News

Security policy and user awareness

• January 02, 2020 02 Jan'20

  California’s CCPA an opportunity for security industry to do better

  California’s consumer protection and data privacy laws came into effect on 1 January 2020, and present a golden opportunity for the cyber security practitioners

• December 24, 2019 24 Dec'19

  Top 10 cyber crime stories of 2019

  Here are Computer Weekly’s top 10 cyber crime stories of 2019

• December 23, 2019 23 Dec'19

  Top 10 cyber security stories of 2019

  Here are Computer Weekly’s top 10 cyber security stories of 2019

• December 20, 2019 20 Dec'19

  Finnish government supports local authorities in cyber security initiative

  The Finnish government has committed resources to a cyber security project aimed at local authorities

• December 18, 2019 18 Dec'19

  Top 10 Australia IT stories of 2019

  Here are Computer Weekly’s top 10 Australia IT stories of 2019

• December 16, 2019 16 Dec'19

  Barco fixes ClickShare wireless flaw, but users still at risk

  Supplier patches a major vulnerability in its popular ClickShare wireless presentation system with a firmware upgrade, but experts warn that users are not out of the woods yet

• December 13, 2019 13 Dec'19

  Alarm bells ring, the IoT is listening

  With Christmas bearing down on us, a series of vulnerability disclosures has drawn attention to the parlous state of IoT security, and serves as a timely warning to people planning to buy smart devices as gifts

• December 09, 2019 09 Dec'19

  Public sector still losing user devices in high numbers

  The Ministry of Justice has lost 354 smartphones, PCs, laptops and tablets in the past 12 months, according to a Freedom of Information request, and other government departments are in the same boat

• December 09, 2019 09 Dec'19

  China bans foreign computing kit from government contracts

  All government offices and public institutions must eliminate foreign hardware and software within three years, according to a leaked directive dubbed 3-5-2

• December 06, 2019 06 Dec'19

  How commodities firm ED&F Man solved its threat detection challenges

  After a minor server breach, leading commodities trader turned to Vectra’s Cognito service to expose hidden threats, spot privilege misuse, and conduct conclusive investigations

• December 06, 2019 06 Dec'19

  Dutch government must facilitate and coordinate a broad eID system

  The Dutch government should push for an electronic ID system for its citizens that works across the public and private sectors, according to a report

• December 05, 2019 05 Dec'19

  Two Russians indicted over Dridex and Zeus malware

  The US Department of Justice has indicted two Russian citizens over their alleged role in the distribution of the virulent Bugat, or Dridex, and Zeus banking trojans

• December 05, 2019 05 Dec'19

  Cyber Girls First volunteers encourage girls to think high-tech

  More than 80 schoolgirls spent a day learning about computer hackers and rocket science – Cyber Girls First hopes they will become the next generation of technologists

• December 05, 2019 05 Dec'19

  Black Hat Europe: Mental health websites are leaking user data

  At Black Hat Europe in London, researchers reveal the extent to which confidential data is being leaked to third parties by online mental health websites

• December 04, 2019 04 Dec'19

  Black Hat Europe: Red teams and blue teams must evolve in the 2020s

  The red team versus blue team dichotomy is somewhat arbitrary and risks pigeonholing skilled security professionals into certain roles, says Facebook’s Amanda Rousseau

• December 03, 2019 03 Dec'19

  Tenable buys Indegy to integrate IT and OT security

  Acquisition of industrial security specialist Indegy will create a unified, risk-based platform spanning both IT and OT security for Tenable

• December 03, 2019 03 Dec'19

  Chinese web users take more risks than Brits or Americans

  A research paper published by the University of Birmingham seems to show that differences in cultural values have an impact both on risky behaviour online and legal regulation

• December 02, 2019 02 Dec'19

  Top Android apps at risk from StrandHogg vulnerability

  Researchers at Promon say all of the 500 most-downloaded Android apps are at risk from a newly discovered vulnerability

• November 29, 2019 29 Nov'19

  TfL locks down Oyster accounts to ward off credential stuffing

  Mandatory password reset for all travellers who use Oyster and contactless payment systems follows minor breach incident earlier in 2019

• November 29, 2019 29 Nov'19

  Hack Friday: This Christmas, fight back against cyber criminals

  It’s nearly Christmas, and cyber attacks and fraud attempts in the retail sector are ramping up. Is it time to panic? And is there anything we can do beyond hammering home the message around basic cyber security hygiene?

• November 28, 2019 28 Nov'19

  Top APAC security predictions for 2020

  More attacks on critical infrastructure, supply chain vulnerabilities and file-less attacks are some of the security threats that enterprises should keep an eye on next year

• November 26, 2019 26 Nov'19

  Enterprises muddled over cloud security responsibilities

  A McAfee study suggests that 2020 will be a big year for cloud adoption, but confusion still persists over who is responsible for securing it

• November 25, 2019 25 Nov'19

  Uber app exploit posed safety risk to passengers

  A flaw in Uber’s system meant thousands of trips in London were taken with unauthorised drivers at the wheel

• November 25, 2019 25 Nov'19

  Conservatives propose national cyber crime force

  Manifesto also says Tories would “empower the police to safely use new technologies like biometrics and artificial intelligence, along with the use of DNA, within a strict legal framework”

• November 22, 2019 22 Nov'19

  Some 29,000 UK web domains suspended for criminal activity

  Domain suspensions for criminal activity over the past year has dropped for the first time since 2014

• November 20, 2019 20 Nov'19

  Mimecast blocked 99 billion suspicious emails in third quarter

  Latest threat intelligence report reveals the scale of the threat posed by malicious emails, with the transport, legal and financial sectors hit hardest

• November 20, 2019 20 Nov'19

  Massive increase in fraud attacks on TSB customers during IT meltdown

  There was a massive spike in attempts by fraudsters to steal from TSB customers when the bank’s IT systems failed in 2018

• November 20, 2019 20 Nov'19

  Conservatives slammed over social media trickery

  The Conservative Party has been caught spreading online disinformation during the General Election campaign for a second time

• November 19, 2019 19 Nov'19

  Public sector risks downplayed by senior IT leaders

  Sophos reveals a significant cyber security perception gap between senior IT and security leaders in the public sector and their front-line teams

• November 14, 2019 14 Nov'19

  Cyber criminals tool up for Christmas fraud season

  Organised criminals are trying to cash in on the festive retail boom with both brand new and tried-and-tested techniques

• November 13, 2019 13 Nov'19

  Business leaders fibbing to cover up lax security posture

  Nominet study finds evidence that many businesses tout the robustness of their security posture as a selling point even though their security teams lack confidence in themselves

• November 13, 2019 13 Nov'19

  Attack on Labour shows need for DDoS defence but should alarm few

  After being hit by two DDoS attacks in the space of 24 hours, many commentators are convinced the UK’s Labour Party is the victim of foreign interference in the General Election campaign. It probably isn’t

• November 13, 2019 13 Nov'19

  Cyber risk insurance is more than just insurance

  Insurance companies such as Chubb are offering incident response services and security tools to help companies improve their cyber security posture and better cope with cyber attacks

• November 12, 2019 12 Nov'19

  Nordic SMEs lack the money needed for cyber security

  Businesses and governments in Denmark and Norway are working together to address a cyber security shortfall for SMEs in each country

• November 12, 2019 12 Nov'19

  PCI DSS payment security compliance drops again

  Worldwide, barely one-third of companies are maintaining full compliance with the PCI DSS security standard – and the numbers are falling

• November 12, 2019 12 Nov'19

  ‘Robust’ security foils cyber attack on Labour Party

  Labour claims to have been the victim of a cyber attack, but says it is confident no data leaked

• November 12, 2019 12 Nov'19

  Shared responsibility model key to solving 5G security problem

  Both buyers and sellers need to cooperate to solve the thorny issues around 5G security

• November 08, 2019 08 Nov'19

  Security pros urged to get ahead of incoming BlueKeep exploits

  The BlueKeep RDP vulnerability is beginning to be exploited in the wild, and security teams have no excuse for not trying to get in front of it, says Microsoft

• November 07, 2019 07 Nov'19

  Amazon Ring video doorbell flaw left users open to attack

  A vulnerability in Amazon’s Ring video doorbells left the internet-of-things devices open to a variety of attacks

• November 06, 2019 06 Nov'19

  Trend Micro insider breach exposes need for data-centric protection

  Simple measures could have saved consumer security product supplier from insider breach

• November 05, 2019 05 Nov'19

  ICO launches data security campaign for UK General Election

  Information commissioner Elizabeth Denham launches campaign to remind the public of their rights when personal data is used for political purposes

• November 04, 2019 04 Nov'19

  Sumo Logic buys into cloud security software market

  Jask’s cloud-native autonomous security operations software will be integrated into Sumo Logic’s intelligence platform

• November 01, 2019 01 Nov'19

  Banks let customers down with mixed approaches to security

  Treasury Committee report recommends new measures to tackle financial fraud

• October 30, 2019 30 Oct'19

  What will succeed the National Cyber Security Strategy?

  As the National Cyber Security Strategy nears the end of its working life, the government is considering what comes next, and is asking probing questions of its successes and failures

• October 24, 2019 24 Oct'19

  Endpoint security is a procurement issue, says HP, IDC study

  Report warns that buyers are falling at the first hurdle on security by not including it in their endpoint RFPs and tenders

• October 23, 2019 23 Oct'19

  Take responsibility for cyber security basics, urges NCSC CEO

  At the launch of its third annual review, NCSC head Ciaran Martin appealed for individuals and businesses to address the fundamentals of cyber security hygiene to help lighten the load

• October 22, 2019 22 Oct'19

  Banks move to contain impact of Samsung biometric flaw

  NatWest and Nationwide have moved to lock down their mobile banking apps after Samsung warned of a biometric security flaw on its Galaxy and Note S10 devices

• October 22, 2019 22 Oct'19

  Malware volumes decline, but risks are higher

  More insidious and targeted strains of malware are going after high-quality targets, rather than a large volume of targets

• October 22, 2019 22 Oct'19

  Attacker hit VPN firm Avast through its VPN

  Avast has published details of how attackers attempted to gain access to its network over a five month period

• October 22, 2019 22 Oct'19

  Over-30s tend to do better at cyber security than younger colleagues

  Attitudes to workplace cyber security differ by age group, but not in the way one might imagine, according to a new study by NTT Security