Antivirus, firewall and IDS products

Multi-purpose malwares can use more than 20 MITRE ATT&CK TTPs

Report warns of the development of increasingly sophisticated, multi-purpose malwares, and calls on defenders to play close attention to the MITRE ATT&CK framework to ward them off Continue Reading

Australian organisations underinvesting in cyber security

Over half of Australian organisations failed to invest enough in cyber security over past three years, though awareness is improving in aftermath of high-profile data breaches Continue Reading

Zero-trust implementations remain work in progress

Just one in 10 large enterprises are expected to have mature and measurable zero-trust programmes in place by 2026, study finds Continue Reading

Warning over ransomware attacks spreading via Fortinet kit

Following the disclosure of a critical vulnerability in October 2022, Fortinet VPN devices were exploited in two known ransomware attacks, with access likely sold on the dark web Continue Reading

Cashless Denmark has no bank robberies in a year for first time

Denmark saw no bank robberies in a single year for the first time ever, but online fraud continues to increase Continue Reading

China and India governments among top targets for cyber attackers

Chinese and Indian governments targeted by hacktivists and ransomware groups out to make statement or expose flaws in their respective security postures Continue Reading

Cyber security professionals share their biggest lessons of 2022

In the run-up to 2023, cyber security professionals are taking the time to reflect on the past few months and share their biggest lessons of 2022 Continue Reading

Top 10 cyber security stories of 2022

The war in Ukraine loomed large over the cyber security news agenda, but 2022 also saw growing awareness of open source security, discussion around cyber insurance, and more besides Continue Reading

Security Think Tank: 2022 brought plenty of learning opportunities in cyber

At the end of another busy 12 months, Turnkey Consulting’s Andrew Morris sums up some of the most important takeaways for cyber pros Continue Reading

New cyber approaches ease Registers of Scotland’s AWS migration

As the holder of the oldest national public land register in the world, Registers of Scotland has a storied history dating back centuries. Find out how Palo Alto Networks is keeping its processes and data secure as it goes all-in on Amazon Web Services Continue Reading

Security Think Tank: How much digital trust can you place on zero-trust?

The events of the past couple of years have highlighted many considerations that should be taken into consideration when pursuing a zero-trust strategy, says ISACA’s Steven Sim Kok Leong Continue Reading

Finnish government launches information security voucher scheme

Finland’s government is offering businesses financial support to help them improve their cyber security Continue Reading

Australia to develop new cyber security strategy

New strategy to be developed by top cyber security experts aims to turn Australia into a global cyber leader, among other goals Continue Reading

Security Think Tank: As cyber pros, we need to articulate our needs better

There is always a lot to learn about security, but one of the most important lessons may not relate to technology at all, says Petra Wenham Continue Reading

French cyber consultancy Hackuity sets up UK operation

Risk-based vulnerability management company is to establish a UK base of operations in the hope of expanding its enterprise client base Continue Reading

Security Think Tank: The more you buy, the less you protect

The most important lesson learned this year is that the more controls you have in place, the less secure you become, argues 2-sec’s Tim Holman Continue Reading

Not-for-profit aims to encourage 1,300 girls into cyber careers

CyNam, a not-for-profit cyber security initiative, is collaborating with industry, education providers and government to encourage young women into cyber Continue Reading

NortonLifeLock, Avast debut new ‘Gen’ identity

The combined NortonLifeLock and Avast consumer cyber business, Gen, says it will serve over 500 million customers worldwide Continue Reading

UK spent £6.4m on secret cyber package for Ukraine

Westminster has revealed for the first time the existence of a previously top-secret security programme that has been helping Ukraine fend off Russian cyber attacks Continue Reading

Gartner: Remote work, zero trust, cloud still driving cyber spend

Security leaders are eager to spend on categories including remote and hybrid cyber offerings, zero-trust network access, and cloud Continue Reading

How Cloudflare is staying ahead of the curve

Cloudflare co-founder and CEO Matthew Prince talks up what has changed since the company’s first business plan was written in 2009 and how it keeps pace with the fast-moving network security landscape Continue Reading

Nordic private equity firms pursue cyber security acquisitions

Increasing interest in the security sector from Nordic private equity firms is a reflection of growing threats and increasing enterprise security budgets Continue Reading

Thousands of customers affected in Revolut data breach

Digital challenger bank has warned its customers to be vigilant after their data was exposed in a cyber attack Continue Reading

CISOs should spend on critical apps, cloud, zero-trust, in 2023

Faced with a global recession next year, security buyers should try to direct investment towards technology that protects customer-facing and revenue-generating workloads, say analysts Continue Reading

Dutch cyber security organisations to join forces

Cyber security organisations in the Netherlands are going to merge into a single central expertise centre and information hub, which all organisations in the country will soon be able to tap into Continue Reading

Prince’s Trust teams with threat management specialist in skills push

Prince’s Trust hopes to address shortfall in cyber professionals and improve diversity in the industry Continue Reading

Saudi Arabian organisations choose to outsource to improve cyber security posture

Overwhelmed by rising threats and a growing number of government mandates, many organisations in Saudi Arabia are looking for outside help to take care of cyber security Continue Reading

Researcher finds 10 vulnerabilities in Cisco firewalls

At Black Hat USA, Rapid7 researchers report on 10 security issues in popular Cisco firewall products, many of which do not yet have patches Continue Reading

NCSC startups scheme turns focus to operational technology, SME security

NCSC for Startups initiative turns its focus to supporting innovation around securing operational technology and addressing the challenges facing small businesses Continue Reading

Buy ‘plug-n-play’ malware for the price of a pint of beer

Three-quarters of malwares and almost 90% of exploits retail on the dark web for about £8.40 or less, according to a report Continue Reading

(ISC)² expands entry-level cyber programme after UK success

Flush with success from a UK certification programme, reaching 100k in the UK, (ISC)² now wants to provide free security certification to a million people worldwide Continue Reading

Plexal seeks new scaleups for next phase of Cyber Runway

Established security startups looking to grow and scale their operations are being invited to join the next phase of Plexal’s Cyber Runway programme Continue Reading

How to get the right level of cyber insurance

In this week’s Computer Weekly, we look at how the market for cyber insurance is evolving and how to avoid buying the wrong level of cover. We find out what role hydrogen technologies could play in reducing datacentre carbon emissions. And we hear how a 125-year-old bicycle maker is embracing digital innovation. Read the issue now. Continue Reading

Collaboration key to IT sector sustainability

In this week’s Computer Weekly, as sustainability rises up the corporate agenda, IT leaders say more collaboration is needed to meet climate goals. Microsoft faces further calls for greater transparency over software tools used to monitor employees. And the cyber security industry warns over an increasing loss of talent. Read the issue now. Continue Reading

CW APAC: Tech career guide to cyber security

The demands placed on those fighting against hackers are constantly evolving. In this handbook, focused on cyber security in the Asia-Pacific region, Computer Weekly looks at the skills required to make it in the industry, how Singapore’s critical systems remain protected, the short-term options for tech stack management and how organisations can support cyber professionals’ mental health. Continue Reading

Dundee security research centre opens with support from SBRC

An £18m hub at Abertay University in Dundee forms the centrepiece of Scotland’s first security research cluster Continue Reading

Qatar bolsters cyber security in preparation for World Cup

With hackers honing their cyber weapons to target the upcoming football World Cup, Qatar is busy developing countermeasures and raising awareness Continue Reading

Red teaming will be standard in Dutch governmental organisations by 2025

The Dutch government wants to include the testing of the digital security of systems, processes and people – also known as red teaming – in all of its governmental organisations’ test planning and budgeting by 2025 at the latest Continue Reading

Manufacturer sues JPMorgan after cyber criminals stole $272m

Manufacturer files lawsuit alleging that US bank failed to inform it of suspicious transaction activity Continue Reading

Sophos soaks up SOC.OS

Sophos says acquisition of BAE spinout SOC.OS will enhance its managed threat and extended detection and response services Continue Reading

UAE bolsters cyber security

The United Arab Emirates has successfully improved its security posture amid mounting cyber threats Continue Reading

CW APAC: Trend Watch: Cyber security

Protection from malicious actors has become a critical consideration for organisations in recent years. In this handbook, focused on cyber security in the Asia-Pacific region, Computer Weekly looks at how to minimise edge security risks, India’s rise in cyber security revenues, Check Point’s sales force and partner ecosystem processes, and Trellix’s decision to democratise XDR access Continue Reading

WatchGuard firewall users urged to patch Cyclops Blink vulnerability

The US authorities have seen fit to add the WatchGuard vulnerability used by Sandworm to build the Cyclops Blink botnet to its list of must-patch vulnerabilities Continue Reading

Singapore to start licensing cyber security service providers

Those providing penetration testing and SOC services will need to apply for a licence under a new licensing regime that is expected to safeguard consumer interests and improve service standards Continue Reading

US shuts down Russia’s Cyclops Blink botnet operation

Operation by US authorities has taken the Russia-attributed Cyclops Blink botnet ‘off the board’ Continue Reading

NCSC: Not necessarily wise to ditch Kaspersky

UK’s National Cyber Security Centre issues refreshed guidance on organisations’ usage of technology and services of Russian origin, but stops short of advising users to expunge all Russian products from their IT estates Continue Reading

Kaspersky CEO: Ukraine war must end through diplomacy

Eugene Kaspersky speaks out on the war in Ukraine, and rebuffs Germany’s BSI, branding its warnings over his company’s trustworthiness as insulting Continue Reading

German authorities warn on Kaspersky but stop short of ban

Germany authorities warn Kaspersky users to consider alternatives to the firm’s flagship antivirus software, citing national security concerns and the war on Ukraine Continue Reading

CaddyWiper is fourth new malware linked to Ukraine war

ESET’s cyber security analysts have identified yet another destructive wiper malware being used against targets in Ukraine Continue Reading

Kaspersky forced to deny source code leak

Kaspersky says an alleged leak of its source code was in fact material anyone could have gleaned from its public servers Continue Reading

Google buys Mandiant for £4bn

Acquisition will see cyber defence and threat intelligence specialist folded into Google Cloud’s security suite Continue Reading

Cloudflare: Our network is our product

Cloudflare’s chief product officer explains why its network is its product and how it protects organisations against cyber threats Continue Reading

The UK’s cyber security sector is thriving, but our work has only just begun

The government’s Annual Cyber Sector Report painted a positive picture of the UK security industry. CIISec’s Amanda Finch thinks we can go further in developing cyber talent and opening up the sector Continue Reading

New cyber guidelines to safeguard construction sector

NCSC launches sector-specific security guidance for organisations in the construction industry, with input from the Chartered Institute of Building Continue Reading

Russia behind dangerous Cyclops Blink malware

Joint NCSC CISA advisory attributes a dangerous malware, dubbed Cyclops Blink, to Russia’s Sandworm APT, likely a GRU unit, with WatchGuard users at particular risk Continue Reading

Microsoft extends Defender umbrella to Google Cloud Platform

Redmond says extending Defender for Cloud native capabilities to the Google Cloud Platform will help simplify security for organisations pursuing multicloud strategies by eliminating the gaps where the bad guys can get in Continue Reading

2021 another record year for UK cyber investment

Total revenue generated by the UK’s cyber sector was up 14% last year, and UK-registered security firms raised over £1bn in investment Continue Reading

Lack of knowledge disastrous for effective security strategy within Dutch companies

Most Dutch companies still haven’t realised that security is an integral part of their IT and company strategy Continue Reading

Palo Alto announces ML-enabled software update and firewalls

Palo Alto's updated PAN-OS software uses machine learning to analyze network traffic in real time, and two firewall appliances provide the processing power to support it. Continue Reading

The Netherlands works on resilience with large-scale national cyber exercise

 Continue Reading

Log4Shell, Ukraine and umbrella firm cyber attacks – Computer Weekly Downtime Upload podcast

Alex Scroxton joins the team to discuss the Log4j vulnerability and Russian pressure on Ukraine. Also discussed are cyber attacks on umbrella companies, neuro-diversity and junk in space Continue Reading

The Security Interviews: Building the UK’s future cyber ecosystem

As the government lays out the next iteration of its Cyber Security Strategy, we speak to Plexal and Lorca’s Saj Huq about his work building a cyber ecosystem to support the UK’s future ambitions Continue Reading

Zero-trust to soar in 2022, but dogged by implementation challenges

IT leaders are keen to invest in zero-trust, but face issues around a lack of expertise, and selling the concept into the C-suite Continue Reading

What neurodivergent people really think of working in cyber security

Many firms are filling cyber security skills gaps by hiring neurodivergent talent – but more support is needed for neurodivergent cyber security professionals, writes autistic tech journalist Nicholas Fearn Continue Reading

Trellix looks to democratise access to XDR in APAC

The company formed from the merger of FireEye Enterprise and McAfee will team up with managed service providers, among other efforts, to democratise access to extended detection and response capabilities in the region Continue Reading

Trellix XDR platform forged out of McAfee, FireEye union

The private equity owners of McAfee Enterprise and FireEye are merging the companies into a new entity to ‘define the future’ of cyber security through XDR technology Continue Reading

Umbrella company Brookson self-refers to NCSC following cyber attack on its network

Contractor payroll, accounting and compliance firm confirms its networks have been targeted by an ‘extremely aggressive’ cyber attack that has resulted in some of its systems being proactively taken offline Continue Reading

Top 10 cyber security stories of 2021

Cyber security dominated the headlines in 2021, making it hard to gain a clear picture of what to pay attention to. What is an IT buyer to do? Continue Reading

Is the IT sector beset by fear-mongering?

The arms race between hackers and security teams has led to a plethora of new technologies, but it can be hard to differentiate between sensible cyber purchases and those that are promoted by exaggerating risk Continue Reading

IT Priorities 2022: Pandemic’s long tail for cyber buyers

Pandemic response has been top of mind for cyber leaders these past 18 months, and as Covid-19 turns two, the TechTarget/Computer Weekly IT Priorities 2022 study shows buyers are still focused on how Covid has upended the workplace Continue Reading

Back on the office network: What are the risks for mobile users?

Many people are returning to offices and bringing their mobile devices with them. What are the cyber security implications of this? Continue Reading

Why is Emotet back, and should we be worried about it?

The sudden reappearance of Emotet this week has security teams on high alert, but do we need to be worried about its return, and what should we be doing about it? Continue Reading

Security startups line up on Cyber Runway

Some 108 cyber security startups representing the UK’s most cutting-edge innovators are to join Plexal’s Cyber Runway accelerator Continue Reading

Security Think Tank: SASE – more than the sum of its parts?

Airbus Cybersecurity’s Paddy Francis asks what makes an integration of the various components of SASE more the sum of their parts, and what are the benefits and pitfalls? Continue Reading

Dutch education administrators underestimate threat of cyber crime

 Continue Reading

The Netherlands works on resilience with large-scale national cyber exercise

For the Netherlands, the biggest challenge in a large-scale cyber crisis is to maintain speed while exercising due care Continue Reading

Security Think Tank: SASE – marketing buzz or the future of security?

SASE architectures promise to prevent multiple types of cyber attacks, but deciding whether SASE is right for your organisation will require understanding whether SASE is a fit for your use cases in IT Continue Reading

Government commits millions to security investment

Spending Review adds more than £750m of funding to improve cyber security resilience across government Continue Reading

Airport operator MAG boosts threat visibility with hybrid SOC

With budget concerns weighing heavy during the pandemic, Manchester Airports Group ditched an impending capex-heavy cyber investment in favour of a hybrid managed/in-house approach. Learn more about its experience Continue Reading

APAC organisations warm to zero trust

Two-thirds of APAC organisations have a zero-trust strategy even as they grapple with the lack of skills and other organisational challenges, study finds Continue Reading

Back on the office network: What are the risks for mobile users?

Many people are returning to offices and bringing their mobile devices with them. What are the cyber security implications of this? Continue Reading

CW APAC, October 2021: Tech Career Guide

Despite marked improvements, tech still faces a diversity problem. In this handbook, focused on cyber security’s gender gap in the Asia-Pacific region, Computer Weekly looks at the mentoring programmes aiming to combat the issue, the career path of IAG’s Elaine Muir, how hacking won Claudean Zheng a job and what else needs to be done to tackle the ongoing gender imbalance Continue Reading

Top women in UK tech, AI on puffin island – Computer Weekly Downtime Upload podcast

In this episode, Caroline Donnelly, Clare McDonald and Brian McKenna discuss CW’s annual programme to choose the most influential women in UK tech, as well as Newham Sparks, and puffin-counting AI Continue Reading

Israeli Orca to invest in UK cyber scene

Tel Aviv-headquartered Orca Security wants to set up a new R&D centre in the UK Continue Reading

Dutch education administrators underestimate threat of cyber crime

Research shows educational establishments in the Netherlands are becoming favoured targets of cyber criminals and administrators are underestimating the risks Continue Reading

Dutch researchers build security software to mimic human immune system

 Continue Reading

How the cyber security market is evolving

The cyber security market has gained even greater importance in the post-Covid era and continues to grow and evolve. But what factors are driving trends in that market and what should your organisation consider when making cyber security investments? Continue Reading

Considerations when deciding on a new SIEM or SOAR tool

A successful deployment of any security tool very much depends on the maturity of security processes in the organisation Continue Reading

MoD seeks security tech to harden military systems

The Defence and Security Accelerator has launched a programme to root out technology that will reduce the military’s exposure to cyber attacks Continue Reading

Cyber Runway programme supports new security businesses

The Cyber Runway programme is a government-backed scheme to support entrepreneurs, startups and scaleups in launching and growing new security businesses Continue Reading

The Netherlands still lacks digital resilience, says report

Report by National Coordinator for Counterterrorism and Security says the Netherlands’ digital resilience has improved, but is still insufficient Continue Reading

Initial access brokers unaffected by ransomware content bans

Banning ransomware content from cyber crime forums has done little to prevent initial access brokers from advertising their services, with the number of access listings increasing in the second quarter of 2021 Continue Reading

Government-led innovation can help cyber startups find a market

There are many reasons why early-stage cyber startups often struggle to get off the ground, but government-backed programmes can help them find a path Continue Reading

Five ways to ensure remote working security and compliance

A mix of on-site and remote working has become a fact of life for many organisations. We look at five key things you should consider to ensure compliance and security Continue Reading

Security Think Tank: A return to the office is not a return to normal

With Covid-19 restrictions easing, offices are welcoming back remote workers this summer, bringing with them their notebooks and mobiles, and creating an endpoint management headache for CISOs. What do security teams need to account for to protect their returning office workers? Continue Reading

Cyber attackers up the ante on embattled IT teams

Opportunistic threat actors are pouncing on embattled IT teams that are under pressure to expand remote work arrangements Continue Reading

Nominations open for 2021 Security Serious Unsung Heroes Awards

Nominations are now open for this year’s edition of the Unsung Heroes Awards for cyber professionals and educators Continue Reading

Controversial cyber tycoon John McAfee dead at 75

Founder of the eponymous cyber security firm has committed suicide in a Spanish prison Continue Reading

Cloudflare announces new integrations with Microsoft, others

New security integrations with Microsoft Azure Sentinel, Splunk, Datadog and Sumo Logic will supposedly make it easier for users to analyse network security data Continue Reading

Lorca Ignite programme targets breakout cyber talent

Six of the most successful companies to have come through Lorca’s existing accelerators are being inducted into an intensive programme Continue Reading