News

IT risk management

March 06, 2017 06 Mar'17
More than a million Gmail and Yahoo account credentials on sale

Usernames, email addresses and plaintext passwords of more than a million Yahoo and Gmail accounts are reportedly on sale on the dark web, posing a threat to corporate security
February 27, 2017 27 Feb'17
Citizen Love: the story of an ordinary family's fight with the US government

Finnish documentary makers Raimo Uunila and Lauri Danska tell the behind-the-scenes story of activist Lauri Love’s battle with the US government – and the impact of the case on his family
February 24, 2017 24 Feb'17
Banking malware, DDoS, ransomware and CEO fraud top UK cyber threats

Businesses need to be aware of the value of their data, how that data is likely to be attacked, and how to defend against particular attacks, says leading UK cyber cop
February 17, 2017 17 Feb'17
RSAC17: Geopolitical changes driving encryption usage, survey shows

More organisations are planning to deploy encryption in response to geopolitical changes, but confidence in organisations’ ability to secure and protect encryption is low, a survey shows

February 15, 2017 15 Feb'17
RSAC17: Infosec pros must help create business-driven security, says RSA CTO

The inability to draw connections between security details and business metrics is one of the biggest challenges facing most companies, according to RSA CTO Zulfikar Ramzan
February 13, 2017 13 Feb'17
MobileIron: Corporate IT policy and mobile device security are mismatched

MobileIron report identifies a gap between security policy and the actual deployment of that policy on mobile devices
February 08, 2017 08 Feb'17
How a Dublin court case could derail EU-US data privacy agreements

The Irish Commercial Court will consider whether privacy protection offered by standard contractual clauses for data transfers to the US from Europe is legally valid
January 31, 2017 31 Jan'17
Data breach costs exceed 20% of revenue

The cost of data breaches topped 20% of revenue in the past year as cyber attacks became more sophisticated and defenders struggled to keep pace, the latest Cisco security report shows
January 23, 2017 23 Jan'17
Lloyds Bank hit by massive DDoS attack

It has emerged that UK banks have been targeted by a DDoS campaign that affected services intermittently only at the Lloyds Banking Group
January 13, 2017 13 Jan'17
Davos: Technology poses new risks to jobs, economies and society

Politicians and business leaders will discuss the risks posed by technology to jobs, political stability and cyber security at the World Economic Forum in Davos

January 12, 2017 12 Jan'17
Flawed GoDaddy security certificates show need for control

Vulnerabilities in digital security certificates highlight the need for organisations to be able to exercise more control over those certificates
January 10, 2017 10 Jan'17
Cyber security scare stories could sharpen focus at banks

There are continual cyber attacks on banks, and although most are repelled, there is significant room for improvement
December 21, 2016 21 Dec'16
Top 10 IT security stories of 2016

Here are Computer Weekly’s top 10 IT security stories of 2016:
December 15, 2016 15 Dec'16
Typo allowed Russian hackers to access US Democratic Party emails

Typographical mistake in an email warning of a phishing attack on the US Democrats led to thousands of private emails being accessed and published by Russian-backed hackers
December 08, 2016 08 Dec'16
PowerShell security threats greater than ever, researchers warn

Administrators should upgrade to the latest version of Microsoft PowerShell and enable extended logging and monitoring capabilities in the light of a surge in related security threats, warn researchers
December 08, 2016 08 Dec'16
More than 2,000 TalkTalk routers hijacked by Mirai botnet variant

Security researchers are urging ISPs to issue emergency patches for Marai botnet infections after 2,374 TalkTalk routers were linked in a regional botnet
December 06, 2016 06 Dec'16
UK falls below global cyber security confidence

Global confidence in ability to accurately assess cyber risk has fallen in the past year, but the UK has fallen below the global average
December 05, 2016 05 Dec'16
Top 10 ANZ enterprise IT stories of 2016

Here is a rundown of Computer Weekly’s most popular ANZ enterprise IT articles for 2016
November 28, 2016 28 Nov'16
IBM blamed for Australian census website crash

Computer giant reportedly pays $30m to Australian government as reports are released from two inquiries into DDoS attacks on census website
November 25, 2016 25 Nov'16
One in four Wi-Fi hotspots vulnerable to attack, study finds

At least one in four Wi-Fi hotspots are open to attack, a study by Kaspersky Lab reveals
November 22, 2016 22 Nov'16
Alleged hacker Lauri Love’s ‘life will be destroyed’ under Trump regime

Supporters fear for activist Lauri Love if his extradition to face hacking charges to the US goes ahead
November 18, 2016 18 Nov'16
Three breach highlights several security issues, says (ISC)2

Customer data breaches continue to demonstrate that companies are still not treating cyber risk like every other business risk, says Adrian Davis of (ISC)2
November 15, 2016 15 Nov'16
Online identity needs to be fixed, says Microsoft’s Kim Cameron

Software giant’s identity architect calls on enterprises to professionalise the way they relate to customers to help replace online identity infrastructure that is not fit for purpose
November 15, 2016 15 Nov'16
Amber Rudd orders Lauri Love extradition to US to face hacking charges

Engineering student Lauri Love faces trials in three US states and a possible 99-year jail sentence for allegedly hacking into US government computer systems as part of a political protest, despite concerns over his health
November 02, 2016 02 Nov'16
Pure-play cyber security has real value, says incoming McAfee head

Intel Security has outlined its strategy to protect the new digital economy as it gears up for innovation as a new independent pure-play security firm under the McAfee banner
November 01, 2016 01 Nov'16
UK government re-announces £1.9bn cyber security spend

Five-year spending increase - announced by Chancellor Philip Hammond 12 months after George Osborne did so - will support new UK cyber security strategy
October 27, 2016 27 Oct'16
Information security set for steep trajectory, says (ISC)2

By helping to create a thriving, diverse and open information security community, (ISC)2 hopes to ensure a steep rise for the profession
October 27, 2016 27 Oct'16
Schneider Electric praised for positive response to ICS security flaw

Schneider Electric has patched a security flaw that highlights the vulnerability of industrial control systems to cyber attack
October 20, 2016 20 Oct'16
Lessons to be learned from attempted $1bn bank heist

Analysis of an attack aimed at stealing $1bn reveals important lessons for cyber defenders, says BAE Systems head of threat intelligence Adrian Nish
October 19, 2016 19 Oct'16
Snowden: the IT analyst turned whistleblower who exposed mass surveillance

Oliver Stone's biopic on Edward Snowden reaches the heart of the ethical crisis posed by mass surveillance for the state and ordinary citizens
October 18, 2016 18 Oct'16
Saving Lauri Love: activists plan their next move

An eclectic bunch of activists, charity workers and reformed hackers spent a rainy Sunday afternoon plotting their next move in a campaign to save Lauri Love from extradition to the US on hacking charges
October 18, 2016 18 Oct'16
Most businesses vulnerable to cyber attacks through firmware, study shows

Company culture and overall attitude to security is a major contribution to vulnerability to cyber attack through firmware, a study by Isaca has revealed
October 13, 2016 13 Oct'16
Almost two-thirds of US office workers unaware of ransomware threat

Nearly half of ransomware attacks are aimed at office workers, but almost two-thirds of those polled in the US are unaware of the threat
October 10, 2016 10 Oct'16
Smartwatches banned from UK Cabinet as EC plans IoT security standards

The EC is planning a security certification scheme for internet of things devices as the UK Cabinet bans smartwatches amid heightened fears of cyber espionage
October 04, 2016 04 Oct'16
DDoS attacks consistent, relentless and costly, report shows

The latest global DDoS report from Neustar underlines the importance of investing in appropriate defences as the high volume of attacks looks set to increase
September 29, 2016 29 Sep'16
NGOs challenge UK and US mass surveillance in human rights court

Privacy International, Liberty and the American Civil Liberties Union are among 10 human rights groups backing a landmark challenge to mass surveillance in the European Court of Human Rights
September 22, 2016 22 Sep'16
Cyber attack aimed at destruction, says TV5Monde

TV5Monde counting the cost of not being adequately prepared for a cyber attacked that downed the network in 2015
September 20, 2016 20 Sep'16
Business warned not to be complacent about cyber security

Lloyds of London survey reveals just how badly some European firms are failing in terms of cyber security and low levels of awareness about the role of cyber insurance
September 19, 2016 19 Sep'16
Consumers trust banks more than government for biometric security

UK citizens think banks are the best organisations to provide biometric authentication for payments
September 16, 2016 16 Sep'16
Alleged hacker Lauri Love can be extradited to the US, court rules

Westminster Magistrates’ Court has ruled that alleged hacker, Lauri Love, can be extradited to the US, where he could face a 99-year prison sentence
September 07, 2016 07 Sep'16
Basic security could have prevented OPM breach, says report

Basic security controls and malware-detection tools could have prevented the breach of more than 21 million records at the US Office of Personnel Management in 2015, claims a congressional report
September 06, 2016 06 Sep'16
Use ransomware to get security buy-in, says Trend Micro CTO

Ransomware is one of the top cyber threats to business, but organisations should use that to engage stakeholders and review processes and defences, says Trend Micro CTO Raimund Genes
September 01, 2016 01 Sep'16
Lessons from the Dropbox breach

Dropbox is the latest major company to confirm a data breach, albeit four years old, but – as with all recent data breaches by cloud-based services – it highlights some key security lessons
August 31, 2016 31 Aug'16
Evidence of DNS tunnelling in two-fifths of business networks

Cyber criminals are capitalising on the failure of many businesses to examine their DNS traffic for malware insertion and data exfiltration, according to Infoblox
August 30, 2016 30 Aug'16
Encryption hiding malware in half of cyber attacks

Cyber attackers are using encryption to hide malicious activity, making it increasingly difficult to find as more organisations turn to encryption to protect data, a study has revealed
August 26, 2016 26 Aug'16
Law firms planning litigation market for GDPR

Businesses should be preparing for the storm of litigation that is likely to be unleashed when the GDPR goes into force, warns Stewart Room of PwC Legal
August 19, 2016 19 Aug'16
Expect ransomware arrests soon, says bitcoin tracking firm Chainalysis

Law enforcement organisations are set to ramp up arrests of cyber criminals behind ransomware attacks, according to financial technology startup Chainalysis
August 19, 2016 19 Aug'16
Police arrest woman in connection with Sage data breach

A woman has been arrested on suspicion of fraud in connection with a data breach at accounting software firm Sage
August 16, 2016 16 Aug'16
Cerber ransomware service reaps $195,000 profit in a month

Franchises such as Cerber are making highly profitable ransomware available to a broader range of cyber criminals, according to a report by security firm Check Point
August 15, 2016 15 Aug'16
Financial sector faces era of cyber mega heists

Banks and other financial institutions are threatened by a new breed of elite cyber criminals running professional operations that will use any means to achieve their goals, says Barclays security chief