News

IT risk management

• February 01, 2019 01 Feb'19

  Innocent people arrested following surveillance blunders, IPCO reveals

  Interception of communications commissioner Adrian Fulford warns of “grave” repercussions for people wrongly identified as suspects due to errors made when government bodies access email, phone and telephone data

• February 01, 2019 01 Feb'19

  New stolen credentials cache puts spotlight on authentication

  The discovery of billions more stolen usernames and passwords in Collections #2 to #5 have prompted fresh calls for the implementation of better authentication methods across industry

• January 31, 2019 31 Jan'19

  Cyber insurance uptake growing, but not all firms convinced

  The adoption of cyber insurance is expected to grow, but one in three companies still are not sold on the benefits, a survey shows

• January 30, 2019 30 Jan'19

  Unconfigured IoT is a security risk, warns researcher

  Internet of things researcher says unconfigured internet-connected devices are a largely unrecognised cyber security risk to businesses and consumers, and welcomes the increased likelihood of UK IoT legislation

• January 30, 2019 30 Jan'19

  How traffic scrubbing can guard against DDoS attacks

  Although most scrubbing services can help fend off distributed denial of service attacks, a more comprehensive mitigation strategy is required to remain unscathed

• January 29, 2019 29 Jan'19

  Global cyber attack could cost up to $193bn, study shows

  A coordinated global cyber attack could have an economic impact of up to $193bn, an insurance industry-backed report claims

• January 29, 2019 29 Jan'19

  New tech putting sensitive data at risk, report confirms

  Deployments of new technologies are putting sensitive corporate data at risk because organisations are struggling to secure these new IT environments, a report confirms

• January 28, 2019 28 Jan'19

  Personal records of HIV-positive individuals in Singapore leaked online

  The personal information of 14,200 people with the human immunodeficiency virus was leaked by an American who lived in Singapore

• January 28, 2019 28 Jan'19

  Security alert for vulnerabilities in Siemens PLCs

  Industries that use Siemens Simatic controllers to automate manufacturing processes have been urged to update software without delay

• January 28, 2019 28 Jan'19

  Government to pump £70m into ‘designing out’ cyber threats

  Industrial Strategy Challenge Fund cash to be used for designing and developing more secure hardware in a bid to eradicate cyber threats

• January 25, 2019 25 Jan'19

  Vodafone suspends use of Huawei hardware

  Vodafone’s UK CEO has said the operator will ‘pause’ its use of Huawei hardware for the foreseeable future

• January 24, 2019 24 Jan'19

  Poor practices expose 24 million financial records

  Failure to maintain appropriate security controls has again led to the exposure of millions of sensitive data records, this time from the banking world

• January 24, 2019 24 Jan'19

  IoT application vulnerabilities leave devices open to attack

  Barracuda Networks calls for internet of things devices to be subject to regular security review after researchers detail the application vulnerabilities of an internet-connected security camera

• January 24, 2019 24 Jan'19

  Business failing to see strategic value of cyber security

  UK businesses are failing to get value out of cyber security because they fail to see its strategic importance and often have a negative attitude towards security professionals, a study has revealed

• January 24, 2019 24 Jan'19

  AWS now accredited to run protected workloads in Australia

  Accreditation from the Australian Cyber Security Centre will enable organisations to store and process sensitive data in the Amazon Web Services Sydney region

• January 23, 2019 23 Jan'19

  Facebook’s objections to court concerns over privacy more about ‘optics’ than facts

  Facebook’s challenge to a High Court ruling that raises serious concerns about data transfers between Europe and the US is more about appearance than facts, lawyers for the Irish Data Protection Commission told Dublin's Supreme Court

• January 23, 2019 23 Jan'19

  MPs challenge Huawei over spying allegations

  The chair of the cross-bench Science and Technology Committee has written to Huawei seeking answers over its activities in the UK

• January 23, 2019 23 Jan'19

  Time to deploy strong authentication, says Fido

  The time has come for organisations to deploy cryptographically backed strong authentication, according to the Fido Alliance, which seeks to eliminate the world’s dependence on password-based security

• January 23, 2019 23 Jan'19

  US issues emergency directive to halt DNS hijacking

  US government agencies have been given 10 days to complete a four-step action plan to stop DNS hijacking attacks

• January 22, 2019 22 Jan'19

  IBM mobile cyber range starts European tour in London

  IBM’s mobile cyber range is kicking of a tour in London to raise awareness around the need for tried and tested cyber attack responses among organisations in Europe

• January 22, 2019 22 Jan'19

  Young Dutch cyber criminals get re-education rather than jail time

  Young hackers in the Netherlands are being rehabilitated through punishments that educate rather than incarcerate

• January 22, 2019 22 Jan'19

  Facebook: US government does not engage in mass and indiscriminate surveillance

  Social media giant challenges a ruling by Dublin’s High Court over a judgment that it says made ‘extraordinary and incorrect’ findings about the US legal system

• January 21, 2019 21 Jan'19

  Name and shame firms with poor cyber security, government told

  The government should name and shame companies whose cyber security measures fail to protect consumers’ data and firms should implement Active Cyber Defence, an academic report urges

• January 21, 2019 21 Jan'19

  Public procurement key to cyber security

  Using public procurement as a means of boosting cyber security is the top recommendation for 2019, according to a report based on expert views

• January 21, 2019 21 Jan'19

  Home Office vetoes privacy campaigner from senior post in surveillance watchdog

  The Home Office refuses academic and privacy campaigner, Eric King, security clearance for a senior role at the intelligence services watchdog, despite high-level backing from officials

• January 17, 2019 17 Jan'19

  Breach of nearly 2.7 billion records underlines password flaws

  Potentially the biggest personal data breach to date from thousands of sources, some possibly breached as far back as 2008, illustrates the deeply flawed nature of password-based authentication, say industry commentators

• January 17, 2019 17 Jan'19

  CenturyLink opens Singapore SOC amid security services boom

  US telco’s second Asia-Pacific security operations centre in Singapore is one of eight globally as it bids to carve a slice of the security services market

• January 16, 2019 16 Jan'19

  New Zealand faces more state-sponsored attacks

  Nearly four in 10 cyber security incidents recorded by the National Cyber Security Centre were the work of state-sponsored threat actors

• January 15, 2019 15 Jan'19

  Millions of industrial remote controllers open to attack

  Millions of industrial remote controllers are open to cyber attack because of vulnerabilities in the radio frequency technology used, a study has revealed

• January 15, 2019 15 Jan'19

  Businesses fail to apply encryption technology effectively

  Most businesses are not applying common encryption tools effectively to contain the fallout and costs of data breaches, research shows

• January 15, 2019 15 Jan'19

  Less than half of firms able to detect IoT breaches, study shows

  UK firms have one of the lowest internet-of-things device breach detection capabilities in Europe, a study reveals

• January 15, 2019 15 Jan'19

  SingHealth and IT supplier fined S$1m for data breach

  Singapore’s data protection commission considered the fact that both SingHealth and its IT supplier fell prey to sophisticated threat actors, among other factors, when meting out the fine

• January 11, 2019 11 Jan'19

  AI application overlooked in cyber security research

  Despite the proliferation of cyber security products and services claiming to be driven by artificial intelligence, the application of the technology is being overlooked by research, a study shows

• January 10, 2019 10 Jan'19

  UK firms say £6.6bn annual security testing cost too high

  Avord launches platform to reduce the multibillion-pound annual cyber security testing cost that most UK firms say is too high

• January 09, 2019 09 Jan'19

  FireEye gears up email security for emerging threats

  Email continues to be a top means of initiating cyber attacks with new detection bypass techniques and executive impersonation capabilities continually emerging, research shows

• January 08, 2019 08 Jan'19

  Protego Labs launches serverless app security tool

  Security professionals and developers now have a way to assess the security of their serverless applications with a new open source testing tool donated to Owasp

• January 07, 2019 07 Jan'19

  Boards need to be active partners in cyber defence

  Board members must be active governance partners in collaborative cyber defence, says US regional information sharing and analysis organisation

• January 07, 2019 07 Jan'19

  BlackBerry licenses security tech to IoT device makers

  BlackBerry is to license its secure software development technology to the makers of internet-connected devices to boost IoT security

• January 07, 2019 07 Jan'19

  Almost half of containers in production have vulnerabilities, study finds

  More containers are being deployed in production, but many businesses are unaware if they are secure

• January 06, 2019 06 Jan'19

  Singapore Airlines’ software glitch exposed customer data

  More than 280 members of the Krisflyer frequent flyer programme had their personal information compromised by a one-off software bug

• January 04, 2019 04 Jan'19

  Modern IT underlines need for zero-trust security

  The increasing complexity of supply chains and interconnectivity of IT systems means the attack surface is widening and security has to evolve accordingly, warns British computer scientist

• January 04, 2019 04 Jan'19

  Data breaches affected more than a billion people in 2018

  The personal information of more than a billion people was compromised in 2018 as companies holding the data failed to keep it safe

• January 04, 2019 04 Jan'19

  German politicians’ data leak shows need for global action

  Hacked data includes contacts’ email addresses, private chats, mobile numbers, photographs and credit card details, which were published on Twitter

• January 04, 2019 04 Jan'19

  Phishing attacks hidden by custom fonts

  Security researchers have uncovered a new way in which phishing attacks are evading detection.

• December 24, 2018 24 Dec'18

  Top 10 IT security stories of 2018

  Here are Computer Weekly’s top 10 IT security stories of 2018

• December 20, 2018 20 Dec'18

  Marriott data breach losses could be over half a billion dollars

  Direct losses related to a huge data breach at US hotel group could reach $600m

• December 19, 2018 19 Dec'18

  Lauri Love battles police for return of computers as NCA confirms live investigation

  The National Crime Agency (NCA) confirms there is a live investigation into Lauri Love in the UK, as Love brings legal action against UK police for the return of seized computer equipment

• December 18, 2018 18 Dec'18

  APAC cyber security landscape to be more tumultuous in 2019

  Amid growing cyber threats, the Asia-Pacific cyber security landscape will not get any rosier in 2019 unless organisations start shoring up their cyber hygiene

• December 17, 2018 17 Dec'18

  Top 10 ASEAN stories of 2018

  Organisations across Southeast Asia have been doubling down on efforts to take the lead in digital transformation initiatives

• December 14, 2018 14 Dec'18

  Iranian cyber espionage highlights human element

  State-backed hackers in Iran have reportedly upped efforts to compromise US officials’ email accounts using phishing scams