News

Endpoint security

• March 04, 2021 04 Mar'21

  Okta picks up Auth0 for $6.5bn

  Multibillion-dollar acquisition a vote of confidence in future of identity and access management services

• March 04, 2021 04 Mar'21

  Microsoft Exchange CVEs more widely exploited than thought

  US CISA issues emergency guidance as impact of four newly disclosed Microsoft Exchange vulnerabilities becomes clearer

• March 04, 2021 04 Mar'21

  Qualys caught up in Accellion FTA breach

  Security services supplier confirms that some of its data was stolen via vulnerabilities in Accellion’s file transfer product

• March 04, 2021 04 Mar'21

  UK contactless payment limit more than doubled

  UK increases the amount that can be spent in one go using a contactless payments card to £100

• March 03, 2021 03 Mar'21

  Emergency patch addresses MS Exchange Server zero-days

  Microsoft releases an emergency patch to address multiple zero-day exploits directed at on-premise installations of Exchange Server

• February 24, 2021 24 Feb'21

  Vaccine passports prove an ethical minefield

  Privacy campaigners warn that vaccine passports may turn out to be discriminatory and invasive, while technologists agree careful consideration must be given to their design

• February 24, 2021 24 Feb'21

  Is Clubhouse safe, and should CISOs stop its use?

  With more concerns being raised over the privacy and security of social media app Clubhouse, we consider whether security teams should consider restricting or stopping employees from using it

• February 23, 2021 23 Feb'21

  XDR makes cyber a Stroll in the park for Aston Martin F1

  Aston Martin Cognizant Formula One team will run SentinelOne’s Singularity XDR platform under the bonnet

• February 22, 2021 22 Feb'21

  Microphones, smartphones, laptops among items stolen from BBC

  A total of 105 devices have been stolen from the BBC in the past two years, some of which may have been spirited away by remote workers

• February 18, 2021 18 Feb'21

  More than two-thirds of firms would invest in dedicated remote working connectivity

  Firms are faced with supporting more remote working for their businesses going forward, and a survey has shed light on what form this support will take and what firms believe they will need in the ‘new normal’

• February 18, 2021 18 Feb'21

  2020 a record year for cyber, thanks to Covid

  The UK’s cyber industry now employs close to 50,000 people and contributes billions to the economy

• February 18, 2021 18 Feb'21

  Fingerprints will help payment cards retain relevance

  Biometric payment cards using fingerprint technology could add billions to global banking revenues, says UBS

• February 11, 2021 11 Feb'21

  Singtel falls prey to supply chain attack

  The Singapore telco reveals that its Accellion file sharing system was illegally hacked in a supply chain attack

• February 10, 2021 10 Feb'21

  Windows 10, Server 2019 users must patch serious zero-day

  Another dangerous zero-day exploit is among 56 vulnerabilities patched by Microsoft in February’s Patch Tuesday update

• February 09, 2021 09 Feb'21

  NHS reports fewer phishing emails in 2020

  The NHSmail email service saw a steady decline in suspected phishing emails during the course of 2020

• February 08, 2021 08 Feb'21

  Too few UK organisations offering cyber training for remote work

  Nearly a year into the pandemic, a study reveals a concerning tendency for organisations not to bother offering security training for remote workers

• February 05, 2021 05 Feb'21

  Google Chrome update to patch serious zero-day

  A serious heap buffer overflow vulnerability means Google Chrome users should patch their browsers as soon as possible

• February 05, 2021 05 Feb'21

  Security firm Stormshield loses source code in cyber attack

  Source code from two products developed by French cyber security firm was compromised in a December 2020 incident

• February 03, 2021 03 Feb'21

  Tata Communications grows IoT footprint

  India’s Tata Communications has been shoring up its IoT capabilities through a handful of acquisitions and partnerships with telcos

• February 01, 2021 01 Feb'21

  CISOs invisible to their organisations, says BT report

  Ignorance of cyber issues is leading to misplaced confidence in security in many organisations, as CISOs struggle to make themselves seen and heard

• January 29, 2021 29 Jan'21

  Manufacturing particularly at risk of Solorigate-linked breaches

  Every fifth victim of the SolarWinds Solorigate/Sunburst attack was a manufacturing organisation, say researchers

• January 27, 2021 27 Jan'21

  Emergency Apple updates patch exploited zero-days

  Three vulnerabilities could give attackers full control of their target Apple devices, and must be patched immediately

• January 26, 2021 26 Jan'21

  Saudi IT spending to hit $11bn in 2021

  Saudi Arabian organisations will spend about $11bn on IT this year, with emerging technologies high on shopping lists

• January 26, 2021 26 Jan'21

  Gartner: IT budgets shift to mature processes around remote business

  The pandemic forced businesses to work remotely. Now, almost a year on, CIOs must consider the IT to run long-term remote business strategies

• January 21, 2021 21 Jan'21

  Gamarue malware found on government-issued school laptops

  Devices handed out by the government to support vulnerable children contain malware that appears to be contacting C2 infrastructure in Russia

• January 20, 2021 20 Jan'21

  Should I be worried about MFA-bypassing pass-the-cookie attacks?

  Malicious actors bypassed multi-factor authentication using so-called pass-the-cookie attacks, but how worrying is this and what is the risk to organisations?

• January 19, 2021 19 Jan'21

  Legacy security architectures threaten to disrupt remote working

  Annual survey of IT leaders finds network security is of prime concern as most companies continue with work-from-home policies

• January 19, 2021 19 Jan'21

  Questions raised by New Zealand central bank boss, following cyber attack investigation

  The governor of New Zealand’s central bank said the organisation must answer questions about its security following a ‘significant’ attack

• January 19, 2021 19 Jan'21

  Click fraud levels reach new heights in pandemic

  Small companies risk losing £10,000 a year, and enterprises as much as £520,000, to cyber criminals as click fraud volumes spike

• January 19, 2021 19 Jan'21

  MAS offers guidance on mitigating supply chain threats

  Monetary Authority of Singapore revises its technology risk management guidelines to help the financial sector guard against supply chain attacks

• January 18, 2021 18 Jan'21

  MoD reports 18% rise in data loss incidents

  The Ministry of Defence reported more than five hundred data security incidents in 2019-20, with seven serious enough to warrant disclosure to the ICO

• January 18, 2021 18 Jan'21

  Australians lost A$176m to scams in 2020

  Investment scams topped the list of scams, which grew by 23.1% in 2020 as criminals exploited human psychology using social engineering

• January 14, 2021 14 Jan'21

  APAC firms grapple with cyber security amid pandemic

  Some aspects of cyber security have taken a backseat as companies across the Asia-Pacific region rush to shore up their infrastructure to cope with the demands of remote work

• January 13, 2021 13 Jan'21

  Critical zero-day features in first Patch Tuesday of 2021

  Microsoft releases fixes for 84 bugs on the first Patch Tuesday of 2021, including a critical zero-day vulnerability in Microsoft Defender

• January 12, 2021 12 Jan'21

  Palo Alto Networks opens Australia cloud location

  The cyber security company’s Australia cloud location will address data localisation requirements amid growing adoption of cloud-based security services

• January 12, 2021 12 Jan'21

  Mimecast latest security firm to be compromised

  Users of a specific Mimecast certificate used to authenticate services to Microsoft Office 365 may be at risk of compromise in an attack that may relate to the ongoing SolarWinds incident

• January 12, 2021 12 Jan'21

  Early stage UK security startups face funding crisis

  Overall cyber security funding since the advent of the pandemic is well up, but investment is dominated by safe, later-stage firms while those raising capital for the first time fall away

• January 08, 2021 08 Jan'21

  Which? online banking investigation reveals ‘worrying gaps’ in security

  Consumer rights organisation has ranked the security of UK online current account providers

• January 05, 2021 05 Jan'21

  Scammers impersonating the ACSC on the prowl

  The Australian Cyber Security Centre warns of scammers who are using its name to gain control of personal computers and trick users into revealing personal information

• January 05, 2021 05 Jan'21

  Banking trade body calls for increased contactless payment limit

  UK Finance proposes an increase in the limit on spending using contactless cards

• December 24, 2020 24 Dec'20

  Top 10 cyber crime stories of 2020

  Here are Computer Weekly’s top 10 cyber crime stories of 2020

• December 23, 2020 23 Dec'20

  Top 10 cyber security stories of 2020

  Here are Computer Weekly’s 10 top cyber security stories of 2020

• December 22, 2020 22 Dec'20

  Top 10 end-user computing stories of 2020

  Here are Computer Weekly’s top 10 end-user computing stories of 2020

• December 17, 2020 17 Dec'20

  Dodgy browser extensions put social media users at risk

  More than three million users of third-party browser extensions for Instagram, Facebook, Vimeo and others have been infected with malware, according to Avast

• December 17, 2020 17 Dec'20

  NHS Scotland taps Check Point to secure Covid-19 data

  NHS National Services Scotland is working with security firm Check Point to safeguard its sensitive data in the cloud and support its work on the coronavirus

• December 14, 2020 14 Dec'20

  FireEye identifies flaw in networking monitoring software as US agencies attacked

  Cyber security company says investigations have revealed security breach occurred because of a flaw in a network monitoring software

• December 11, 2020 11 Dec'20

  Disputed PostgreSQL bug exploited in cryptomining botnet

  PGMiner cryptomining botnet remained unnoticed by exploiting a disputed CVE in PostgreSQL

• December 11, 2020 11 Dec'20

  Surge in Covid-19 vaccine phishing scams reported

  Check Point and KnowBe4 share details of a growing number of phishing campaigns using the prospect of a Covid-19 vaccine as a lure

• December 10, 2020 10 Dec'20

  After critical year, Vodafone trains security sights on CNI market

  Vodafone’s security head Steve Knibbs explains how he plans to bring the lessons of a transformative few years in cyber security to bear on new markets

• December 09, 2020 09 Dec'20

  Amnesia:33 IoT flaws dangerous and patches unlikely, say experts

  The disclosure of multiple flaws by Forescout has raised big questions for the developers of connected products, and for their users