News

Application security and coding requirements

• February 26, 2020 26 Feb'20

  Fake CDNs obscuring credit card fraudsters

  Fake content delivery networks and ngrok servers are being pressed into service to obscure credit card skimming activities

• February 25, 2020 25 Feb'20

  The Security Interviews: Gil Shwed’s 10-year vision for security

  Check Point founder Gil Shwed discusses his new Infinity Next concept and how he plans to remodel the world of cyber security in the next 10 years

• February 24, 2020 24 Feb'20

  WikiLeaks founder Assange ‘put lives at risk’ by disclosing names in leaked documents, court hears

  WikiLeaks founder Julian Assange ‘put lives of US informants at risk’ by publishing unredacted documents, lawyers for the US argued at the first day of a week-long extradition hearing

• February 24, 2020 24 Feb'20

  Open security group unveils common OpenDXL language

  Open Cybersecurity Alliance announces the availability of OpenDXL Ontology, the first open source language for connecting disparate security tools through a common messaging framework

• February 24, 2020 24 Feb'20

  Cisco goes all-in on security integration with SecureX platform

  CISOs are struggling to stitch together disparate cyber security products and services – Cisco believes its cloud-native SecureX platform will change their working lives for the better

• February 21, 2020 21 Feb'20

  Malicious apps still getting past Google controls

  Check Point researchers have found multiple malware-infected apps in the Google Play store, including a clicker called Haken, which has been downloaded more than 50,000 times

• February 19, 2020 19 Feb'20

  Cost of cloud misconfigurations set at $5tn

  Cloud security outfit DivvyCloud says more than 33 billion records have been exposed in cloud misconfiguration incidents in the past 24 months

• February 18, 2020 18 Feb'20

  Girlguiding hosts interactive cyber security workshop

  100 Guides from South West England took part in an NCSC event to learn more about security fundamentals

• February 17, 2020 17 Feb'20

  Ex-soldiers to become ethical hackers

  A new programme will give armed forces veterans in Scotland a grounding in cyber security skills, including penetration testing and ethical hacking

• February 12, 2020 12 Feb'20

  Internet Explorer zero day among 99 Patch Tuesday problems

  After an eventful January Patch Tuesday that marked the end of support for Windows 7, the February 2020 update is another whopper, fixing close to 100 vulnerabilities

• February 11, 2020 11 Feb'20

  Mac-based security threats outpacing Windows

  Security threats targeting Apple endpoints are growing more quickly than those targeting Windows machines, according to Malwarebytes

• February 07, 2020 07 Feb'20

  RobbinHood ransomware tricks Windows into deleting defences

  By subverting kernel memory settings in Windows 7, Windows 8 and Windows 10, the RobbinHood ransomware can now delete cyber security defences from target systems

• February 05, 2020 05 Feb'20

  Web app ubiquity gives cyber criminals new opportunities

  The popularity and ubiquity of web-based apps such as Office 365 and Salesforce is a temptation too good to miss for cyber criminals

• January 30, 2020 30 Jan'20

  NCSC launches study on cyber security diversity

  The UK’s National Cyber Security Centre wants to improve the diversity of the cyber security sector

• January 29, 2020 29 Jan'20

  UK cyber security sector worth more than £8bn

  The UK’s cyber security industry employs 43,000 full-time workers, and contributed nearly £4bn to the UK economy in 2019, according to DCMS

• January 27, 2020 27 Jan'20

  Government tightens law around IoT cyber security

  New legislation developed by DCMS and the NCSC may help guarantee the security and privacy of users of consumer IoT devices

• January 27, 2020 27 Jan'20

  SANS Institute calls on Manchester security pros

  Manchester will play host to a week-long cyber security training event during February

• January 24, 2020 24 Jan'20

  Cyber gangsters publish staff passwords following ‘Sodinokibi’ attack on car parts group Gedia

  Sodinokibi hacking group steps up pressure on German automotive manufacturer by publishing information, including the CEO’s computer password and sensitive details of its IT systems, on the internet

• January 22, 2020 22 Jan'20

  ICO code sets out digital privacy standards for children

  The Information Commissioner’s Office has published its Age Appropriate Design Code, a set of 15 standards that online platforms must meet to protect the privacy of younger users

• January 21, 2020 21 Jan'20

  5G builders test vulnerabilities in Finnish hackathon

  University hackathon puts 5G security to the test as new wireless technology’s roll-out nears

• January 15, 2020 15 Jan'20

  Lorca announces new cohort of 20 security scaleups

  20 scaleups will focus their attention on automation, zero trust and supply chain security

• January 15, 2020 15 Jan'20

  NSA Windows 10 security disclosure raises questions

  In an unprecedented move, the NSA has got out in front of a critical cryptographic flaw in Windows 10, but in doing so has raised multiple questions

• January 15, 2020 15 Jan'20

  Threat landscape grew in complexity in 2019, no respite in sight

  Check Point’s annual state of security report shares some 2019 trends and looks ahead to 2020

• January 14, 2020 14 Jan'20

  Researchers find cryptojacker hiding in Wav audio file

  Victim network was compromised by obfuscated malware hiding a Monero cryptominer, lurking inside a Wav audio file

• January 14, 2020 14 Jan'20

  Turn the end of Windows 7 support into a security advantage

  CISOs can take advantage of the end of support for Microsoft Windows 7 by making the case for more investment in cyber security

• January 08, 2020 08 Jan'20

  TikTok video-sharing app left user data exposed

  Check Point uncovered serious vulnerabilities in the TikTok video-sharing app that left users exposed

• December 24, 2019 24 Dec'19

  Top 10 cyber crime stories of 2019

  Here are Computer Weekly’s top 10 cyber crime stories of 2019

• December 23, 2019 23 Dec'19

  Top 10 cyber security stories of 2019

  Here are Computer Weekly’s top 10 cyber security stories of 2019

• December 20, 2019 20 Dec'19

  Finnish government supports local authorities in cyber security initiative

  The Finnish government has committed resources to a cyber security project aimed at local authorities

• December 17, 2019 17 Dec'19

  Group-IB CEO talks up global threat landscape

  Public attribution of cyber attacks could backfire while a global cyber norms framework won’t emerge until a catastrophic incident occurs, says the head of Singapore-based Group-IB

• December 16, 2019 16 Dec'19

  Barco fixes ClickShare wireless flaw, but users still at risk

  Supplier patches a major vulnerability in its popular ClickShare wireless presentation system with a firmware upgrade, but experts warn that users are not out of the woods yet

• December 13, 2019 13 Dec'19

  Alarm bells ring, the IoT is listening

  With Christmas bearing down on us, a series of vulnerability disclosures has drawn attention to the parlous state of IoT security, and serves as a timely warning to people planning to buy smart devices as gifts

• December 05, 2019 05 Dec'19

  Aviatrix VPN vulnerability left user endpoints wide open

  Immersive Labs has disclosed a serious vulnerability in VPN supplier Aviatrix’s enterprise client that could have granted hackers elevated user privileges across enterprise targets

• December 02, 2019 02 Dec'19

  Top Android apps at risk from StrandHogg vulnerability

  Researchers at Promon say all of the 500 most-downloaded Android apps are at risk from a newly discovered vulnerability

• November 25, 2019 25 Nov'19

  Uber app exploit posed safety risk to passengers

  A flaw in Uber’s system meant thousands of trips in London were taken with unauthorised drivers at the wheel

• November 19, 2019 19 Nov'19

  Macy’s Magecart breach presages Christmas fraud spike

  US retailer Macy’s admits some customer data was accessed by unknown actors during a week-long Magecart attack

• November 14, 2019 14 Nov'19

  Home Office Brexit app contains multiple security flaws

  The Home Office’s Brexit app may be putting EU citizens’ personal data at risk

• November 12, 2019 12 Nov'19

  Nordic SMEs lack the money needed for cyber security

  Businesses and governments in Denmark and Norway are working together to address a cyber security shortfall for SMEs in each country

• November 12, 2019 12 Nov'19

  Shared responsibility model key to solving 5G security problem

  Both buyers and sellers need to cooperate to solve the thorny issues around 5G security

• November 06, 2019 06 Nov'19

  Global security workforce must more than double to meet demand

  There are about 2.8 million cyber security professionals working today, and the world needs four million more

• November 04, 2019 04 Nov'19

  EU patches 20-year-old open source vulnerability

  Ethical hackers taking part in a bug bounty programme on behalf of the European Union have uncovered a 20-year-old vulnerability

• October 23, 2019 23 Oct'19

  Take responsibility for cyber security basics, urges NCSC CEO

  At the launch of its third annual review, NCSC head Ciaran Martin appealed for individuals and businesses to address the fundamentals of cyber security hygiene to help lighten the load

• October 21, 2019 21 Oct'19

  Sodinokibi emerging as a diverse, multi-vector threat to businesses

  McAfee shares insight into the Sodinokibi ransomware campaign gleaned from its network of honeypots

• October 18, 2019 18 Oct'19

  Huge rise in rogue banking apps driving fraud attacks

  Fraud perpetrated through fake mobile apps purporting to be from legitimate banks has seen a statistically significant spike, says RSA

• October 14, 2019 14 Oct'19

  The Security Interviews: Applying AI to Lego, and security

  Ann Johnson, Microsoft corporate vice-president of cyber security, is on a mission to prove that artificial intelligence holds great promise for the security sector, and she has the analogies to back it up

• October 08, 2019 08 Oct'19

  How APAC enterprises can keep pace with container security

  For all the promises of containers, changes in architecture and practices associated with the technology bring new challenges and opportunities

• October 08, 2019 08 Oct'19

  IBM, McAfee among founders of open source security alliance

  A group of cyber security suppliers have come together to form the Open Cybersecurity Alliance

• October 03, 2019 03 Oct'19

  LogRhythm touts unlimited data plan for SIEM systems

  SIEM supplier introduces three-year, term-based pricing plan that lets enterprises ingest as much data as they want without breaking the bank

• September 26, 2019 26 Sep'19

  Overinvestment breeds overconfidence among security pros

  CISOs have made an abundance of security investments in multiple suppliers, but this might not be the right approach

• September 24, 2019 24 Sep'19

  Latest Lorca cyber security challenge has IoT focus

  Government-backed cyber security innovation centre Lorca has issued new challenges around connectivity for its next intake of scaleups