News

IT risk management

• May 02, 2017 02 May'17

  Intel urges business to patch critical remote-execution flaw

  Intel advises business customers to apply a security update for some versions of its administration firmware for vPro processors to fix a remote execution flaw

• April 20, 2017 20 Apr'17

  Mastercard integrates biometric technology into cards

  MasterCard tests out biometric technology embedded into payment cards, with further trials in Europe planned

• April 20, 2017 20 Apr'17

  Banks suffer average of 85 attempted serious cyber attacks a year, and one-third are successful

  Banks face daily cyber attacks, many of which succeed in stealing data, research finds

• April 20, 2017 20 Apr'17

  Human interaction still key to cyber attacks, study reveals

  An analysis of threats faced by organisations in the first quarter of 2017 reveals that cyber attackers still rely heavily on user interaction

• April 19, 2017 19 Apr'17

  Skype most popular communication channel for cyber criminals

  The cyber criminal network is truly global and collaborative, making use of popular messaging services, a study has revealed

• April 13, 2017 13 Apr'17

  Enterprise adoption of encryption accelerating, study shows

  Cloud adoption and escalating threats are accelerating adoption of encryption, a study has revealed

• April 13, 2017 13 Apr'17

  Six key security weaknesses in industrial systems

  Organisations should mitigate six key vulnerabilities in industrial control systems to reduce the risk of cyber attack, warns security firm FireEye

• April 11, 2017 11 Apr'17

  Security as a service on the rise in the UAE

  Organisations in the United Arab Emirates are increasingly turning to security services

• April 10, 2017 10 Apr'17

  IAM a core building block for GDPR compliance

  Identity and access management is key to enabling organisations to become compliant with the GDPR, increase security and improve customer relationships, according to a senior analyst at KuppingerCole

• April 10, 2017 10 Apr'17

  Outsourcing service left Scottrade Bank customer data exposed

  Mistake by outsourcing service provider left the details of 20,000 Scottrade Bank customers vulnerable to theft

• April 06, 2017 06 Apr'17

  Interview: F-Secure’s Mikko Hyppönen on the Nordics, Russia and the internet of insecure things

  Computer Weekly sat down with Finnish cyber security expert Mikko Hyppönen to talk about security in the Nordics, Russia and the trouble with connected devices

• April 04, 2017 04 Apr'17

  Chinese hacking group targeted firms through IT MSPs

  Security researchers have uncovered a China-based cyber espionage campaign that targeted IT services firms and their customers, underlining the need for supply chain security

• March 31, 2017 31 Mar'17

  How IT can be more defensible

  A renowned Google engineer calls for the IT industry to build devices capable of being defended and for enterprises to take a balance sheet approach in managing risks

• March 29, 2017 29 Mar'17

  Non-malware attacks pose bigger threat than malicious software

  Malware-free cyber attacks are on the rise and artificial intelligence in cyber security is still far from replacing humans, according to most cyber security researchers

• March 28, 2017 28 Mar'17

  Threats grow in Saudi Arabia’s cyber sector

  Saudi Arabia's wealth makes it an attractive target for cyber criminals, but what have been the recent trends in cyber crime?

• March 20, 2017 20 Mar'17

  IBM cognitive assistant to help manage and secure devices

  IBM has announced a cognitive assistant powered by IBM Watson to help businesses manage and secure endpoints, including devices making up the internet of things

• March 15, 2017 15 Mar'17

  APAC topped the world in number of cyber attacks in 2016

  The prevalent use of pirated software is one of the possible reasons for the APAC region’s poor showing in Trend Micro’s annual study on the state of cyber security

• March 14, 2017 14 Mar'17

  CIO interview: Simon McCalla, Nominet

  Nominet, the registry for more than 10 million of the UK’s internet domains, is expanding into the internet of things and internet security services

• March 10, 2017 10 Mar'17

  Paying ransomware attackers perpetuates attacks, says researcher

  Continually evolving ransomware is among the threats organisations need to factor into their cyber defences in 2017, but only once they have taken care of the basics, says Kaspersky Lab researcher

• March 08, 2017 08 Mar'17

  WhatsApp, Signal, ProtonMail safe from CIA hacking tools

  Top secure messaging and email apps are said to be safe from CIA hacking tools, but organisations are urged to assess their own vulnerability if the tools were to fall into the hands of cyber criminals

• March 07, 2017 07 Mar'17

  Retail industry steps up the fight against rising cyber threats

  UK retail body BRC publishes the first of its kind step-by-step guide on how to manage cyber security threats

• March 06, 2017 06 Mar'17

  More than a million Gmail and Yahoo account credentials on sale

  Usernames, email addresses and plaintext passwords of more than a million Yahoo and Gmail accounts are reportedly on sale on the dark web, posing a threat to corporate security

• February 27, 2017 27 Feb'17

  Citizen Love: the story of an ordinary family's fight with the US government

  Finnish documentary makers Raimo Uunila and Lauri Danska tell the behind-the-scenes story of activist Lauri Love’s battle with the US government – and the impact of the case on his family

• February 24, 2017 24 Feb'17

  Banking malware, DDoS, ransomware and CEO fraud top UK cyber threats

  Businesses need to be aware of the value of their data, how that data is likely to be attacked, and how to defend against particular attacks, says leading UK cyber cop

• February 17, 2017 17 Feb'17

  RSAC17: Geopolitical changes driving encryption usage, survey shows

  More organisations are planning to deploy encryption in response to geopolitical changes, but confidence in organisations’ ability to secure and protect encryption is low, a survey shows

• February 15, 2017 15 Feb'17

  RSAC17: Infosec pros must help create business-driven security, says RSA CTO

  The inability to draw connections between security details and business metrics is one of the biggest challenges facing most companies, according to RSA CTO Zulfikar Ramzan

• February 13, 2017 13 Feb'17

  MobileIron: Corporate IT policy and mobile device security are mismatched

  MobileIron report identifies a gap between security policy and the actual deployment of that policy on mobile devices

• February 08, 2017 08 Feb'17

  How a Dublin court case could derail EU-US data privacy agreements

  The Irish Commercial Court will consider whether privacy protection offered by standard contractual clauses for data transfers to the US from Europe is legally valid

• January 31, 2017 31 Jan'17

  Data breach costs exceed 20% of revenue

  The cost of data breaches topped 20% of revenue in the past year as cyber attacks became more sophisticated and defenders struggled to keep pace, the latest Cisco security report shows

• January 23, 2017 23 Jan'17

  Lloyds Bank hit by massive DDoS attack

  It has emerged that UK banks have been targeted by a DDoS campaign that affected services intermittently only at the Lloyds Banking Group

• January 13, 2017 13 Jan'17

  Davos: Technology poses new risks to jobs, economies and society

  Politicians and business leaders will discuss the risks posed by technology to jobs, political stability and cyber security at the World Economic Forum in Davos

• January 12, 2017 12 Jan'17

  Flawed GoDaddy security certificates show need for control

  Vulnerabilities in digital security certificates highlight the need for organisations to be able to exercise more control over those certificates

• January 10, 2017 10 Jan'17

  Cyber security scare stories could sharpen focus at banks

  There are continual cyber attacks on banks, and although most are repelled, there is significant room for improvement

• December 21, 2016 21 Dec'16

  Top 10 IT security stories of 2016

  Here are Computer Weekly’s top 10 IT security stories of 2016:

• December 15, 2016 15 Dec'16

  Typo allowed Russian hackers to access US Democratic Party emails

  Typographical mistake in an email warning of a phishing attack on the US Democrats led to thousands of private emails being accessed and published by Russian-backed hackers

• December 08, 2016 08 Dec'16

  PowerShell security threats greater than ever, researchers warn

  Administrators should upgrade to the latest version of Microsoft PowerShell and enable extended logging and monitoring capabilities in the light of a surge in related security threats, warn researchers

• December 08, 2016 08 Dec'16

  More than 2,000 TalkTalk routers hijacked by Mirai botnet variant

  Security researchers are urging ISPs to issue emergency patches for Marai botnet infections after 2,374 TalkTalk routers were linked in a regional botnet

• December 06, 2016 06 Dec'16

  UK falls below global cyber security confidence

  Global confidence in ability to accurately assess cyber risk has fallen in the past year, but the UK has fallen below the global average

• December 05, 2016 05 Dec'16

  Top 10 ANZ enterprise IT stories of 2016

  Here is a rundown of Computer Weekly’s most popular ANZ enterprise IT articles for 2016

• November 28, 2016 28 Nov'16

  IBM blamed for Australian census website crash

  Computer giant reportedly pays $30m to Australian government as reports are released from two inquiries into DDoS attacks on census website

• November 25, 2016 25 Nov'16

  One in four Wi-Fi hotspots vulnerable to attack, study finds

  At least one in four Wi-Fi hotspots are open to attack, a study by Kaspersky Lab reveals

• November 22, 2016 22 Nov'16

  Alleged hacker Lauri Love’s ‘life will be destroyed’ under Trump regime

  Supporters fear for activist Lauri Love if his extradition to face hacking charges to the US goes ahead

• November 18, 2016 18 Nov'16

  Three breach highlights several security issues, says (ISC)2

  Customer data breaches continue to demonstrate that companies are still not treating cyber risk like every other business risk, says Adrian Davis of (ISC)2

• November 15, 2016 15 Nov'16

  Online identity needs to be fixed, says Microsoft’s Kim Cameron

  Software giant’s identity architect calls on enterprises to professionalise the way they relate to customers to help replace online identity infrastructure that is not fit for purpose

• November 15, 2016 15 Nov'16

  Amber Rudd orders Lauri Love extradition to US to face hacking charges

  Engineering student Lauri Love faces trials in three US states and a possible 99-year jail sentence for allegedly hacking into US government computer systems as part of a political protest, despite concerns over his health

• November 02, 2016 02 Nov'16

  Pure-play cyber security has real value, says incoming McAfee head

  Intel Security has outlined its strategy to protect the new digital economy as it gears up for innovation as a new independent pure-play security firm under the McAfee banner

• November 01, 2016 01 Nov'16

  UK government re-announces £1.9bn cyber security spend

  Five-year spending increase - announced by Chancellor Philip Hammond 12 months after George Osborne did so - will support new UK cyber security strategy

• October 27, 2016 27 Oct'16

  Information security set for steep trajectory, says (ISC)2

  By helping to create a thriving, diverse and open information security community, (ISC)2 hopes to ensure a steep rise for the profession

• October 27, 2016 27 Oct'16

  Schneider Electric praised for positive response to ICS security flaw

  Schneider Electric has patched a security flaw that highlights the vulnerability of industrial control systems to cyber attack

• October 20, 2016 20 Oct'16

  Lessons to be learned from attempted $1bn bank heist

  Analysis of an attack aimed at stealing $1bn reveals important lessons for cyber defenders, says BAE Systems head of threat intelligence Adrian Nish