill switch may save 99% of files from encryption
MDR specialist Adlumin says its new features will help customers stop in-progress ransomware attacks before they can cause significant damage Continue Reading
-
Opinion
02 Apr 2024
Security Think Tank: How to tackle the scourge of ransomware?
In the wake of renewed calls for lawmakers to consider enacting legal bans on ransomware payments, the Computer Weekly Security Think Tank weighs in to share their thoughts on how to tackle the scourge for good. Continue Reading
-
News
01 Apr 2024
Open source alert over intentionally placed backdoor
A backdoor in the open source XZ Utils data compression library could have led to widespread compromise across the Linux ecosystem - and the community is on the trail of a developer who seems to be behind it Continue Reading
-
Opinion
01 Apr 2024
Security Think Tank: Ransomware lessons from the armed forces
In the wake of renewed calls for lawmakers to consider enacting legal bans on ransomware payments, the Computer Weekly Security Think Tank weighs in to share their thoughts on how to tackle the scourge for good. Continue Reading
-
News
29 Mar 2024
Organisations getting better at spotting identity fraud
As the barriers to committing identity fraud continue to drop, organisations should consider more sophisticated technical measures to successfully up their game, according to a report Continue Reading
-
News
28 Mar 2024
Sellafield to be prosecuted over alleged cyber compliance failure
Sellafield Ltd, the organisation responsible for cleaning up and decommissioning the UK's largest nuclear waste site, is to be prosecuted over alleged cyber security failings dating back to 2019 Continue Reading
-
News
27 Mar 2024
Ransomware gang leaks data stolen from Scottish NHS board
Data stolen from an earlier attack on NHS Dumfries and Galloway has been leaked by a ransomware gang that claims to be in possession of much more content Continue Reading
-
News
27 Mar 2024
Cyber spies, not cyber criminals, behind most zero-day exploitation
Analysis from Google has found that zero-day vulnerabilities are much more heavily exploited for espionage purposes than for financially motivated cyber crime Continue Reading
-
News
26 Mar 2024
Qilin ransomware gang claims cyber attack on the Big Issue
A ransomware attack on the systems of publisher and social enterprise Big Issue Group has been claimed by the Qilin gang Continue Reading
-
News
26 Mar 2024
WikiLeaks founder Julian Assange given temporary reprieve over extradition
Court seeks assurances from the US that Assange will be given First Amendment Rights, will not prejudiced at trial because of his nationality, and will not be subject to the death penalty Continue Reading
-
News
26 Mar 2024
NCSC reaffirms guidance for those at risk of Chinese state hacking
As the UK and US governments announce sanctions and indictments of a Chinese state threat actor, the NCSC has reiterated its security advice for individuals at risk of being targeted for espionage purposes Continue Reading
-
News
26 Mar 2024
US authorities charge seven over Chinese hacking
The US Department of Justice has charged seven Chinese nationals linked to the APT31 threat actor that targeted politicians in the UK and US Continue Reading
-
News
25 Mar 2024
Which? calls for government action on fake banking sites
Amid high volumes of spoofed, fraudulent banking websites, Which? is calling for the government to implement new legal obligations for domain registrars Continue Reading
-
News
25 Mar 2024
Chinese hackers responsible for two ‘malicious’ cyber campaigns against UK
Government sanctions two Chinese nationals and a Chinese company identified as responsible for cyber campaigns against government officials and members of parliament Continue Reading
-
News
25 Mar 2024
Britain’s democracy under threat from Chinese cyber attackers, government warns
The deputy prime minister, Oliver Dowden, is due to tell Parliament that Beijing is behind a hacking attack that obtained details of 40 million UK voters and has targeted parliamentarians who have criticised the regime Continue Reading
-
News
22 Mar 2024
Court finds EncroChat hacked messages admissible as former footballer is jailed
A judge in ‘lead’ EncroChat case found that messages obtained by police from the encrypted phone network can be lawfully used in evidence Continue Reading
-
News
21 Mar 2024
NCSC guidance to help CEOs work through cyber incidents
The NCSC has published in-depth guidance on how business leaders should respond to a cyber attack or data breach. Learn about some of the key steps you will need to follow Continue Reading
-
News
20 Mar 2024
Ukrainians crack network that stole 100m email, social accounts
Three members of an organised cyber criminal group who hacked and appropriated personal email and social media accounts face up to 15 years in prison Continue Reading
-
News
20 Mar 2024
UK’s cyber resilience stagnates as more fall victim to attacks
The government is calling on businesses to ramp up their cyber protections as study shows improvements to resilience are stagnating amid an ever-growing volume of attacks Continue Reading
-
News
19 Mar 2024
Australia’s cyber security spending to grow 11.5% this year
Highly publicised cyber attacks and growing regulatory obligations are keeping security and risk top of mind for Australian organisations this year, says Gartner Continue Reading
-
News
17 Mar 2024
UK’s AI ambitions pointless while cyber security is still neglected
The UK’s AI ambitions may be at considerable risk without stronger cyber defences across the private and public sectors Continue Reading
-
News
13 Mar 2024
Microsoft AI-powered cyber service to go live in April
After a year being previewed by beta customers, Microsoft’s much vaunted Copilot for Security service is about to go on general release, promising time savings and improved accuracy for hard-pressed security pros Continue Reading
-
News
13 Mar 2024
British Library opens up over ransomware attack to help others
The British Library has opted for full transparency after experiencing a devastating ransomware attack, publishing details of the intrusion, its response and the lessons it has learned Continue Reading
-
News
12 Mar 2024
More DDoS attacks launched against APAC financial firms
The financial sector in Asia-Pacific saw more DDoS attacks in 2023, but no notable impact was reported, according to a report by Akamai and FS-ISAC Continue Reading
-
News
11 Mar 2024
Government not facing up to CNI cyber risks, committee warns
The Joint Committee on the National Security Strategy has accused the government of burying its head in the sand over the cyber threat to UK critical infrastructure Continue Reading
-
Podcast
11 Mar 2024
Podcast: Immutable storage essential against ransomware, but...
...not all immutable storage is created equal. That’s the message from Paul Speciale of Scality, who looks at immutable storage, its variants and what’s needed to secure data Continue Reading
-
News
11 Mar 2024
Dutch organisations vulnerable to deepfake fraud
With the information many employees share on social media, Dutch companies are especially vulnerable to a new form of fraud Continue Reading
-
News
06 Mar 2024
Cash-strapped cyber pros go rogue on the dark web
Research conducted by CIISec has turned up worrying evidence of hard-up legitimate cyber professionals offering their services to the cyber criminal underground Continue Reading
-
News
06 Mar 2024
Nation states buying hacking tools from underground Russian cyber forums
State-sponsored hacking groups, posing as hacktivists, are using Russian cyber crime forums to stock up on cyber weapons, says Check Point Software’s threat analyst, Sergey Shykevich Continue Reading
-
News
05 Mar 2024
Rapid7 hits out over botched vulnerability disclosure
Software development firm JetBrains and security specialist Rapid7 fall out over the handling of a critical vulnerability disclosure, while customers are left rushing to patch Continue Reading
-
News
05 Mar 2024
ALPHV/BlackCat gang vanishes amid ransomware ‘turmoil’
Mystery surrounds the apparent disappearance of the ALPHV/BlackCat cyber crime gang amid reports that a prominent US victim paid a $22m ransom Continue Reading
-
News
05 Mar 2024
American Express customers exposed through third-party breach
US card giant warns customers that their personal details may have been exposed after a third party experienced a systems breach Continue Reading
-
News
05 Mar 2024
Banning ransomware payments back on the agenda
The idea of banning ransomware payments to cyber criminals is back on the agenda, with former NCSC chief Ciaran Martin arguing that tougher measures need to be taken Continue Reading
-
News
04 Mar 2024
The Security Interviews: Cyber security is about managing risk effectively
Effective cyber security must lead to cyber resilience – that is, the ability to anticipate, protect against, withstand and recover from any adverse condition, disruption or compromise, as Kyndryl’s security practice leader explains Continue Reading
-
Feature
01 Mar 2024
Ivanti vulnerabilities explained: Everything you need to know
A series of vulnerabilities in Ivanti products have caused concern worldwide. Delve into some of the key issues arising from the Ivanti disclosures, looking at the vulnerabilities and their impact, what affected users should do, and learn about new developments Continue Reading
-
News
01 Mar 2024
Fancy Bear sniffs out Ubiquiti router users
The authorities have warned users of Ubiquiti EdgeRouter products to take remedial action after a number of devices were hijacked into a malicious botnet by a Russian cyber espionage unit Continue Reading
-
News
01 Mar 2024
APAC firms bullish on IT spending
More than half of organisations plan to spend more on key areas such as cyber security, generative AI and cloud in a sign of growing optimism across the region Continue Reading
-
News
29 Feb 2024
Okta doubles down on cyber in wake of high-profile breaches
Okta launches Secure Identity Commitment to shore up its technology in the wake of a damaging breach and elevate best practice around identity Continue Reading
-
News
28 Feb 2024
New version of ALPHV/BlackCat ransomware hits victims
An updated version of the ALPHV/BlackCat ransomware has been spotted in the wild amid a series of attacks on American healthcare providers, prompting a new alert from the authorities Continue Reading
-
News
28 Feb 2024
75% of third-party breaches target software, IT supply chains
Data drawn from SecurityScorecard’s telemetry reveals how supply chain breaches are becoming a weapon of choice for threat actors Continue Reading
-
Feature
28 Feb 2024
Storage technology explained: Ransomware and storage and backup
We look at ransomware attacks, and the importance of good backup practice as well as immutable snapshots, air-gapping, network segmentation, AI anomaly detection and supplier warranties Continue Reading
-
News
27 Feb 2024
Black Basta and Bl00dy ransomware gangs exploiting ConnectWise vulns
More ransomware gangs have been observed exploiting two dangerous vulnerabilities in ConnectWise ScreenConnect software, prompting new warnings for users to get patching Continue Reading
-
News
27 Feb 2024
VulnCheck bug listing to help track new threats quicker
Exploit intelligence firm VulnCheck launches a proprietary Known Exploited Vulnerabilities catalogue in hopes of improving end-user access to intel on emerging threats and reaching those that the likes of CISA do not Continue Reading
-
News
27 Feb 2024
Majority of UK employees ‘willingly gamble’ with security
Human-centric threats originating from employees continue to damage organisations both financially and reputationally, according to a report Continue Reading
-
News
27 Feb 2024
Cozy Bear and other APTs changing tack as cloud adoption increases
A change in APT tactics has been observed resulting from greater adoption of cloud-based services, according to the NCSC Continue Reading
-
News
26 Feb 2024
LockBit bids to save face after NCA takedown
The LockBit gang’s ringleader resurfaces with new infrastructure and new victims, claiming to have shrugged off a multinational police sting Continue Reading
-
News
23 Feb 2024
ConnectWise users see cyber attacks surge, including ransomware
ConnectWise ScreenConnect users who have yet to patch against a critical vulnerability are now being targeted by a barrage of cyber attacks, including ransomware Continue Reading
-
News
23 Feb 2024
NCA trolls under fire LockBit gang leaders
The NCA has teased details of the identity of LockBit's main admin via the gang’s compromised dark web site, and hinted that he has been engaging with law enforcement Continue Reading
-
News
22 Feb 2024
Cyber experts alarmed by ‘trivial’ ConnectWise vulns
The disclosure of two dangerous vulnerabilities in the popular ConnectWise ScreenConnect product is drawing comparisons with major cyber incidents, including the 2021 Kaseya attack Continue Reading
-
News
22 Feb 2024
Inside LockBit: A ransomware gang in decline?
The LockBit ransomware gang was already on the ropes prior to the NCA-led takedown, according to security researchers Continue Reading
-
News
21 Feb 2024
Australian data breach report highlights supply chain risks
The OAIC has called for organisations to proactively address privacy risks from outsourcing personal information handling to third parties Continue Reading
-
News
21 Feb 2024
Assange created a ‘grave and immediate risk’, says US government, as it seeks extradition
Lawyers for the US government hit back at claims that extraditing WikiLeaks founder Julian Assange is politically motivated Continue Reading
-
News
21 Feb 2024
How Indian fintechs can address compliance issues
Fintechs will need to bolster their know-your-customer practices and establish self-regulatory mechanisms, among other measures, to address compliance issues that have come under the spotlight Continue Reading
-
News
20 Feb 2024
LockBit locked out: Cyber community reacts
Reaction to the takedown of the LockBit ransomware gang is enthusiastic, but tempered with the knowledge that cyber criminals are often remarkably resilient Continue Reading
-
News
20 Feb 2024
US extradition of Julian Assange is ‘state retaliation’ for exposing war crimes, court hears
Lawyers argue that the US extradition case against WikiLeaks founder Julian Assange is politically motivated and in is breach of the UK-US extradition treaty Continue Reading
-
News
20 Feb 2024
LockBit gang members arrested in Poland and Ukraine
The UK’s National Crime Agency and its global partners have shared more details on their audacious takedown of the LockBit ransomware operation, including news of two arrests Continue Reading
-
News
20 Feb 2024
Government agrees law to protect confidential journalistic material from state hacking
The government will update Investigatory Powers Act to require secret intelligence agencies to seek independent approval before accessing confidential journalistic material obtained by bulk hacking, but journalists remain vulnerable to other bulk surveillance powers Continue Reading
-
News
19 Feb 2024
Cops take down LockBit ransomware gang
The notorious LockBit ransomware crew has been disrupted in an international law enforcement sting led by the UK's National Crime Agency Continue Reading
-
Opinion
15 Feb 2024
Bouncing back from a cyber attack
Organisations need to move away from victim blaming when cyber attacks on OT systems occur and focus on fostering collaboration between teams to minimise downtime, among other efforts to bounce back and return to business Continue Reading
-
News
15 Feb 2024
WikiLeaks founder Julian Assange faces last appeal against ‘political’ extradition
WikiLeaks founder Julian Assange is seeking leave to appeal against extradition to the US in a case that could have chilling implications for journalists reporting on national security Continue Reading
-
15 Feb 2024
Australia ups ante on cyber security
The country’s new cyber security strategy will focus on building threat-blocking capabilities, protecting critical infrastructure and improving the cyber workforce, among other priorities Continue Reading
-
E-Zine
15 Feb 2024
CW APAC: February to April 2024 – Trend Watch: CIO trends
Organisations have plenty of technologies to keep track of when digitising their operations. In this handbook, focused on CIO trends in the Asia-Pacific region, Computer Weekly looks at IT predictions for 2024, how India’s space missions will propel tech and Australia’s advances in cyber security. Continue Reading
-
News
14 Feb 2024
Microsoft: Nation-state hackers are exploiting ChatGPT
Threat actors from China, Iran, North Korea and Russia have all been probing use cases for generative AI service ChatGPT, but have yet to use such tools in a full-blown cyber attack Continue Reading
-
News
14 Feb 2024
Dutch Supreme Court approves use of EncroChat evidence
Defence lawyers plan appeal to European Court of Human Rights after Supreme Court upholds a conviction based on intercepted messages from the EncroChat encrypted phone network Continue Reading
-
News
14 Feb 2024
Southern Water customer data was taken in ransomware attack
Southern Water has started to contact customers whose data was stolen in a January 2024 ransomware attack on its systems Continue Reading
-
News
14 Feb 2024
Security experts: Investigatory powers plans will delay security updates
Cyber security experts warn that government proposals to amend the Investigatory Powers Act will limit tech companies’ ability to respond to security threats and could hamper the use of end-to-end encryption Continue Reading
-
News
13 Feb 2024
New variants of Qakbot malware under development
Despite its infrastructure having been taken down by the FBI last year, someone appears to be actively working on a new and improved version of the infamous Qakbot malware Continue Reading
-
News
13 Feb 2024
Hunter-killer malware volumes seen surging
Latest Picus Security report on malware tactics, techniques and procedures reveals an increasing focus on disabling security defences Continue Reading
-
E-Zine
13 Feb 2024
Intelligent defence – the role of data in the military
In this week’s Computer Weekly, we examine the role of data in tying together military operations across ground, air, sea and cyber. Has SAP finally convinced customers to migrate to cloud ERP? We assess the trends. And we talk to the CIO helping to set up the UK’s fastest supercomputer. Read the issue now. Continue Reading
-
Opinion
12 Feb 2024
Executives must face down state-sponsored hacking groups targeting firmware
State-backed groups have ratcheted up the pressure for cyber security professionals and executives. But that’s not an excuse to cede them the territory. Continue Reading
-
Feature
12 Feb 2024
Trends driving cyber security in 2024
While cyber security breaches are not going away, emerging threats are driving new and innovative approaches to IT security Continue Reading
-
News
09 Feb 2024
MoD ethical hacking programme expands after initial success
The Ministry of Defence has expanded the scope of its defensive security partnership with HackerOne Continue Reading
-
Definition
09 Feb 2024
cyberterrorism
Cyberterrorism is usually defined as any premeditated, politically motivated attack against information systems, programs, and data that threatens violence or results in violence. Continue Reading
-
News
08 Feb 2024
Executive alleged to be behind EncroChat encrypted phone network arrested
A businessman allegedly behind EncroChat, an encrypted phone network that was used by organised crime groups, has been extradited from the Dominican Republic to France Continue Reading
-
News
07 Feb 2024
NCSC warns CNI operators over ‘living-off-the-land’ attacks
Malicious, state-backed actors may well be lurking in the UK’s most critical networks right now, and their operators may not even know until it is too late, warn the NCSC and its partners Continue Reading