News

IT risk management

• January 24, 2019 24 Jan'19

  IoT application vulnerabilities leave devices open to attack

  Barracuda Networks calls for internet of things devices to be subject to regular security review after researchers detail the application vulnerabilities of an internet-connected security camera

• January 24, 2019 24 Jan'19

  Business failing to see strategic value of cyber security

  UK businesses are failing to get value out of cyber security because they fail to see its strategic importance and often have a negative attitude towards security professionals, a study has revealed

• January 24, 2019 24 Jan'19

  AWS now accredited to run protected workloads in Australia

  Accreditation from the Australian Cyber Security Centre will enable organisations to store and process sensitive data in the Amazon Web Services Sydney region

• January 23, 2019 23 Jan'19

  Facebook’s objections to court concerns over privacy more about ‘optics’ than facts

  Facebook’s challenge to a High Court ruling that raises serious concerns about data transfers between Europe and the US is more about appearance than facts, lawyers for the Irish Data Protection Commission told Dublin's Supreme Court

• January 23, 2019 23 Jan'19

  MPs challenge Huawei over spying allegations

  The chair of the cross-bench Science and Technology Committee has written to Huawei seeking answers over its activities in the UK

• January 23, 2019 23 Jan'19

  Time to deploy strong authentication, says Fido

  The time has come for organisations to deploy cryptographically backed strong authentication, according to the Fido Alliance, which seeks to eliminate the world’s dependence on password-based security

• January 23, 2019 23 Jan'19

  US issues emergency directive to halt DNS hijacking

  US government agencies have been given 10 days to complete a four-step action plan to stop DNS hijacking attacks

• January 22, 2019 22 Jan'19

  IBM mobile cyber range starts European tour in London

  IBM’s mobile cyber range is kicking of a tour in London to raise awareness around the need for tried and tested cyber attack responses among organisations in Europe

• January 22, 2019 22 Jan'19

  Young Dutch cyber criminals get re-education rather than jail time

  Young hackers in the Netherlands are being rehabilitated through punishments that educate rather than incarcerate

• January 22, 2019 22 Jan'19

  Facebook: US government does not engage in mass and indiscriminate surveillance

  Social media giant challenges a ruling by Dublin’s High Court over a judgment that it says made ‘extraordinary and incorrect’ findings about the US legal system

• January 21, 2019 21 Jan'19

  Name and shame firms with poor cyber security, government told

  The government should name and shame companies whose cyber security measures fail to protect consumers’ data and firms should implement Active Cyber Defence, an academic report urges

• January 21, 2019 21 Jan'19

  Public procurement key to cyber security

  Using public procurement as a means of boosting cyber security is the top recommendation for 2019, according to a report based on expert views

• January 21, 2019 21 Jan'19

  Home Office vetoes privacy campaigner from senior post in surveillance watchdog

  The Home Office refuses academic and privacy campaigner, Eric King, security clearance for a senior role at the intelligence services watchdog, despite high-level backing from officials

• January 17, 2019 17 Jan'19

  Breach of nearly 2.7 billion records underlines password flaws

  Potentially the biggest personal data breach to date from thousands of sources, some possibly breached as far back as 2008, illustrates the deeply flawed nature of password-based authentication, say industry commentators

• January 17, 2019 17 Jan'19

  CenturyLink opens Singapore SOC amid security services boom

  US telco’s second Asia-Pacific security operations centre in Singapore is one of eight globally as it bids to carve a slice of the security services market

• January 16, 2019 16 Jan'19

  New Zealand faces more state-sponsored attacks

  Nearly four in 10 cyber security incidents recorded by the National Cyber Security Centre were the work of state-sponsored threat actors

• January 15, 2019 15 Jan'19

  Millions of industrial remote controllers open to attack

  Millions of industrial remote controllers are open to cyber attack because of vulnerabilities in the radio frequency technology used, a study has revealed

• January 15, 2019 15 Jan'19

  Businesses fail to apply encryption technology effectively

  Most businesses are not applying common encryption tools effectively to contain the fallout and costs of data breaches, research shows

• January 15, 2019 15 Jan'19

  Less than half of firms able to detect IoT breaches, study shows

  UK firms have one of the lowest internet-of-things device breach detection capabilities in Europe, a study reveals

• January 15, 2019 15 Jan'19

  SingHealth and IT supplier fined S$1m for data breach

  Singapore’s data protection commission considered the fact that both SingHealth and its IT supplier fell prey to sophisticated threat actors, among other factors, when meting out the fine

• January 11, 2019 11 Jan'19

  AI application overlooked in cyber security research

  Despite the proliferation of cyber security products and services claiming to be driven by artificial intelligence, the application of the technology is being overlooked by research, a study shows

• January 10, 2019 10 Jan'19

  UK firms say £6.6bn annual security testing cost too high

  Avord launches platform to reduce the multibillion-pound annual cyber security testing cost that most UK firms say is too high

• January 09, 2019 09 Jan'19

  FireEye gears up email security for emerging threats

  Email continues to be a top means of initiating cyber attacks with new detection bypass techniques and executive impersonation capabilities continually emerging, research shows

• January 08, 2019 08 Jan'19

  Protego Labs launches serverless app security tool

  Security professionals and developers now have a way to assess the security of their serverless applications with a new open source testing tool donated to Owasp

• January 07, 2019 07 Jan'19

  Boards need to be active partners in cyber defence

  Board members must be active governance partners in collaborative cyber defence, says US regional information sharing and analysis organisation

• January 07, 2019 07 Jan'19

  BlackBerry licenses security tech to IoT device makers

  BlackBerry is to license its secure software development technology to the makers of internet-connected devices to boost IoT security

• January 07, 2019 07 Jan'19

  Almost half of containers in production have vulnerabilities, study finds

  More containers are being deployed in production, but many businesses are unaware if they are secure

• January 06, 2019 06 Jan'19

  Singapore Airlines’ software glitch exposed customer data

  More than 280 members of the Krisflyer frequent flyer programme had their personal information compromised by a one-off software bug

• January 04, 2019 04 Jan'19

  Modern IT underlines need for zero-trust security

  The increasing complexity of supply chains and interconnectivity of IT systems means the attack surface is widening and security has to evolve accordingly, warns British computer scientist

• January 04, 2019 04 Jan'19

  Data breaches affected more than a billion people in 2018

  The personal information of more than a billion people was compromised in 2018 as companies holding the data failed to keep it safe

• January 04, 2019 04 Jan'19

  German politicians’ data leak shows need for global action

  Hacked data includes contacts’ email addresses, private chats, mobile numbers, photographs and credit card details, which were published on Twitter

• January 04, 2019 04 Jan'19

  Phishing attacks hidden by custom fonts

  Security researchers have uncovered a new way in which phishing attacks are evading detection.

• December 24, 2018 24 Dec'18

  Top 10 IT security stories of 2018

  Here are Computer Weekly’s top 10 IT security stories of 2018

• December 20, 2018 20 Dec'18

  Marriott data breach losses could be over half a billion dollars

  Direct losses related to a huge data breach at US hotel group could reach $600m

• December 19, 2018 19 Dec'18

  Lauri Love battles police for return of computers as NCA confirms live investigation

  The National Crime Agency (NCA) confirms there is a live investigation into Lauri Love in the UK, as Love brings legal action against UK police for the return of seized computer equipment

• December 18, 2018 18 Dec'18

  APAC cyber security landscape to be more tumultuous in 2019

  Amid growing cyber threats, the Asia-Pacific cyber security landscape will not get any rosier in 2019 unless organisations start shoring up their cyber hygiene

• December 17, 2018 17 Dec'18

  Top 10 ASEAN stories of 2018

  Organisations across Southeast Asia have been doubling down on efforts to take the lead in digital transformation initiatives

• December 14, 2018 14 Dec'18

  Iranian cyber espionage highlights human element

  State-backed hackers in Iran have reportedly upped efforts to compromise US officials’ email accounts using phishing scams

• December 14, 2018 14 Dec'18

  Australia passes controversial encryption law

  Arguments continue over law that requires companies to work with government agencies to ensure that encrypted communications can be read if a crime is suspected

• December 13, 2018 13 Dec'18

  Machine identity protection development gets funding boost

  Cyber security firm Venafi has launched a development fund aimed at accelerating the delivery of protection for machine identities

• December 13, 2018 13 Dec'18

  Social engineering at the heart of critical infrastructure attack

  Social engineering is the core technique used in a series of cyber attacks targeting government, defence, nuclear, energy and financial organisations around the world, which means people are key to defence

• December 13, 2018 13 Dec'18

  Most UK retailers plan to up cyber security

  The majority of UK retailers are planning to increase cyber security measures during the Christmas season, a survey reveals

• December 11, 2018 11 Dec'18

  Mac malware makes debut in top 10 list

  Mac malware appears in the WatchGuard top 10 malware list for first time, and 6.8% of major websites still use an insecure SSL protocol, according to the firm’s latest internet security report

• December 11, 2018 11 Dec'18

  Large disparity in NHS cyber skills and training spend

  Despite government pledges to up cyber security spending across the NHS, there are still huge disparities in cyber security skills and spending on cyber security training, FoI requests reveal

• December 10, 2018 10 Dec'18

  O2 expected to pursue Ericsson for compensation over 24-hour stoppage

  Mobile network operator could seek up to £100m in damages from its supplier, which failed to update expired software certificates, causing a day-long outage

• December 10, 2018 10 Dec'18

  UK businesses feel let down by government on cyber security

  Government needs to provide more support around cyber security issues in 2019, according to the majority of UK IT leaders polled

• December 07, 2018 07 Dec'18

  Half of business leaders unaware of BPC cyber attacks

  Half of management teams polled in 12 countries, including the UK, are unaware of business process compromise (BPC) attacks

• December 06, 2018 06 Dec'18

  Fileless malware surge, warns Malwarebytes report 

  Data from millions of consumers reveals an uptick in fileless malware and other new-generation malware that calls for a new cyber security approach, report reveals

• December 06, 2018 06 Dec'18

  Adobe releases Flash patch for zero-day exploit

  Emergency security update released for zero-day vulnerability that is being exploited in the wild via a Microsoft Office document, according to researchers

• December 05, 2018 05 Dec'18

  BT moves to strip Huawei kit from EE’s network

  Telco will remove Huawei’s networking equipment from the core of EE’s 4G mobile network