News

IT security

• May 15, 2017 15 May'17

  Attackers have no need of zero-days, breach data shows

  Cyber attackers do not have to use previously unseen or extremely sophisticated attacks to bypass defences, analysis of publicly reported breaches in the past year reveals

• May 15, 2017 15 May'17

  NHS cyber attack shows need for resilient infrastructure and security education

  Ramsomware attack highlights system-wide issues around lack of infrastructure investment and the need for cyber security training and awareness among NHS staff

• May 15, 2017 15 May'17

  Businesses urged to apply Windows patch to avert WannaCry attacks

  Security advisers are urging organisations to patch their Windows systems to avert a possible second wave of an unprecedented, indiscriminate ransomware attack

• May 14, 2017 14 May'17

  Penetration testing essential for success in security arms race

  Demand for security testing, which should be conducted from the onset rather than as an afterthought, is growing in Australia

• May 12, 2017 12 May'17

  NHS hospitals hit in global ransomware attack

  Hospitals across England are reporting problems with IT systems that are affecting healthcare treatment, caused by what could be a global ransomware campaign enabled by a leaked NSA exploit

• May 12, 2017 12 May'17

  Five cyber security imperatives for all companies

  There are five things all companies should ensure they are doing in terms of cyber security

• May 12, 2017 12 May'17

  ICO reports record number of data breaches and fines

  The UK privacy watchdog reports that it has dealt with more data breach reports and issued more fines in the past year than ever before

• May 12, 2017 12 May'17

  Mixed reaction to Trump’s cyber security executive order

  The latest US presidential executive order on cyber security has been met mainly with praise, but critics say there is nothing really new and takes no decisive action

• May 12, 2017 12 May'17

  Why smart cities need to become smarter about technology

  Cities are experimenting with smarter ways to use technologies to improve the life of citizens, but their projects are fragmented. Is there a better approach?

• May 12, 2017 12 May'17

  Singapore universities hit by advanced persistent threat attacks

  The attacks on NUS and NTU networks appear to be the work of APT actors and not casual hackers

• May 11, 2017 11 May'17

  Australian government bolsters IT security in budget boost

  The country’s Digital Transformation Agency has been given a shot in the arm to guard public sector IT systems against cyber attacks

• May 11, 2017 11 May'17

  Allianz researchers working with car makers on cyber security

  Allianz Germany is working with the local car manufacturing industry to highlight the vulnerabilities in the electronics systems of vehicles that can be exploited by criminals

• May 10, 2017 10 May'17

  Automation can turn tables on cyber attackers

  Security defenders should use automation to turn the tables on attackers, according to the CTO of the US Department of Homeland Security

• May 10, 2017 10 May'17

  Blockchain economy on the horizon

  Blockchain technologies will enable many new and disruptive business models than the internet itself, an expert predicts

• May 10, 2017 10 May'17

  Edward Snowden: Closed public cloud platforms risk "disempowering" enterprises

  NSA whistleblower tells OpenStack Summit, via video link, that investing in closed public cloud platforms can lead to users parting with more than just their money

• May 09, 2017 09 May'17

  Cognitive security is the future, says Martin Kuppinger

  Modern computing capabilities combined with cognitive technology has huge potential for tackling unknown attack patterns and addressing the security skills shortage, says Martin Kuppinger

• May 08, 2017 08 May'17

  There are Dutch lessons in breach notification as GDPR approaches

  The Netherlands is a pioneer when it comes to legislating around data protection, so GDPR might not be as much of a shock as in other countries.

• May 07, 2017 07 May'17

  Barclays launches £10m UK digital safety campaign

  Barclays is to lead a £10m campaign against digital fraud as research reveals London, Bristol and Birmingham are scam hotspots, with young adults most at risk

• May 05, 2017 05 May'17

  Debenhams data breach underlines need for supply chain security

  Data breach at retailer again highlights the importance of data protection and ensuring cyber security standards across an organisation’s entire supply chain, say security commentators

• May 05, 2017 05 May'17

  Ex-government privacy advisor calls for 'fundamental review' of Gov.uk Verify identity scheme

  Former Cabinet Office privacy group co-chair says the Verify identity assurance programme needs 'honest and fundamental reset'

• May 05, 2017 05 May'17

  Lib Dems decry surveillance plans exposed in leaked documents

  After the election, the UK government plans to introduce extreme mass surveillance capabilities, according to documents leaked to the Open Rights Group

• May 04, 2017 04 May'17

  Testing is key to IoT security, says researcher

  Building an effective testing process across all elements associated with a product is key to securing the internet of things, according to a researcher in the field

• May 04, 2017 04 May'17

  Phishing gets personal with fake Google Docs app

  A phishing scam targeting users of Google Docs demonstrates that attacks on personal accounts to steal credentials and other personal data are likely to increase to get around corporate security controls

• May 03, 2017 03 May'17

  Cognitive security is key to cyber arms race, says KuppingerCole

  Cognitive computing technology is an area of artificial intelligence that is expected to help provide businesses with the security tools they need to deal with new and emerging cyber threats

• May 03, 2017 03 May'17

  UK business exposed to email-borne cyber risks, survey shows

  Major UK businesses are leaving themselves vulnerable to the most common form of cyber attack, a survey reveals

• May 03, 2017 03 May'17

  Government privacy advisor quits and slams Cabinet Office for lack of support

  Co-chair of Privacy and Consumer Advisory Group resigns and criticises officials for ignoring its advice and attempting to smuggle “inadequate proposals past ministers”

• May 02, 2017 02 May'17

  UBS applies data protection for compliance and competitive advantage

  Swiss bank UBS aims to get greater value out of investments in sensitive data protection systems by using its security capabilities as a differentiator

• May 02, 2017 02 May'17

  ‘Internet terrorist’ Samata Ullah jailed for eight years

  Samata Ullah, an unemployed resident of Cardiff, has been sentenced after pleading guilty to five terrorism offences

• May 02, 2017 02 May'17

  DDoS a top security and business issue, study shows

  DNS should be at the core of information security strategies as DDoS attacks increasingly form part of wider cyber attacks and continue to ramp up to unprecedented levels, warns Neustar

• May 02, 2017 02 May'17

  Intel urges business to patch critical remote-execution flaw

  Intel advises business customers to apply a security update for some versions of its administration firmware for vPro processors to fix a remote execution flaw

• April 29, 2017 29 Apr'17

  IS supporter Samata Ullah branded a “new and dangerous breed of terrorist"

  Samata Ullah, a 34-year-old man from Cardiff who posted encryption training videos on a radical Islamic blog, is a dangerous “cyber terrorist”, a court heard on 28 April 2017

• April 28, 2017 28 Apr'17

  Many companies lack GDPR plan, PwC data shows

  Many organisations around the world do not have a coherent plan to prepare for compliance with the EU’s new data protection laws

• April 28, 2017 28 Apr'17

  Facebook pledges to counteract government propaganda

  Facebook has pledged to take action to stop governments exploiting its platform to influence opinion in other countries

• April 28, 2017 28 Apr'17

  Intel reports record first-quarter revenue

  Company says growing demand for high-performance computing is driving growth for the business

• April 28, 2017 28 Apr'17

  Education key to reducing systems attacks, says university security manager

  Central Lancashire University’s IT networks and security manager says educating users is key to avoiding cyber security flaws

• April 27, 2017 27 Apr'17

  Forge ahead with GDPR, says ICO

  UK organisations cannot afford to lose the public’s trust in their ability to safeguard personal data and should be working to ensure they have that capability, says the Information Commissioner’s Office

• April 27, 2017 27 Apr'17

  Cyber espionage up, but basic defences still down, DBIR shows

  Organisations are still failing to address basic security issues and well-known attack methods, Verizon’s latest Data Breach Investigations Report reveals for a second year in a row

• April 26, 2017 26 Apr'17

  Aussie developer Wangle makes foray into VPN market

  Wangle’s proprietary virtual private network application optimises encrypted traffic and complies with Australia’s new mandatory data retention law

• April 26, 2017 26 Apr'17

  McAfee links Saudi Shamoon attacks

  McAfee has published data showing the evolution of Shamoon malware campaigns as the company announces increased commitment to cyber threat research

• April 26, 2017 26 Apr'17

  Russian cyber espionage highlights need to improve email security

  Security experts are advising political parties and businesses to pay more attention to email security after the latest revelations about a Russian cyber espionage group

• April 26, 2017 26 Apr'17

  Over half of Singapore organisations not prepared for GDPR

  A Veritas study has found that 56% of organisations in the city-state fear they will be unable to comply with the EU’s upcoming data protection regulation

• April 26, 2017 26 Apr'17

  Danish defence minister accuses Russia of cyber espionage

  Government officials in Denmark believe they have been under attack from Russia-based hackers

• April 26, 2017 26 Apr'17

  Cyber attackers are more ambitious than ever, Symantec warns

  Cyber attackers displayed new levels of ambition in 2016, according to the latest threat report from security firm Symantec

• April 25, 2017 25 Apr'17

  IT salaries in Singapore to grow by 3.2% in 2017

  Cyber security and big data experts will be in high demand as Singapore ramps up efforts to build strong digital capabilities

• April 25, 2017 25 Apr'17

  Interpol uncovers nearly 9,000 C2 servers in ASEAN

  Command and control servers were used to launch denial of service attacks and distribute malware and spam emails across the region

• April 24, 2017 24 Apr'17

  One in eight people have suffered a healthcare data breach

  A quarter of victims had their NI number compromised and 18% saw their biometric identifiers compromised, but most people trust healthcare providers with their data

• April 24, 2017 24 Apr'17

  Research highlights cloud security complacency in organisations that ditch on-premise tech

  Enterprise attitudes to cloud security are laid bare in the latest research report from Bitglass, and suggest more could be done to secure corporate data stored off-premise

• April 24, 2017 24 Apr'17

  Cyber security centre of excellence to open at Cardiff University

  Cardiff University and Airbus have launched the first centre of its kind in Europe to tackle cyber attacks on critical infrastructure

• April 24, 2017 24 Apr'17

  Collaboration is key to fighting cyber crime, say UK police

  Cyber crime will be defeated only through collaboration, according to UK police, the Global Cyber Alliance, Cyber Defence Alliance and Verizon

• April 24, 2017 24 Apr'17

  CISOs in Singapore and Australia not keeping pace with data breaches

  Only 20% of security chiefs in the two countries say their organisations can prevent data breaches, according to a ServiceNow survey

• April 21, 2017 21 Apr'17

  Information security key to digital era business models

  Security will become increasingly important as industries seek to collaborate and use each other’s capabilities to enable new business models, with the banking sector leading the way

• April 21, 2017 21 Apr'17

  UK likely to face national cyber emergency, says NCSC

  The UK is likely to face a level-1 cyber attack at some point in the future, according to the National Cyber Security Centre (NCSC)

• April 20, 2017 20 Apr'17

  Mastercard integrates biometric technology into cards

  MasterCard tests out biometric technology embedded into payment cards, with further trials in Europe planned

• April 20, 2017 20 Apr'17

  Banks suffer average of 85 attempted serious cyber attacks a year, and one-third are successful

  Banks face daily cyber attacks, many of which succeed in stealing data, research finds

• April 20, 2017 20 Apr'17

  People present the biggest challenge, say infosec professionals

  More than 80% of security professionals identify people as the industry’s biggest challenge, but companies are becoming better prepared to deal with cyber breaches, a survey reveals

• April 20, 2017 20 Apr'17

  InterContinental Hotel Group reveals extent of malware attack

  Hotel group InterContinental (IHG) reveals that malware attempting to glean payment card details sat undetected on its network in the US for three months

• April 20, 2017 20 Apr'17

  Human interaction still key to cyber attacks, study reveals

  An analysis of threats faced by organisations in the first quarter of 2017 reveals that cyber attackers still rely heavily on user interaction

• April 19, 2017 19 Apr'17

  Conflicting advice blurs cyber safety

  Companies are being overloaded with information about cyber threats and complain of a lack of relevant advice

• April 19, 2017 19 Apr'17

  Skype most popular communication channel for cyber criminals

  The cyber criminal network is truly global and collaborative, making use of popular messaging services, a study has revealed

• April 19, 2017 19 Apr'17

  Majority of open source has security flaws

  Software audit highlights major security weaknesses across all open source software

• April 18, 2017 18 Apr'17

  Microsoft underlines importance of keeping software updated

  Microsoft has underlined the importance of keeping software up to date by confirming that no supported versions of its software are vulnerable to leaked NSA hacking tools

• April 18, 2017 18 Apr'17

  Lloyds Bank tests biometric authentication from Microsoft

  Banking group is trying out enterprise-grade biometric authentication for its online customers

• April 18, 2017 18 Apr'17

  UK businesses need to up cyber security with one in five hit by attacks

  Big UK businesses are targeted by cyber attacks more heavily, but all need to improve cyber security with one in five UK firms falling victim in the past 12 months, a survey reveals

• April 16, 2017 16 Apr'17

  CenturyLink eyes APAC managed security market

  Managed services supplier CenturyLink will be investing in infrastructure and headcount to support the growing demand for managed security services in APAC

• April 13, 2017 13 Apr'17

  Enterprise adoption of encryption accelerating, study shows

  Cloud adoption and escalating threats are accelerating adoption of encryption, a study has revealed

• April 13, 2017 13 Apr'17

  Interview: Chris Young, chief executive of McAfee

  McAfee’s chief shares his views on Brexit, GDPR, encryption and his company’s new independence in an exclusive UK interview with Computer Weekly

• April 13, 2017 13 Apr'17

  Six key security weaknesses in industrial systems

  Organisations should mitigate six key vulnerabilities in industrial control systems to reduce the risk of cyber attack, warns security firm FireEye

• April 12, 2017 12 Apr'17

  Data breaches strip tens of millions off UK firms’ market value, study shows

  Security experts say the fact that data breaches at FTSE 100 firms cost on average £120m in market value should be a wake-up call for boards to ensure they have an adequate cyber security strategy

• April 12, 2017 12 Apr'17

  New-format Patch Tuesday reveals Office and Hyper-V flaws

  Microsoft has changed the way it alerts Windows admins and has issued critical patches for Office and Hyper-V

• April 12, 2017 12 Apr'17

  Foreign cyber attackers may have targeted EU referendum

  Cyber attacks may have targeted the EU referendum website in an attempt to influence the outcome, MPs have warned

• April 11, 2017 11 Apr'17

  Security as a service on the rise in the UAE

  Organisations in the United Arab Emirates are increasingly turning to security services

• April 11, 2017 11 Apr'17

  Middle East’s Uber-like service adopts facial recognition technology

  Ride-hailing service is using facial recognition technology to reassure customers that drivers are authorised

• April 11, 2017 11 Apr'17

  Europol and Brazil agree co-operation on cyber crime

  Brazil, which has a significant and growing cyber crime problem both as the target of international attacks and the source of regional attacks, is set to work more closely with Europol to fight cross-border crime

• April 11, 2017 11 Apr'17

  Kelihos botnet downed after arrest of alleged kingpin

  The US has led the takedown of the international botnet Kelihos after the arrest in Spain of the Russian believed to have operated the botnet since 2010

• April 10, 2017 10 Apr'17

  IAM a core building block for GDPR compliance

  Identity and access management is key to enabling organisations to become compliant with the GDPR, increase security and improve customer relationships, according to a senior analyst at KuppingerCole

• April 10, 2017 10 Apr'17

  Dallas city alarm hack raises fears over vital system security

  Hackers have accessed the emergency alert system in Dallas in the largest breach of its kind, raising fears about the cyber security of critical infrastructure

• April 10, 2017 10 Apr'17

  Outsourcing service left Scottrade Bank customer data exposed

  Mistake by outsourcing service provider left the details of 20,000 Scottrade Bank customers vulnerable to theft

• April 10, 2017 10 Apr'17

  Wonga warns 245,000 UK customers of cyber breach

  Loan firm urges customers to be vigilant after data breach that may have exposed personal details, including some financial information

• April 09, 2017 09 Apr'17

  Shadow IT lurking in Southeast Asia

  Singapore and Malaysia have the highest proportion of employees who use unapproved personal devices at work, according to a VMware survey

• April 07, 2017 07 Apr'17

  How an MSSP scaled up its security analysts' capacity

  Irish-managed security services provider Smarttech has increased its speed and capacity to analyse cyber attacks using IBM’s fledgling cognitive computing technology

• April 07, 2017 07 Apr'17

  MEPs call for European Commission to reassess Privacy Shield

  European parliamentarians have called for an immediate review of the Privacy Shield EU-US data transfer framework due to concerns about privacy protections being undermined in the US

• April 06, 2017 06 Apr'17

  Anti-trust complaints target Microsoft in the European Union

  Microsoft comes under pressure as software suppliers raise market abuse complaints with the European Commission over bundling of Defender security software with Windows

• April 06, 2017 06 Apr'17

  McAfee report reveals five challenges to cyber threat intelligence

  McAfee Labs’ latest report details the challenges facing threat intelligence sharing efforts and reveals growing trends in malware, ransomware, mobile malware and other threats

• April 06, 2017 06 Apr'17

  Interview: F-Secure’s Mikko Hyppönen on the Nordics, Russia and the internet of insecure things

  Computer Weekly sat down with Finnish cyber security expert Mikko Hyppönen to talk about security in the Nordics, Russia and the trouble with connected devices

• April 05, 2017 05 Apr'17

  NHS Digital plans September go-live for citizen identity service

  Health and social care patients will have a single online identity verification log-in to use across health and care by autumn 2017

• April 05, 2017 05 Apr'17

  Tablet loan service helps Emirates get round US device ban

  Emirates is attempting to mitigate the impact of the laptop and tablet ban on flights travelling to the US by offering tablet loans to business and first class passengers

• April 05, 2017 05 Apr'17

  No More Ransom expands capacity

  More organisations have joined an anti-ransomware cross-industry initiative, boosting its capacity to help victims of ransomware as attackers begin to focus on business targets

• April 05, 2017 05 Apr'17

  Nearly a quarter of security pros are blind to encrypted threats

  A sizeable proportion of security professionals do not know how their organisation is addressing cyber threats hiding in encryption

• April 04, 2017 04 Apr'17

  Chinese hacking group targeted firms through IT MSPs

  Security researchers have uncovered a China-based cyber espionage campaign that targeted IT services firms and their customers, underlining the need for supply chain security

• April 04, 2017 04 Apr'17

  Trump signs bill to repeal Obama-era internet privacy protections

  US president Donald Trump approves the repeal of planned privacy protections, opening the way for ISPs to sell customer browsing data

• April 04, 2017 04 Apr'17

  McAfee re-established as independent cyber security firm

  Intel has spun out its security division as independent firm McAfee, which says it is dedicated to enabling technology, people and organisations to work together

• April 03, 2017 03 Apr'17

  Australian banks’ move to boycott Apple Pay denied

  Australia’s competition watchdog is concerned that the proposed conduct is likely to reduce or distort competition

• April 03, 2017 03 Apr'17

  UK nuclear stations on terror alert for cyber attacks

  The cyber security industry has been urged to co-operate with government to protect UK critical national infrastructure from cyber attacks.

• April 03, 2017 03 Apr'17

  WikiLeaks publishes code that could expose CIA hacking operations

  The latest files published by WikiLeaks reveal techniques used by the CIA to hide its hacking tools, potentially making it possible to identify the agency’s hacking operations

• March 31, 2017 31 Mar'17

  UK leading in using red team cyber security testing

  Red teaming is set to become a key approach to ensuring cyber security controls and processes are fit for purpose and compliant with regulations, and the UK is leading the way

• March 31, 2017 31 Mar'17

  Rudd backs down on end-to-end encryption

  Lib Dems welcome government’s apparent U-turn on seeking to restrict end-to-end encryption for popular messaging apps and online communication services

• March 31, 2017 31 Mar'17

  How IT can be more defensible

  A renowned Google engineer calls for the IT industry to build devices capable of being defended and for enterprises to take a balance sheet approach in managing risks

• March 30, 2017 30 Mar'17

  First cyber security startups graduate from GCHQ accelerator

  The first group of companies has completed a government-led cyber accelerator programme aimed at helping UK startups take the lead in producing the next generation of cyber security systems, with another round to be announced in 2017

• March 30, 2017 30 Mar'17

  More than a quarter of SME staff lack cyber threat training

  Data from cyber insurance provider CFC Underwriting shows that 38% of its claims in 2016 could have been avoided through better staff education and training on cyber risks

• March 30, 2017 30 Mar'17

  Nearly a third of malware attacks are zero-day exploits

  Companies could be missing up to third of malware that is targeting them, according to a report by WatchGuard