News
Network security management
-
January 19, 2021
19
Jan'21
Legacy security architectures threaten to disrupt remote working
Annual survey of IT leaders finds network security is of prime concern as most companies continue with work-from-home policies
-
January 19, 2021
19
Jan'21
MAS offers guidance on mitigating supply chain threats
Monetary Authority of Singapore revises its technology risk management guidelines to help the financial sector guard against supply chain attacks
-
January 15, 2021
15
Jan'21
US cyber security agencies get $9bn in Biden plan
New funding proposals come as US government reels from the impact of the December 2020 SolarWinds attack
-
January 14, 2021
14
Jan'21
Old, on-premise systems targeted in Hackney ransomware attack
Council reveals some more insight into how the Pysa ransomware gang infiltrated its systems by exploiting legacy technology
-
January 14, 2021
14
Jan'21
Unforeseen consequences of new technologies put UK at risk
Lords committee told that the risks associated with various emerging digital technologies must be assessed together, with input from UK citizens, if the government is to avoid ‘siloisation’ of fundamentally interconnected problems
-
January 14, 2021
14
Jan'21
APAC firms grapple with cyber security amid pandemic
Some aspects of cyber security have taken a backseat as companies across the Asia-Pacific region rush to shore up their infrastructure to cope with the demands of remote work
-
January 12, 2021
12
Jan'21
Palo Alto Networks opens Australia cloud location
The cyber security company’s Australia cloud location will address data localisation requirements amid growing adoption of cloud-based security services
-
January 12, 2021
12
Jan'21
Mimecast latest security firm to be compromised
Users of a specific Mimecast certificate used to authenticate services to Microsoft Office 365 may be at risk of compromise in an attack that may relate to the ongoing SolarWinds incident
-
January 11, 2021
11
Jan'21
New SolarWinds CEO sets out rescue plan
Customers can expect to see more regular and thorough checks on SolarWinds products, alongside greater engagement with the security community
-
January 11, 2021
11
Jan'21
Kaspersky claims link between Solorigate and Kazuar backdoors
Researchers say they have found specific code similarities between the Solorigate/Sunburst malware and the Kazuar backdoor, suggesting some relationship
-
January 06, 2021
06
Jan'21
SolarWinds attack almost certainly work of Russian spooks
Investigations into the far-reaching SolarWinds Solorigate attack did not let up during the holidays
-
December 31, 2020
31
Dec'20
Top 10 networking stories of 2020
Here are Computer Weekly’s top 10 networking stories of 2020
-
December 24, 2020
24
Dec'20
Top 10 cyber crime stories of 2020
Here are Computer Weekly’s top 10 cyber crime stories of 2020
-
December 23, 2020
23
Dec'20
Top 10 cyber security stories of 2020
Here are Computer Weekly’s 10 top cyber security stories of 2020
-
December 18, 2020
18
Dec'20
SolarWinds cyber attack is ‘grave risk’ to global security
More victims of the SolarWinds Orion Sunburst cyber attack are being identified as the massive scale of the Russia-linked cyber espionage campaign becomes more clear
-
December 17, 2020
17
Dec'20
NHS Scotland taps Check Point to secure Covid-19 data
NHS National Services Scotland is working with security firm Check Point to safeguard its sensitive data in the cloud and support its work on the coronavirus
-
December 17, 2020
17
Dec'20
FireEye and partners release SolarWinds kill-switch
A so-called kill-switch for the dangerous SolarWinds Sunburst attack should allay some user fears, but is not a full fix for the issue
-
December 11, 2020
11
Dec'20
The week in ransomware: Foxconn and Randstad are high-profile victims
Foxconn and Randstad are laid low by cyber criminals, while Sophos spills on Egregor, and prognosticators turn to their crystal balls to divine how ransomware will develop in the next 12 months
-
December 11, 2020
11
Dec'20
Disputed PostgreSQL bug exploited in cryptomining botnet
PGMiner cryptomining botnet remained unnoticed by exploiting a disputed CVE in PostgreSQL
-
December 11, 2020
11
Dec'20
Surge in Covid-19 vaccine phishing scams reported
Check Point and KnowBe4 share details of a growing number of phishing campaigns using the prospect of a Covid-19 vaccine as a lure
-
December 10, 2020
10
Dec'20
After critical year, Vodafone trains security sights on CNI market
Vodafone’s security head Steve Knibbs explains how he plans to bring the lessons of a transformative few years in cyber security to bear on new markets
-
December 10, 2020
10
Dec'20
Data on Pfizer/BioNTech Covid-19 vaccine stolen in cyber attack
The European Medicines Agency has launched a full investigation into an apparent security incident that has seen documents on the Pfizer/BioNTech Covid-19 vaccine stolen
-
December 09, 2020
09
Dec'20
Amnesia:33 IoT flaws dangerous and patches unlikely, say experts
The disclosure of multiple flaws by Forescout has raised big questions for the developers of connected products, and for their users
-
December 09, 2020
09
Dec'20
Patch Tuesday: Microsoft presents just 58 CVEs for Christmas
The final Patch Tuesday of 2020 contains 58 fixes, a minnow compared to some recent drops, but many are still of high importance
-
December 09, 2020
09
Dec'20
There’s no going back to pre-pandemic security approaches
The cyber security world will probably never return to its pre-pandemic state, and different approaches to security will come to the fore in 2021
-
December 08, 2020
08
Dec'20
Multiple D-Link routers found vulnerable to attack
Digital Defense discloses a remotely exploitable root command injection flaw in a number of D-Link wireless router devices
-
December 08, 2020
08
Dec'20
Russian state actors exploiting VMware bug to hijack data, users warned
Russian APT groups are actively exploiting a vulnerability in VMware products to access protected data, according to latest warnings
-
December 07, 2020
07
Dec'20
A trillion dollars lost to cyber crime every year
Data collated by McAfee and the Centre for Strategic and International Studies highlights the growing impact of cyber crime
-
December 04, 2020
04
Dec'20
Avast and Borsetta to support Intel’s AI security project
Security firm Avast and AI security specialist Borsetta have signed up to support an Intel-led artificial intelligence security research project
-
December 03, 2020
03
Dec'20
Covid-19 vaccine supply chain attacked by unknown nation state
An unknown nation state actor is attempting to disrupt the supply of coronavirus vaccines
-
December 02, 2020
02
Dec'20
Singapore government remains ‘juicy target’ for cyber attackers
The government is baking security into the design and implementation of its IT systems and looking to increase bug bounties to fend off cyber threats
-
December 01, 2020
01
Dec'20
DHL, Amazon and FedEx are most phished delivery services
DHL has emerged as the most imitated delivery brand in Europe, accounting for 77% of the total volume of phishing emails received in November 2020
-
December 01, 2020
01
Dec'20
22,000 malicious .uk domains suspended in past year
Nominet has suspended just over 22,000 domains in the 12 months to 31 October 2020, continuing a downward trend, and with less impact from Covid-19 than might be expected
-
November 25, 2020
25
Nov'20
Securing UK’s critical national infrastructure is a 2021 priority
Government outlines the UK’s strategic cyber security policies for the coming 12 months, with critical national infrastructure a clear priority
-
November 24, 2020
24
Nov'20
Belgian security researcher hacks Tesla with Raspberry Pi
Belgian security researcher Lennert Wouters once again succeeds in hacking a Tesla vehicle, this time by exploiting the Bluetooth Low Energy standard
-
November 23, 2020
23
Nov'20
Telcos could face huge fines under new security laws
Government boasts of unprecedented powers to boost the security standards of the UK’s critical national infrastructure
-
November 23, 2020
23
Nov'20
Manchester United praised for swift response to cyber attack
Manchester United’s systems were attacked last week, and the club has been praised for a swift and decisive response
-
November 18, 2020
18
Nov'20
2021 the year of commodity ransomware, says Sophos
Sophos researchers anticipate a trickle-down effect in the cyber criminal underground
-
November 17, 2020
17
Nov'20
Kaspersky shuts down data-processing activities in Russia
Cyber security provider’s data storage and processing activities for customers in Europe, the US and Canada, have now been fully relocated to Switzerland
-
November 17, 2020
17
Nov'20
Financial services data volumes heighten risk of insider breach
Financial services organisations hold so much data that it is becoming virtually impossible to safeguard properly against data breaches caused by malicious or careless employees
-
November 16, 2020
16
Nov'20
How Standard Chartered approaches cyber security
Bank uses security-by-design principles and conducts red-teaming exercises among other measures to fend off cyber breaches
-
November 16, 2020
16
Nov'20
Hackney systems could be unavailable for months, says council
A month after a highly disruptive cyber attack on its systems, Hackney Council is still struggling to get back up and running
-
November 12, 2020
12
Nov'20
Online kids’ game Animal Jam confirms large breach
Cyber criminals have stolen data on 46 million Animal Jam player accounts via a third-party attack
-
November 11, 2020
11
Nov'20
Security pros coped admirably with remote working transition
Despite facing tight timescales at the onset of the pandemic, security professionals have come through the transition to remote working remarkably well, according to a report
-
November 11, 2020
11
Nov'20
EU aid funds used to train ‘unaccountable intelligence agencies’ in high-tech surveillance
Hundreds of documents obtained by campaign group Privacy International show how the EU is supporting surveillance programmes in the Balkans, the Middle East and Africa
-
November 10, 2020
10
Nov'20
IT Priorities 2020: After Covid-19, security goes back to basics
This year’s transition to remote working highlighted big gaps in the fundamentals of security, as updated TechTarget/Computer Weekly data reveals
-
November 06, 2020
06
Nov'20
NHS warned over Ryuk spreading through Trickbot replacements
NHS Digital tells healthcare organisations to be mindful of a marked rise in usage of the Bazar and Buer loaders
-
November 05, 2020
05
Nov'20
Microsoft to support next generation of security startups
Tech giant lends its support to the NCSC Cyber Accelerator scheme, which is seeking its seventh cohort of startups
-
November 04, 2020
04
Nov'20
India and Japan report stronger concern over cyber threats
Security operations teams in the two Asian giants see the increased volume of cyber threats as their biggest challenge amid the Covid-19 pandemic
-
November 02, 2020
02
Nov'20
NHS weathers cyber crime storm during pandemic, says NCSC
The NCSC dealt with over 700 incidents in the 12 months to August 2020, with over 200 specifically related to Covid-19, and the NHS a critical area of focus
-
October 30, 2020
30
Oct'20
ICO slashes Marriott breach fine to £18.4m
Reduced fine reflects both improvements made to hotel group’s cyber security and impact of coronavirus on the travel and hospitality sector
-
October 29, 2020
29
Oct'20
Zero-trust investment seen accelerating through pandemic
New analyst report details some of the main indicators for success in zero-trust implementation
-
October 28, 2020
28
Oct'20
Trump supporters targeted by cryptocurrency scammers
The successful breach of Donald Trump’s official website shows up lax security on his campaign team and is yet another timely warning that nobody is immune to cyber crime
-
October 28, 2020
28
Oct'20
Barracuda eyes Indochina markets
Barracuda is looking to expand its local presence and headcount in fast-growing emerging markets of Vietnam, Cambodia and Laos
-
October 27, 2020
27
Oct'20
APAC CISOs warm up to zero trust
Security leaders in Asia-Pacific are adopting zero-trust security, but challenges stand in their way of reaping the full potential of the security model
-
October 22, 2020
22
Oct'20
SonicWall patches 11 firewall vulnerabilities
SonicWall users are advised to download updates that fix 11 CVEs in the SonicOS operating system, uncovered by Positive Technologies
-
October 22, 2020
22
Oct'20
Protecting remote workers an opportunity to do security better
Securing the fully remote workforce has been a challenge for IT teams, but it presents an opportunity to commit to a higher standard of cyber security, according to a Cisco report
-
October 21, 2020
21
Oct'20
Financial services staff want work-from-home policies to continue after Covid
About half of workers in the finance sector want their employers to retain remote working policies brought in during the pandemic
-
October 14, 2020
14
Oct'20
US Elections: Malicious internet domains spike as campaigns heat up
Internet domains related to the US presidential election are 56% more likely to be malicious than regular ones
-
October 14, 2020
14
Oct'20
Microsoft fixes 87 bugs in October 2020 Patch Tuesday
Smaller October Patch Tuesday update includes fixes for critical bugs in Windows 10 and Windows Server 2019
-
October 13, 2020
13
Oct'20
Suppliers neglecting virtual appliance security, putting users at risk
Software suppliers are often distributing their products on virtual appliances that contain known vulnerabilities or are running outdated or unsupported operating systems, according to a report
-
October 12, 2020
12
Oct'20
Trickbot forced offline in major cyber security victory
Coalition led by Microsoft obtained a court order enabling them to take down the infamous Trickbot botnet’s back-end server infrastructure
-
October 12, 2020
12
Oct'20
Cyber security skills ad branded ‘crass’ by minister
Security skills campaign advert depicting a ballet dancer comes in for criticism as the arts sector struggles in the pandemic
-
October 12, 2020
12
Oct'20
Making sense of zero-trust security
Implementing zero-trust security is not an easy feat, but enterprises can still get it right if they approach it from a process perspective and get a handle on their infrastructure footprint
-
October 08, 2020
08
Oct'20
NCSC relaunches SME security guide with home working focus
The NCSC is issuing an updated version of its guide to security for SMEs, reflecting the long-lasting changes to the world of work seen in 2020
-
October 07, 2020
07
Oct'20
5G regulation failures are a threat to UK’s national security
Defence Committee report on the security of 5G brands existing regulations outdated and unsatisfactory
-
October 06, 2020
06
Oct'20
CISOs struggle to keep up with MITRE ATT&CK framework
Despite its proven benefits for security, the MITRE ATT&CK framework is proving difficult for many, according to a joint study from McAfee and UC Berkeley
-
October 02, 2020
02
Oct'20
WikiLeaks led the way for newsrooms to use encryption to protect sources, says Italian journalist
Stefania Maurizi says in written evidence that Julian Assange pioneered the use of encryption by journalists to protect sources. Her work shows that the US put pressure on Italy to stop the extradition and prosecution of CIA officers responsible for...
-
September 29, 2020
29
Sep'20
Threat actors becoming vastly more sophisticated
Malicious actors have been busily honing their craft and cyber security incidents are up across the board as a result, according to a Microsoft report
-
September 29, 2020
29
Sep'20
Ryuk attack downs private health provider in major incident
Private healthcare provider UHS has been been hit by a major big game hunting cyber attack that infected its systems with the Ryuk ransomware
-
September 28, 2020
28
Sep'20
Sustrans opens door to NCSC cyber certification via the cloud
Sustainable transport charity turned to Qualys to help it attain needed certifications to bid for government work
-
September 28, 2020
28
Sep'20
TikTok ban stayed after last-minute court case
TikTok’s lawyers have staved off an imminent ban for the time being, after successfully arguing that it infringed rights guaranteed under the Constitution of the United States
-
September 28, 2020
28
Sep'20
Security now main driving force behind digital transformation
Organisations are urgently remodelling their core technology stack in the light of the Covid-19 pandemic, and this is pushing security to the top of the agenda
-
September 24, 2020
24
Sep'20
Race to patch as Microsoft confirms Zerologon attacks in the wild
Don’t be the organisation that made the headlines because it failed to patch. Microsoft says it is seeing cyber attacks ramping up around the Zerologon CVE-2020-1472 bug
-
September 23, 2020
23
Sep'20
Video gamers barraged with cyber attacks
From credential stuffing to SQL injection and DDoS, video game producers and players are seeing massive volumes of cyber attacks
-
September 23, 2020
23
Sep'20
US agencies warn of election disinformation and cyber attacks
Federal agencies are warning of heightened disinformation as the crucial 2020 presidential election nears
-
September 17, 2020
17
Sep'20
Saudi Arabia sees cyber security boom as coronavirus bites
Saudi Arabian CIOs have been forced to increase their security posture as the Covid-19 pandemic transforms working methods
-
September 17, 2020
17
Sep'20
Seven charged in connection with Chinese state-backed cyber attacks
Attacks by APT41, or Wicked Panda, targeted hundreds of organisations, including the UK government
-
September 16, 2020
16
Sep'20
NCSC steps up ransomware support for schools and universities
New alert and updated guidance comes after several academic institutions were targeted in ransomware attacks
-
September 16, 2020
16
Sep'20
Lorca security scaleups to get Splunk data expertise
Lorca inducts Splunk onto its co-marketing programme, giving security scaleups access to new data expertise
-
September 11, 2020
11
Sep'20
Travel industry websites are laughably insecure, claims Which?
The travel industry is failing to take the data security of its customers seriously, according to a Which? investigation
-
September 11, 2020
11
Sep'20
Russian interference in US elections ramps up on schedule
With the critical US 2020 presidential election looming, Russian-state backed hackers are once again after organisations directly involved in political elections, launching thousands of targeted attacks
-
September 10, 2020
10
Sep'20
Cyber security is next frontier for open source
Open security will facilitate the interoperability and capabilities of cyber security tools while alleviating vendor lock-in for enterprises, says IBM
-
September 10, 2020
10
Sep'20
Government launches £500k healthcare security plan
A £500,000 funding pot from the government aims to help support small and mid-sized healthcare firms during the pandemic
-
September 03, 2020
03
Sep'20
New normal of remote working compounds enterprise security challenges
Sudden changes in priorities, poor network visibility and lack of time cited by Juniper Networks as key issues for security professionals struggling to cope with new norms
-
September 02, 2020
02
Sep'20
Northumbria University suffers major disruption after cyber attack
Some exams cancelled as university appoints external specialists to investigate incident
-
September 01, 2020
01
Sep'20
Norway’s corporates want government to support ‘herd immunity’ to cyber attack
Leading business organisations in Norway call on government to play a more active role in improving and coordinating the country’s cyber defences
-
August 28, 2020
28
Aug'20
New Zealand activates security services as DDoS outage enters fourth day
New Zealand government calls in its national cyber security agencies to help investigate a continuing cyber attack on the country’s financial systems
-
August 28, 2020
28
Aug'20
Machine learning wards off threats at TV studio Bunim Murray
TV studio behind reality hits including The Real World and Keeping Up With The Kardashians turned to Darktrace’s Antigena email protection service to keep its people safe from Covid-19 threats
-
August 27, 2020
27
Aug'20
DDoS downs New Zealand stock exchange for third day
Distributed denial of service attack from overseas has left stock exchange offline for days
-
August 27, 2020
27
Aug'20
Tour de France 2020 fans to get virtual experience delivered by NTT
This year’s Tour de France was delayed because of the Covid-19 pandemic. IT services company NTT has teamed up with event organiser ASO to offer a virtual experience to fans who cannot be at the roadside
-
August 25, 2020
25
Aug'20
North Korea’s Lazarus targets cryptocurrency vertical
APT group behind the infamous WannaCry incident is targeting cryptocurrency operators, according to new research
-
August 21, 2020
21
Aug'20
Australian regulator sues RI Advice for cyber security lapses
The Australian Securities and Investments Commission is suing RI Advice for cyber security breaches at the financial firm’s authorised representatives
-
August 19, 2020
19
Aug'20
Marriott slapped with class action lawsuit over 2018 breach
Group action brings together millions of victims who stayed at the Starwood hotel chain over a four-year period
-
August 18, 2020
18
Aug'20
Reports Oracle to enter TikTok bidding war
Oracle may be about to make a bid to acquire the US operations of TikTok from its Chinese parent ByteDance, according to the FT
-
August 17, 2020
17
Aug'20
Comms startup Element helps support secure communications during pandemic
With the huge increase in remote working, Element is using an open, decentralised network to give organisations more control over their communications
-
August 14, 2020
14
Aug'20
Russia’s Fancy Bear targets Linux environments with Drovorub malware
The Russian intelligence-linked Fancy Bear group is deploying a new malware called Drovorub against Linux environments as part of a cyber espionage operation, according to US warnings
-
August 12, 2020
12
Aug'20
Microsoft patches two zero-days with active exploits
Microsoft drops another major Patch Tuesday update, including fixes for two zero-day exploits that are already being exploited by cyber criminals
-
August 11, 2020
11
Aug'20
Citrix users urged to patch five XenMobile CVEs
Patches are available for CVEs 2020-8208 through 8212 and should be installed as soon as possible
-
August 11, 2020
11
Aug'20
Coronavirus: Phishing lures pivot to exploit vaccine hopes
Phishing emails are increasingly luring in victims with subject lines relating to the development of a vaccine for Covid-19