News

Web application security

• January 30, 2019 30 Jan'19

  How traffic scrubbing can guard against DDoS attacks

  Although most scrubbing services can help fend off distributed denial of service attacks, a more comprehensive mitigation strategy is required to remain unscathed

• January 10, 2019 10 Jan'19

  UK firms say £6.6bn annual security testing cost too high

  Avord launches platform to reduce the multibillion-pound annual cyber security testing cost that most UK firms say is too high

• December 23, 2018 23 Dec'18

  'Serious' Twitter flaw allows hackers to post on other people's accounts

  A vulnerability in Twitter allows hackers to send tweets, private messages, post images or videos, and turn off security features, says British security researcher

• December 18, 2018 18 Dec'18

  APAC cyber security landscape to be more tumultuous in 2019

  Amid growing cyber threats, the Asia-Pacific cyber security landscape will not get any rosier in 2019 unless organisations start shoring up their cyber hygiene

• December 11, 2018 11 Dec'18

  Mac malware makes debut in top 10 list

  Mac malware appears in the WatchGuard top 10 malware list for first time, and 6.8% of major websites still use an insecure SSL protocol, according to the firm’s latest internet security report

• December 04, 2018 04 Dec'18

  ‘Open-minded’ DVSA cuts cost of MOT testing

  Government agency harnesses customised open source platform to ensure data security while cutting costs and plans to extend its MOT testing capability to do the same for drivers’ theory tests

• November 30, 2018 30 Nov'18

  Marriott data breach highlights basic failings

  A breach of a guest reservation database of the Starwood division of the Marriott International hotel group highlights basic personal data protection failures

• November 06, 2018 06 Nov'18

  APAC firms warm up to SD-WAN to solve networking woes

  A third of enterprises in the APAC region have already deployed SD-WAN at most of their sites, while 55% are in the process of doing so, a study shows

• October 11, 2018 11 Oct'18

  Optus to acquire Hivint in cyber security deal

  The deal is expected to bolster the telco’s security pedigree in a market that is grappling with more data breaches and cyber incidents

• September 12, 2018 12 Sep'18

  Two-thirds of emails not clean, says research

  Two-thirds of emails don't make it to the inbox because security systems consider them unsafe, according to research

• September 11, 2018 11 Sep'18

  British Airways data breach: Security researchers name suspects and query attack timeline

  Security researchers claim to have pinpointed the cause and perpetrators of the British Airways data breach, and also claim the attackers may have had access to its customer data for far longer than previously thought

• September 11, 2018 11 Sep'18

  Public cloud use surges among DDoS attackers, research shows

  According to data accrued by DDoS mitigation firm, Link11, the number of attackers that rely on public cloud services soared during the 12 months to June 2018

• September 10, 2018 10 Sep'18

  Cyber criminals outspend businesses in cyber security battle

  Cybercriminals are flexing their financial might and UK organisations are facing more attacks as a result

• August 23, 2018 23 Aug'18

  Apache Struts users urged to update due to new security flaw

  Another security flaw has been discovered in the Apache Struts, which was at the heart of the massive Equifax data breach in 2017

• August 08, 2018 08 Aug'18

  Check Point warns of WhatsApp vulnerabilities

  Researchers are warning of vulnerabilities in WhatsApp that allow threat actors to intercept and manipulate messages sent in a group chat

• August 06, 2018 06 Aug'18

  Mobile banking Trojans reach all-time high

  Mobile banking Trojans topped the list of cyber threats in the second quarter of the year, according to research by Kaspersky Lab

• July 26, 2018 26 Jul'18

  Software development remains insecure

  The prevalence of common and well-known web-based vulnerabilities underlines the need for better education around secure software development

• July 24, 2018 24 Jul'18

  Most firms have software security vulnerability

  Most firms have a software vulnerability that can be exploited by cyber attackers, a study has revealed

• July 17, 2018 17 Jul'18

  A third of organisations do not have a security expert, survey shows

  Around a third of organisations are vulnerable to cyber attacks due to a lack of dedicated in-house cyber security experts, finds Gartner survey

• July 12, 2018 12 Jul'18

  Cyber attackers cashing in on ‘hidden’ attack surface

  Cyber attackers are cashing in on organisations’ lack of visibility into all online interactions that can involve multiple third parties, a report reveals

• July 11, 2018 11 Jul'18

  White-hat hackers find record number of vulnerabilities

  White-hat hackers are finding more vulnerabilities than ever before, with crowdsourced security testing continuing to gain popularity, a report reveals

• July 09, 2018 09 Jul'18

  Inside one of the world’s largest bug bounty programmes

  Trend Micro’s Zero Day Initiative may be the top external supplier of software bug reporting for Microsoft and Adobe, but that does not mean it purchases every type of bug

• June 29, 2018 29 Jun'18

  UK government cyber security standard welcomed

  The information security community has welcomed the publication of the government’s minimum cyber security standard, which could be used by any organisation to improve its cyber defences

• June 19, 2018 19 Jun'18

  Singapore remains hotbed for cyber threats

  Singapore was a victim of advanced persistent threats, phishing and website defacements in 2017, according to the latest threat landscape report by the Cyber Security Agency

• May 21, 2018 21 May'18

  Pen testers find weaknesses in banks’ cyber security

  Humans are the biggest weakness in banks’ cyber defences, but there are several others that also need attention, penetration testers have revealed

• May 17, 2018 17 May'18

  European cyber attacks up nearly a third in first quarter 2018

  The volume of cyber attacks hitting digital transactions in Europe was up by almost a third in the first quarter of 2018 compared with same period a year ago, a report reveals

• April 18, 2018 18 Apr'18

  APAC is becoming a hotspot for DDoS attacks

  The region’s largest and most-connected economies are most vulnerable to distributed denial-of-service attacks, according to CenturyLink

• April 11, 2018 11 Apr'18

  Government to set up £13.5m cyber security centre

  Located at the 2012 Olympic Park, the London Cyber Innovation Centre could create up to 2,000 jobs in cyber security

• March 28, 2018 28 Mar'18

  Facebook announces more privacy control updates

  Social media giant updates privacy settings and tools in response to the unfolding controversy over Cambridge Analytica’s use of Facebook data for political campaigns

• March 26, 2018 26 Mar'18

  Dutch SMEs’ cyber security is insufficient

  Nowhere in the Netherlands is digitisation as big as it is in small and medium-sized enterprises, but the sector still has a lot to do in terms of cyber security

• March 09, 2018 09 Mar'18

  Cryptojacking cyber criminals up their game

  Cyber criminals hijacking computing resources to mine for cryptocurrencies are raising their efforts to bypass enterprise security controls, researchers have found

• March 08, 2018 08 Mar'18

  Mac malware more than doubled in 2017

  Malware targeting Apple Mac computers more than doubled from 2016 to 2017, according to security firm Malwarebytes

• February 16, 2018 16 Feb'18

  Tech industry signs cyber security charter

  Nine technology organisations have signed a cyber security charter aimed at raising the level of cyber security internationally

• February 14, 2018 14 Feb'18

  Telegram zero-day exploit is a warning

  The discovery of an exploit of a zero-day vulnerability in the Telegram messaging app demonstrates that not all “secure” apps are automatically safe, security experts have warned

• February 12, 2018 12 Feb'18

  FS-ISAC enables safer financial data sharing with API

  The global financial industry's body for cyber and physical threat intelligence analysis and sharing has published an API to facilitate safer sharing of consumer financial information

• February 12, 2018 12 Feb'18

  Criminals hijack government sites to mine cryptocurrency used to hide wealth

  Europol says criminals are hiding billions in cryptocurrencies, as thousands of government and other websites have reportedly been used to hijack computers to mine more

• February 12, 2018 12 Feb'18

  PyeongChang Winter Games hit by cyber attack

  Although critical operations were not affected by the incident, event organisers at the PyeongChang Winter Olympics had to shut down servers and the official games website to prevent further damage

• February 05, 2018 05 Feb'18

  Lauri Love plans to use ‘internet as a force for good’

  Engineering student Lauri Love says he plans to help businesses fight cyber crime, after the court of appeal ruled that he can be tried in the UK for allegedly hacking US computer systems, rather than face extradition to the US

• February 05, 2018 05 Feb'18

  Researchers discover malicious Chrome extensions

  Security researchers have discovered a new botnet delivered via malicious Chrome extensions designed to hijack computers to mine cryptocurrency and record victims’ every move

• February 02, 2018 02 Feb'18

  ASEAN nations among worst hit by cryptocurrency-mining operation

  Thailand, Vietnam and Indonesia recorded high download numbers for the XMRig software that was surreptitiously slipped into user devices to mine Monero

• January 31, 2018 31 Jan'18

  Many businesses still using outdated security, says Troy Hunt

  Too many businesses are using out-of-date approaches to security, a world-renowned cyber security author and trainer warns

• January 31, 2018 31 Jan'18

  UK finance sector cyber security pros admit shocking practices

  UK financial sector IT security teams face immense challenges that are undermining business opportunities and continuity in financial services, a survey reveals

• January 23, 2018 23 Jan'18

  Facebook offers funding to secure the internet

  Facebook has announced that it is offering funding for research into ways of improving internet security

• January 22, 2018 22 Jan'18

  Taking complexity out of cyber security

  The key to improving the cyber security posture of organisations is to keep complexity at bay, according to a senior Microsoft executive

• January 11, 2018 11 Jan'18

  Mobile app flaws are a risk to industrial IT systems, says report

  Cyber security vulnerabilities in mobile applications could be exploited to compromise industrial network infrastructure, a report warns

• January 10, 2018 10 Jan'18

  UAE tech growth prompts firms to review internal IT security

  As IT becomes more prominent in the UAE economy, more and more internal connections between people and systems are created, all of which need to be secured

• January 09, 2018 09 Jan'18

  Cyber attacks in 2017 drive Nordic security efforts

  The volume of cyber attacks last year has increased boardroom focus on security in the Nordic region

• January 08, 2018 08 Jan'18

  Sweden steps up cyber defence measures

  Sweden is tightening up its cyber security defences as part of a wider national security strategy

• January 03, 2018 03 Jan'18

  Top IT priorities for Nordic CIOs in 2018

  Nordic CIOs tell Computer Weekly about their intentions for the year ahead

• December 21, 2017 21 Dec'17

  IT Priorities 2018: South Korea to spend more on big data and IoT

  South Korean companies are expected to spend more in emerging technologies as well as move more workloads to the cloud in the coming year

• December 20, 2017 20 Dec'17

  UK government blames North Korea for WannaCry cyber attack

  The UK and US governments say a North Korean group was responsible for the ransomware attacks that hit the NHS and other organisations globally this year

• December 19, 2017 19 Dec'17

  Kaspersky Lab appeals US ban

  Russian security software giant appeals US government's decision to ban the use of its products in federal agencies

• December 13, 2017 13 Dec'17

  Singapore’s defence ministry starts bug bounty programme

  Bug bounty programme will offer rewards of up to S$20,000 for identifying loopholes in internet-facing systems used by defence and military personnel

• December 04, 2017 04 Dec'17

  The Dutch government defines cyber threat actors

  The Dutch government commissions the creation of a scientific classification of individuals and groups involved in cyber crime

• December 04, 2017 04 Dec'17

  Barclays Bank stops offering Kaspersky software to new users

  Bank is no longer offering customers Kaspersky anti-virus software after UK security agency issues warning

• November 29, 2017 29 Nov'17

  Lauri Love would face ‘medieval’ conditions in US prison if extradited over hacking charges

  Engineering student Lauri Love should be tried in the UK, court hears, as new evidence is presented on the “medieval” conditions in US jails for people with medical problems

• November 21, 2017 21 Nov'17

  Ransomware rages on with no signs of abating

  The rampant digital extortion facilitated by ransomware in 2017 will continue next year, with healthcare and industrial systems expected to be new prime targets

• November 06, 2017 06 Nov'17

  Any online business a target of DDoS attacks

  Any business that is online is susceptible to denial of service attacks and should ensure it has the capability to mitigate such attacks, says an industry practitioner who explains how

• October 30, 2017 30 Oct'17

  Messaging apps a growing business security risk, study shows

  Businesses should introduce urgent policy changes to catch up with the reality of employees’ use of messaging apps, which is a growing security risk, say security researchers

• October 18, 2017 18 Oct'17

  Google debuts additional identity protection services

  Google has rolled out new identity protection features across its account base, including advanced protection for at-risk users

• October 17, 2017 17 Oct'17

  RSA’s Middle East cyber security conference gains its own identity

  RSA Abu Dhabi conference focuses on region’s cyber security needs as digital technology deployments expand

• October 13, 2017 13 Oct'17

  Cyber security a business necessity

  Cyber security is a business necessity, according to the T-Mobile security chief in Poland

• October 05, 2017 05 Oct'17

  Singapore’s public sector finds agility and speed in AWS

  City-state’s government has been able to meet peak demands and address security issues through a cloud-based web-hosting platform powered by Amazon Web Services

• September 22, 2017 22 Sep'17

  High percentage of education organisations were victims of DNS attacks in 2016, survey finds

  The majority of worldwide education organisations were hit with a DNS attack in 2016, according to a survey from EfficientIP

• September 18, 2017 18 Sep'17

  UAE banks share information to combat cyber threats

  Banks in the United Arab Emirates will share information on cyber attacks through a platform instigated by the country’s banking federation

• September 18, 2017 18 Sep'17

  Heads roll as Equifax reveals 400,000 Britons affected by breach

  Equifax replaces two senior staff members as it reveals how many Britons were hit by a massive data breach that affected millions of consumers

• September 14, 2017 14 Sep'17

  Equifax confirms massive data breach was result of missed patch

  Equifax appears to have failed to roll out a patch that might have stopped the massive breach of its systems

• September 05, 2017 05 Sep'17

  UK universities increasingly targeted by cyber criminals

  Cyber attacks are turning their attention to UK universities, with research being the main prize

• September 05, 2017 05 Sep'17

  People with non-IT backgrounds could help fill cyber security skills gap

  Organisations should look to fill cyber security roles with people who are curious and have work experience rather than focusing solely on graduates

• August 23, 2017 23 Aug'17

  UK business urged to do more as ID fraud continues to rise

  Identity fraud continued to increase at a record rate in the first half of 2017, reaching epidemic levels, a fraud data report has revealed

• August 11, 2017 11 Aug'17

  Manufacturing a key target for cyber attacks

  Manufacturers are a key and growing target for cyber criminals, a threat intelligence report reveals

• August 09, 2017 09 Aug'17

  Websites giving hackers easy access, audit reveals

  Many company websites still contain critical vulnerabilities that cyber criminals can use to carry out a variety of cyber attacks, a security audit shows

• August 04, 2017 04 Aug'17

  Security audits reveal poor state of corporate cyber defences

  Critical vulnerabilities detected in 47% of corporate systems investigated in security audits by Positive Technologies

• July 26, 2017 26 Jul'17

  Nordic digitisation brings unwanted consequence of heightened cyber security risks

  The Nordic region is becoming highly connected – which has not gone unnoticed by cyber criminals

• July 25, 2017 25 Jul'17

  London security centre handed £14.5m to get off the ground

  The government is to fund a new cyber security innovation centre in the capital and has launched a competition to develop and design it

• July 14, 2017 14 Jul'17

  Australia to push ahead with decryption plans

  The Australian government remains undaunted in requiring tech firms to provide access to encrypted communications in law enforcement efforts

• July 03, 2017 03 Jul'17

  Cyber security comes down to culture, say Dutch security experts

  IT security can no longer be seen as just a technical matter. People, education and management matter too, but culture is the overarching and binding element, says security executive at Dutch bank

• June 27, 2017 27 Jun'17

  Another global ransomware attack underway as reports of Petya exploit spread

  Latest cyber attack appears to be based on the same EternalBlue exploit used by the WannaCry ransomware that hit the NHS in May

• June 27, 2017 27 Jun'17

  French aeronautics and aerospace manufacturer optimises datacentres

  High-tech manufacturer outsources datacentre management to support its digital transformation

• June 26, 2017 26 Jun'17

  AA blames password reset email glitch on ‘internal error’

  Automobile Association apologises for sending out password reset confirmation emails to a small selection of customers in error, which led some to assume the company may have been hacked

• June 15, 2017 15 Jun'17

  University College London hit by ransomware attack

  University restricts access to several IT systems and file shares to halt spread of malware

• June 14, 2017 14 Jun'17

  Microchips implanted in hands could be in use for payments in 20 years

  UK consumers are becoming more accepting that biometric authentication will become the norm for payments

• June 08, 2017 08 Jun'17

  Islamic State supporters shun Tails and Tor encryption for Telegram

  Confidential communications show terror group’s supporters are turning to simple mobile phone messaging apps to exchange messages and distribute propaganda

• June 08, 2017 08 Jun'17

  Infosec17: CheckRecipient crowned UK’s most innovative cyber security firm

  Venture capital-backed machine learning technology developer startup wins national competition to find most innovative cyber security company

• May 16, 2017 16 May'17

  UK government sees collaboration as key to cyber security success

  The UK government believes collaboration between the public and private sectors is critical to success in cyber security

• May 15, 2017 15 May'17

  MPs and peers urged not to use personal email as WannaCry spreads

  MPs and peers have been warned not to use personal emails on parliamentary Windows computers in the wake of WannaCry ransomware outbreak

• May 04, 2017 04 May'17

  Testing is key to IoT security, says researcher

  Building an effective testing process across all elements associated with a product is key to securing the internet of things, according to a researcher in the field

• May 02, 2017 02 May'17

  ‘Internet terrorist’ Samata Ullah jailed for eight years

  Samata Ullah, an unemployed resident of Cardiff, has been sentenced after pleading guilty to five terrorism offences

• April 29, 2017 29 Apr'17

  IS supporter Samata Ullah branded a “new and dangerous breed of terrorist"

  Samata Ullah, a 34-year-old man from Cardiff who posted encryption training videos on a radical Islamic blog, is a dangerous “cyber terrorist”, a court heard on 28 April 2017

• April 18, 2017 18 Apr'17

  Lloyds Bank tests biometric authentication from Microsoft

  Banking group is trying out enterprise-grade biometric authentication for its online customers

• April 11, 2017 11 Apr'17

  Security as a service on the rise in the UAE

  Organisations in the United Arab Emirates are increasingly turning to security services

• April 06, 2017 06 Apr'17

  Interview: F-Secure’s Mikko Hyppönen on the Nordics, Russia and the internet of insecure things

  Computer Weekly sat down with Finnish cyber security expert Mikko Hyppönen to talk about security in the Nordics, Russia and the trouble with connected devices

• March 28, 2017 28 Mar'17

  Threats grow in Saudi Arabia’s cyber sector

  Saudi Arabia's wealth makes it an attractive target for cyber criminals, but what have been the recent trends in cyber crime?

• March 21, 2017 21 Mar'17

  Lords call on ISPs, government to do more to safeguard children online

  A House of Lords Select Committee report on online safety has called for internet service providers and the government to do more to protect the interests of children using the internet

• March 20, 2017 20 Mar'17

  Cardiff man Samata Ullah admits terrorist charges after posting encryption details on Islamic blog

  Samata Ullah, a resident of Cardiff, pleaded guilty to five terrorism charges, including developing an encrypted version of an Islamic website and posting videos explaining how to use encryption

• February 24, 2017 24 Feb'17

  Number of people hit by professional financial cyber attack grows after lull

  Kaspersky Labs reports that the number of people hit by financial cyber attack grew in 2016 after falling in the previous two years

• February 23, 2017 23 Feb'17

  Dutch banks and ISPs behind in domain security

  Dutch banks are falling behind organisations in other sectors when it comes to securing domains.

• February 20, 2017 20 Feb'17

  Singapore companies to be cloud-first in two years

  Large enterprises in Singapore will think cloud-first, though security remains a bugbear

• February 17, 2017 17 Feb'17

  Apac companies see cyber security as key to business growth

  Cyber security has enabled Asia-Pacific organisations to enter new markets and deliver services in new ways

• February 15, 2017 15 Feb'17

  APAC enterprises have fewer high-risk cloud apps

  Cisco study shows enterprises in Asia-Pacific have fewer apps that pose a significant risk to network security than those in North America and Europe