News
IT risk management
-
July 13, 2022
13
Jul'22
July Patch Tuesday brings more than 80 fixes, one zero-day
While some admins can put their feet up and let Windows Autopatch do the hard work of updating their Microsoft estates, for the rest of us, the Patch Tuesday bandwagon keeps on keeping on
-
July 13, 2022
13
Jul'22
ICO calls for review into government use of private email and WhatsApp messages
Information Commissioner’s Office reprimands Department of Health and Social Care after ministers and officials conducted government business on their own email accounts and messaging apps
-
July 12, 2022
12
Jul'22
MaliBot Android malware spreading fast, says Check Point
The MaliBot malware is becoming a persistent and widespread problem, and Android users should be on their guard, says Check Point
-
July 12, 2022
12
Jul'22
Singapore doubles down on OT security
The Cyber Security Agency of Singapore will fund 80 scholarships to groom a talent pool of operational technology security experts, among other efforts to bolster the security of critical infrastructure in the city-state
-
July 11, 2022
11
Jul'22
Microsoft VBA macro block will return
Microsoft provides more details about its sudden decision to rollback a landmark security policy, and reassures users it is a temporary measure
-
July 11, 2022
11
Jul'22
SMEs lagging on multifactor authentication
Only 46% of small business owners say they have implemented multifactor authentication, and just 13% mandate its use, according to a report
-
July 07, 2022
07
Jul'22
Tech companies face pressure over end-to-end encryption in Online Safety Bill
An amendment to the Online Safety Bill, currently going through Parliament, will put pressure on tech companies over end-to-end encrypted messaging services
-
July 07, 2022
07
Jul'22
The Security Interviews: Inside Russia’s Ukraine information operation
Computer Weekly speaks to Craig Terron of Recorded Future about delving deep inside the Russian disinformation machine, and how the Kremlin’s strategy is set to evolve
-
July 06, 2022
06
Jul'22
Plexal seeks new scaleups for next phase of Cyber Runway
Established security startups looking to grow and scale their operations are being invited to join the next phase of Plexal’s Cyber Runway programme
-
July 05, 2022
05
Jul'22
Prepare for long-term cyber threat from Ukraine war, says NCSC
The NCSC has published refreshed guidance on cyber preparedness as the war on Ukraine continues, urging organisations to pay attention to the state of their security teams
-
July 05, 2022
05
Jul'22
LogRhythm bullish on growth in APAC
LogRhythm expects its business in the region to grow by over 20% this year thanks to demand from emerging economies where cyber security investments have not kept pace with cyber threats
-
July 05, 2022
05
Jul'22
NCSC CEO: Why we should run towards crises to elevate cyber security
National Cyber Security Centre CEO Lindy Cameron, the 2022 Computer Weekly UKtech50 Most Influential Person in UK IT, reflects on a career immersed in crisis management, and how she is using this to elevate cyber security standards across the country
-
July 04, 2022
04
Jul'22
MPs call for ban on Chinese surveillance camera technology
Nearly 70 MPs have called on the government to ban Chinese camera technology that is widely used by UK government agencies despite links to human rights abuses in China
-
July 04, 2022
04
Jul'22
Assange appeals against Priti Patel’s extradition order
WikiLeaks founder is expected to raise concerns over the political nature of his prosecution, the likelihood of him receiving a fair trial, and the risk of a coercive plea bargain
-
June 30, 2022
30
Jun'22
ICO to cut back on fines for public sector data breaches
Information commissioner John Edwards sets out a revised approach to how the ICO handles data breaches in the public sector, saying fining victims risks punishing the public twice over
-
June 28, 2022
28
Jun'22
Avast uncovers ‘thieves’ kitchen’ of malware-writing teens
Researchers stumble across online community of 11 to 18-year-olds constructing, exchanging and spreading malware
-
June 27, 2022
27
Jun'22
Brexit a net negative for UK cyber, say CISOs
Six years on from the UK’s Brexit vote, the majority of security professionals say leaving the EU has raised concerns over their ability to keep their organisations safe
-
June 24, 2022
24
Jun'22
Black Basta ransomware crew aiming for ‘big leagues’
Emergent Black Basta ransomware gang has hit more than 50 countries since bursting onto the scene earlier this year, says Cybereason
-
June 24, 2022
24
Jun'22
Developers grapple with open source software security
Software developers are taking longer to fix vulnerabilities and many do not know about the dependencies of open source software components they are using, study finds
-
June 23, 2022
23
Jun'22
SolarWinds unveils new development model to avoid a repeat of Sunburst
SolarWinds has unveiled a new, secure-by-design software development model to protect itself from a repeat of the infamous 2020 cyber attack on its systems, and serve as a blueprint for the industry
-
June 22, 2022
22
Jun'22
NatWest files under whistleblower’s bed contain live customer data
Former Royal Bank of Scotland worker wants bank to take back customer files and provide an ‘adequate receipt’
-
June 22, 2022
22
Jun'22
How TDCX is building a people-centric business
Every digital tool deployed by the Singapore-based services firm is aimed at augmenting the performance and experience of its employees, says TDCX’s group CIO, Byron Fernandez
-
June 21, 2022
21
Jun'22
CNI leaders’ attitude to ransomware lackadaisical at best
A survey of security decision-makers in sectors regarded as critical national infrastructure reveals a disappointing attitude to ransomware threats
-
June 21, 2022
21
Jun'22
Microsoft Office 365 has ability to ‘spy’ on workers
Microsoft faces calls for ‘transparency’ over tools in Office 365 that allow employers to read staff emails and monitor their computer use at work
-
June 20, 2022
20
Jun'22
Lords move to protect cyber researchers from prosecution
A cross-party group in the House of Lords has proposed an amendment to the Product Security and Telecommunications Infrastructure Bill that would address concerns about security researchers or ethical hackers being prosecuted in the course of their ...
-
June 20, 2022
20
Jun'22
Complex Russian cyber threat requires we go back to basics
The situation in Russia is anything but simple, but it is the fundamentals of cyber security hygiene that pose the best defence against the country’s digital threat, as Mandiant’s Jamie Collier explains
-
June 19, 2022
19
Jun'22
Aussie mobile users most vulnerable to security threats
Australia has the highest percentage of mobile app threats detected on a per-device basis, with iPhone users more likely to download a risky app than an Android user, study finds
-
June 17, 2022
17
Jun'22
Government responds to Data Reform Bill consultation
Westminster claims its new data laws will boost British benefits, protect consumers, and seize the ‘benefits’ of Brexit
-
June 13, 2022
13
Jun'22
UK, US prepare to launch PET project
A transatlantic prize challenge to accelerate development of privacy-enhancing technologies is set to begin
-
June 13, 2022
13
Jun'22
Government recommits to UK’s cyber future in Digital Strategy
New strategy leans heavily on cyber security but stops short of announcing any initiatives that have not already been launched or heavily trailed
-
June 13, 2022
13
Jun'22
Qatar bolsters cyber security in preparation for World Cup
With hackers honing their cyber weapons to target the upcoming football World Cup, Qatar is busy developing countermeasures and raising awareness
-
June 10, 2022
10
Jun'22
Snake Keylogger climbing malware charts, says Check Point
Cyber criminals behind Snake Keylogger campaigns have been switching up their tactics in the past few weeks, say researchers
-
June 10, 2022
10
Jun'22
Commercialising open source
Most software developed today takes advantage of open source, but there are still gaps in understanding what open source means in business
-
June 09, 2022
09
Jun'22
SolarWinds CEO offers to commit staffers to government cyber agencies
A new proposal from SolarWinds’ outspoken CEO, Sudhakar Ramakrishna, could see software companies commit key staff to work with government cyber agencies to improve cooperation and incident response
-
June 08, 2022
08
Jun'22
ProxyLogon, ProxyShell may have driven increase in dwell times
The median network intruder dwell time was up 36% to 15 days last year, thanks to massive exploitation of the ProxyLogon and ProxyShell vulnerabilities by IABs, according to new Sophos data
-
June 07, 2022
07
Jun'22
Weak IT and SecOps collaboration in ANZ opens doors to cyber attacks
The weak collaboration between IT and security teams in Australia and New Zealand is exposing their organisations to data loss, business disruption and other potential consequences of cyber attacks
-
May 31, 2022
31
May'22
Researchers discover zero-day Microsoft vulnerability in Office
Malicious Word documents have been used to invoke a previously undisclosed vulnerability in Microsoft Office without user interaction through Windows utility functions
-
May 26, 2022
26
May'22
Consultation launched on datacentre, cloud security
The government is seeking views on how to boost the security and resilience of the UK’s datacentres and online cloud platforms
-
May 26, 2022
26
May'22
Most CFOs being left out of ransomware conversations
Barely a tenth of CFOs are actively involved in planning for cyber attacks, according to a report
-
May 25, 2022
25
May'22
Rubrik charts data security path
Backup and recovery software provider Rubrik now sees itself as a cyber security company that helps organisations recover from ransomware and other data security threats
-
May 25, 2022
25
May'22
Building a pathway to commercial quantum computing
The shortage of expertise in quantum technologies will drive up salaries. A new report from TechUK assesses the route to commercialisation
-
May 24, 2022
24
May'22
ICO orders facial recognition firm Clearview AI to delete all data about UK residents
UK data watchdog fines facial recognition company Clearview AI £7.5m for multiple privacy breaches. The firm, which offers services to law enforcement, faces growing pressure from regulators and legal action around the world
-
May 24, 2022
24
May'22
Ransomware volumes grew faster than ever in 2021
Verizon’s annual DBIR assessment of the security landscape highlights an unprecedented boom in ransomware volumes, to the surprise of nobody
-
May 24, 2022
24
May'22
Bad bots make up a quarter of APAC’s web traffic
Bots that run automated tasks have been responsible for stealing personal information among other malicious activities in the Asia-Pacific region, study finds
-
May 23, 2022
23
May'22
How Ivanti views patch management with a security lens
Bringing development, operations and security teams together will help organisations to improve their visibility of IT assets and vulnerabilities while keeping threat actors at bay
-
May 20, 2022
20
May'22
Applying international law to cyber will be a tall order
Many in the security community have voiced their support for the UK government’s ambitions to work towards agreement with other countries on the application of international law to cyber space, but not without some reservations
-
May 19, 2022
19
May'22
Defensive cyber attacks may be justified, says attorney general
Speaking ahead of a speech at the Chatham House think tank, the UK’s attorney general has suggested defensive cyber attacks against hostile countries may be legally justifiable
-
May 19, 2022
19
May'22
Red teaming will be standard in Dutch governmental organisations by 2025
The Dutch government wants to include the testing of the digital security of systems, processes and people – also known as red teaming – in all of its governmental organisations’ test planning and budgeting by 2025 at the latest
-
May 18, 2022
18
May'22
Mastercard biometric programme will allow payment authentication by smile
Mastercard is inviting banks and merchants to join a programme to set standards for biometric payments technology
-
May 17, 2022
17
May'22
Veeam outlines data protection vision
Veeam is looking to achieve an “outsized market leading position” by tapping its strengths in data protection and doubling down on innovation to help enterprises secure emerging workloads