Application security and coding requirements
-
News
02 Aug 2024
How CrowdStrike is leveraging AI to empower security teams
CrowdStrike CTO Elia Zaitsev explains how the company’s multi-agent AI architecture can help to enhance analyst efficiency and tackle cyber security challenges Continue Reading
By- Aaron Tan, TechTarget
-
News
31 Jul 2024
API attacks surge by 65% in APAC, fuelled by rapid digitisation
Akamai's report reveals a significant rise in cyber attacks on web applications and APIs in the region over the past year, with financial and commerce sectors hardest hit Continue Reading
By- Aaron Tan, TechTarget
-
News
18 Apr 2023
Tech companies and NGOs urge rewrite of Online Safety Bill to protect encrypted comms
The Online Safety Bill faces amendments in the House of Lords amid concerns that it could weaken the security of end-to-end encrypted communications for UK citizens Continue Reading
By- Bill Goodwin, Computer Weekly
-
News
18 Apr 2023
Focus on these three risky behaviours to boost cloud security
Some 80% of cloud security alerts are triggered by just 5% of security rules. Security teams can substantially improve their resilience by zeroing in on a small set of risky behaviours, according to a report Continue Reading
By- Alex Scroxton, Security Editor
-
Feature
14 Apr 2023
Securing your software supply chain
Organisations need to have a thorough understanding of software components and build security controls into development lifecycles to shore up the security of their software supply chains Continue Reading
By- Aaron Tan, TechTarget
-
News
13 Apr 2023
Thousands at risk from critical RCE bug in legacy MS service
Thousands of organisations worldwide are at risk from three vulnerabilities – one critical – in a legacy Microsoft service that they may not be aware they are running Continue Reading
By- Alex Scroxton, Security Editor
-
News
12 Apr 2023
April Patch Tuesday fixes zero-day used to deliver ransomware
A zero-day in the Microsoft Common Log File System that has been abused by the operator of the Nokoyawa ransomware is among 97 vulnerabilities fixed in April’s Patch Tuesday update Continue Reading
By- Alex Scroxton, Security Editor
-
News
03 Apr 2023
CIO interview: Carter Busse, CIO, Workato
Workato CIO Carter Busse talks up the company’s approach towards automation and its efforts to drive the technology across its business Continue Reading
By- Aaron Tan, TechTarget
-
News
30 Mar 2023
OSC&R supply chain security framework goes live on Github
The OSC&R framework for understanding and evaluating threats to supply chain security has made its debut on Github to allow anybody to contribute to the framework Continue Reading
By- Alex Scroxton, Security Editor
-
News
30 Mar 2023
3CX unified comms users hit by supply chain attacks
Ongoing supply chain attacks against customers of UC firm 3CX appear to be linked to North Korean threat actors Continue Reading
By- Alex Scroxton, Security Editor
-
News
28 Mar 2023
Apple security updates fix 33 iPhone vulnerabilities
A larger-than-usual update to Apple’s mobile operating system fixes more than 30 distinct vulnerabilities, including two serious issues that may potentially affect device kernels Continue Reading
By- Alex Scroxton, Security Editor
-
News
27 Mar 2023
France latest to ban TikTok on government devices
Following bans in the UK and US, France has moved to enact restrictions on TikTok, and other social media apps, on government devices Continue Reading
By- Alex Scroxton, Security Editor
-
News
21 Mar 2023
Nordics move towards common cyber defence strategy
Nordic countries agree to work together to improve their cyber defences amid increasing threat Continue Reading
By- Gerard O'Dwyer
-
News
21 Mar 2023
How Mimecast thinks differently about email security
Mimecast CEO Peter Bauer believes the company’s comprehensive approach towards email security has enabled it to remain relevant to customers for two decades Continue Reading
By- Aaron Tan, TechTarget
-
News
16 Mar 2023
Mandiant: Dangerous MS Outlook zero-day widely used against Ukraine
A zero-day vulnerability in Microsoft Outlook that was fixed in the March Patch Tuesday update has likely been actively exploited by Russian actors for a year or more, and its use will now spread rapidly Continue Reading
By- Alex Scroxton, Security Editor
-
News
15 Mar 2023
Microsoft patches Outlook zero-day for March Patch Tuesday
A highly dangerous privilege escalation bug in Outlook is among 80 different vulnerabilities patched in Microsoft’s March Patch Tuesday update Continue Reading
By- Alex Scroxton, Security Editor
-
News
14 Mar 2023
NCSC warns over AI language models but rejects cyber alarmism
The UK's NCSC has issued advice for those using the technology underpinning AI tools such as ChatGPT, but says some of the security doomsday scenarios being proposed right now are not necessarily realistic Continue Reading
By- Alex Scroxton, Security Editor
-
Definition
08 Mar 2023
hackathon
A hackathon, also known as a codefest, is a social coding event that brings computer programmers and other interested people together to improve upon or build a new software program. Continue Reading
By- Kinza Yasar, Technical Writer
- Mekhala Roy
- Nicole Laskowski, Senior News Director
-
News
07 Mar 2023
Dutch hospitals underestimate impact of cyber attack
IT failures in acute care organisations in the Netherlands have increased considerably since 2010, affecting patient care and stressing the need to improve IT security in hospitals Continue Reading
By- Kim Loohuis
-
News
27 Feb 2023
Advanced digital resiliency can save organisations millions
Businesses that build out their digital resiliency are not only more secure, they also have more opportunities to innovate with IT Continue Reading
By- Cliff Saran, Managing Editor
-
News
22 Feb 2023
Researchers find new bug ‘class’ in Apple devices
A group of vulnerabilities in Apple products that stem from the ForcedEntry exploit used by spyware firm NSO constitutes a whole new class of bug, say researchers at Trellix Continue Reading
By- Alex Scroxton, Security Editor
-
News
15 Feb 2023
Microsoft fixes three zero-days in February update
February’s Patch Tuesday update contains fixes for three previously unpublicised zero-days in Microsoft Office, Windows Graphics Component and Windows Common Log File System Driver Continue Reading
By- Alex Scroxton, Security Editor
-
News
14 Feb 2023
OSC&R framework to stop supply chain attacks in the wild
The backers of a new MITRE ATT&CK style framework called OSC&R hope to help organisations get to grips with threats to their software supply chains Continue Reading
By- Alex Scroxton, Security Editor
-
News
05 Feb 2023
Australian organisations underinvesting in cyber security
Over half of Australian organisations failed to invest enough in cyber security over past three years, though awareness is improving in aftermath of high-profile data breaches Continue Reading
By- Aaron Tan, TechTarget
-
News
03 Feb 2023
LockBit gang confirms Ion cyber attack as disruption continues
The LockBit ransomware cartel has taken responsibility for this week’s attack on financial software firm Ion, and is threatening to leak stolen data on Saturday 4 February Continue Reading
By- Alex Scroxton, Security Editor
- Valéry Rieß-Marchive, Rédacteur en chef
-
News
01 Feb 2023
Cisco fixes two bugs that could have led to supply chain attacks on users
Two vulnerabilities uncovered in Cisco hardware could have opened the door to serious supply chain cyber attacks, according to the Trellix researchers who found them Continue Reading
By- Alex Scroxton, Security Editor
-
News
31 Jan 2023
GitHub warns Desktop, Atom users after code-signing certificates pinched
Threat actors stole encrypted code-signing certificates for GitHub’s Desktop and Atom applications in December 2022, prompting warnings for users Continue Reading
By- Alex Scroxton, Security Editor
-
News
26 Jan 2023
Zero-trust implementations remain work in progress
Just one in 10 large enterprises are expected to have mature and measurable zero-trust programmes in place by 2026, study finds Continue Reading
By- Aaron Tan, TechTarget
-
News
23 Jan 2023
Trellix automates patching for 62,000 vulnerable open source projects
Since revealing startling statistics about the prevalence of a 15-year-old Python vulnerability, Trellix says it has helped fix almost 62,000 vulnerable projects in the past four months Continue Reading
By- Alex Scroxton, Security Editor
-
News
12 Jan 2023
Chrome vulnerability could have led to widespread data theft
A dangerous vulnerability in Google Chrome and Chromium-based browsers could have put billions of users’ files at risk of being stolen Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
12 Jan 2023
Europe’s cyber security strategy must be clear about open source
Europe’s cyber security policy on open source is lagging behind the US, and despite growing government awareness of the issues, that poses a problem Continue Reading
By- Ilkka Turunen
-
News
11 Jan 2023
Microsoft fixes EoP zero-day on January Patch Tuesday
On the first Patch Tuesday of 2023, Microsoft fixed an elevation of privilege vulnerability in Windows Advanced Local Procedure Call, which has been actively exploited in the wild and may be co-opted into ransomware campaigns Continue Reading
By- Alex Scroxton, Security Editor
-
News
05 Jan 2023
Cashless Denmark has no bank robberies in a year for first time
Denmark saw no bank robberies in a single year for the first time ever, but online fraud continues to increase Continue Reading
By- Karl Flinders, Chief reporter and senior editor EMEA
-
News
02 Jan 2023
China and India governments among top targets for cyber attackers
Chinese and Indian governments targeted by hacktivists and ransomware groups out to make statement or expose flaws in their respective security postures Continue Reading
By- Aaron Tan, TechTarget
-
Feature
29 Dec 2022
Cyber security professionals share their biggest lessons of 2022
In the run-up to 2023, cyber security professionals are taking the time to reflect on the past few months and share their biggest lessons of 2022 Continue Reading
-
News
22 Dec 2022
Top 10 cyber security stories of 2022
The war in Ukraine loomed large over the cyber security news agenda, but 2022 also saw growing awareness of open source security, discussion around cyber insurance, and more besides Continue Reading
By- Alex Scroxton, Security Editor
-
Definition
21 Dec 2022
hotfix
A hotfix is code -- sometimes called a patch -- that fixes a bug in a product. Continue Reading
By- Ben Lutkevich, Site Editor
-
News
20 Dec 2022
Top 10 software development stories of 2022
We look at how software development has adapted to the changing economic climate over the past 12 months Continue Reading
By- Cliff Saran, Managing Editor
-
Opinion
19 Dec 2022
Security Think Tank: 2022 brought plenty of learning opportunities in cyber
At the end of another busy 12 months, Turnkey Consulting’s Andrew Morris sums up some of the most important takeaways for cyber pros Continue Reading
By- Andrew Morris, Turnkey Consulting
-
News
15 Dec 2022
Lego fixes dangerous API vulnerability in BrickLink service
The Lego Group has remediated two potentially serious API vulnerabilities in its BrickLink digital resale platform, just in time for Christmas Continue Reading
By- Alex Scroxton, Security Editor
-
News
14 Dec 2022
Ethical hackers flex their muscles in 2022
Ethical hackers working through HackerOne programmes found 21% more vulnerabilities in 2022 than in 2021 Continue Reading
By- Alex Scroxton, Security Editor
-
News
14 Dec 2022
Microsoft fixes two zero-days in final Patch Tuesday of 2022
December’s Patch Tuesday is typically a light month for Microsoft, and this year proved no exception, but there are still several critical issues worth addressing, and two zero-days for defenders to pore over Continue Reading
By- Alex Scroxton, Security Editor
-
News
13 Dec 2022
Finnish government launches information security voucher scheme
Finland’s government is offering businesses financial support to help them improve their cyber security Continue Reading
By- Gerard O'Dwyer
-
News
13 Dec 2022
More Uber data exposed in possible supply chain attack
A second incident affecting ride-sharing app Uber appears to have originated through a third party in a supply chain attack Continue Reading
By- Alex Scroxton, Security Editor
-
News
09 Dec 2022
CIISec, DCMS to fund vocational cyber courses for A-level students
The Chartered Institute of Information Security and the Department for Digital, Culture, Media and Sport plan to fund vocational cyber qualifications for 300 teenagers Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
09 Dec 2022
Security Think Tank: 2022 changed how we thought about resilience
Increasing cyber resilience is at the heart of the people-processes-technology triangle, and 2022 saw shifts in all three of these aspects, says PA Consulting’s Sharon Shochat Continue Reading
By- Sharon Shochat
-
News
08 Dec 2022
Consumers to get new protections against dodgy apps
Government’s new code of practice will impose new privacy and security measures on app store operators and developers Continue Reading
By- Alex Scroxton, Security Editor
-
News
08 Dec 2022
Australia to develop new cyber security strategy
New strategy to be developed by top cyber security experts aims to turn Australia into a global cyber leader, among other goals Continue Reading
-
News
07 Dec 2022
Google, MS, Oracle vulnerabilities make November ’22 a big month for patching
Vulnerabilities affecting the likes of Google, Microsoft and Oracle proved particularly troublesome in November Continue Reading
By- Alex Scroxton, Security Editor
-
29 Nov 2022
Trustpilot gets agile to build trust online
Consumer reviews website Trustpilot has built and scaled its IT security team and is now turning to agile methods and DevSecOps to further enhance its cyber capabilities, as CISO Stu Hirst explains. Continue Reading
-
News
24 Nov 2022
Not-for-profit aims to encourage 1,300 girls into cyber careers
CyNam, a not-for-profit cyber security initiative, is collaborating with industry, education providers and government to encourage young women into cyber Continue Reading
By- Clare McDonald, Business Editor
-
E-Zine
22 Nov 2022
Cyber criminals target World Cup Qatar 2022
In this week’s Computer Weekly, as the FIFA World Cup opens in Qatar, we examine the cyber security threats from criminals targeting the event. We report from the Gartner Symposium on the latest predictions for enterprise software development. And we talk to the CIO of Kyiv City Council about managing IT in the shadow of war. Read the issue now. Continue Reading
-
News
21 Nov 2022
Bug Bounty Calculator helps organisations fine-tune their payouts
Newly launched comparison tool will supposedly help operators of vulnerability disclosure or bug bounty programmes to ensure their payments match market rates and expectations, and attract the right sort of attention Continue Reading
By- Alex Scroxton, Security Editor
-
News
09 Nov 2022
Microsoft serves smorgasbord of six zero-days
November’s Patch Tuesday fixes significantly fewer vulnerabilities of late, but includes six actively-exploited zero-days, three of them of critical severity Continue Reading
By- Alex Scroxton, Security Editor
-
News
03 Nov 2022
The Security Interviews: Building trust online
Consumer reviews website Trustpilot has built and scaled its IT security team and is now turning to agile methods and DevSecOps to further enhance its cyber capabilities Continue Reading
By -
News
02 Nov 2022
OpenSSL vulnerabilities ‘not as bad as feared’
As previously trailed, OpenSSL patched two buffer overflow vulnerabilities, neither of them as impactful as had been feared Continue Reading
By- Alex Scroxton, Security Editor
-
Blog Post
01 Nov 2022
Why Supply Chain Security Attacks Are So Damaging
Commonly in cyber security-related conversations, strategic references to the edge, boundary, endpoint, cloud etc are commonplace as potential areas of vulnerability. However, in several recent ... Continue Reading
By- Steve Broadhead, Broadband Testing
-
News
31 Oct 2022
Prepare today for potentially high-impact OpenSSL bug
OpenSSL trailed a critical vulnerability patch last week, which will be only the second such flaw ever found in the open source encryption project. Unfortunately, the first was Heartbleed Continue Reading
By- Alex Scroxton, Security Editor
-
News
25 Oct 2022
Apple patches new iPhone zero-day
Apple’s latest patch fixes yet another zero-day, as security issues keep surfacing in its mobile products Continue Reading
By- Alex Scroxton, Security Editor
-
Feature
20 Oct 2022
What do the US’s new software security rules mean for UK organisations?
The White House announced recently that all software supplied to the US government and its agencies needs to be secure, so what does this mean for the UK and EU security sectors? Continue Reading
-
News
18 Oct 2022
Apache vulnerability a risk, but not as widespread as Log4Shell
A newly disclosed Apache Commons Text vulnerability may put many at risk, but does not appear to be as impactful or widespread as Log4Shell Continue Reading
By- Alex Scroxton, Security Editor
-
News
18 Oct 2022
Virtually all vulnerable open source downloads are avoidable
Some 96% of known vulnerable open source downloads could have been avoided altogether, according to a report Continue Reading
By- Alex Scroxton, Security Editor
-
Feature
17 Oct 2022
API management: Assessing reliability and security
Once an API is published, its developer then has responsibility to ensure it is kept up to date and is secure Continue Reading
By- Cliff Saran, Managing Editor
- Adrian Bridgwater
-
News
14 Oct 2022
Australia becoming hotbed for cyber attacks
Research by Imperva shows an 81% increase in cyber security incidents in Australia between July 2021 and June 2022, including automated attacks that doubled in frequency Continue Reading
By- Aaron Tan, TechTarget
-
News
13 Oct 2022
Gartner: Remote work, zero trust, cloud still driving cyber spend
Security leaders are eager to spend on categories including remote and hybrid cyber offerings, zero-trust network access, and cloud Continue Reading
By- Alex Scroxton, Security Editor
-
News
12 Oct 2022
Microsoft fixes lone zero-day on October Patch Tuesday
Microsoft patched a solitary zero-day vulnerability in its latest monthly drop, but fixes for two others disclosed in the past few weeks are nowhere to be seen Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
11 Oct 2022
Reducing the cyber stack with API security
Budgets are tight, making it difficult to secure spend, but is there an argument for jettisoning fragmented approaches to securing APIs in favour of a dedicated end-to-end approach? Doubling down on API security could help businesses not just reduce risk, but also costs Continue Reading
By- Jason Kent
-
News
11 Oct 2022
Contractor left Toyota source code exposed for five years
Source code related to Toyota’s T-Connect service was left exposed on GitHub for over five years by a contractor Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
10 Oct 2022
Security Think Tank: Design security in to reap container benefits
Provided container security basics are built into your development and runtime environment from the start, containerised services and applications can provide rapid – and secure – achievement of business objectives Continue Reading
By- Mairi MacLeod and Farrukh Ahmad
-
Definition
06 Oct 2022
filter (computing)
The term filter in computing can mean a variety of things, depending on the technology or technical discipline in question. Continue Reading
By- Andrew Froehlich, West Gate Networks
-
News
05 Oct 2022
Forrester: US set to dominate AI enterprise software market
Artificial intelligence is the fastest growth area in software. This is driving adoption, which will make AI mainstream technology in business software Continue Reading
By- Cliff Saran, Managing Editor
-
News
29 Sep 2022
Optus breach casts spotlight on cyber resilience
The massive data breach that affected more than 10 million Optus customers has cast the spotlight on API security and other factors that contribute to the cyber resilience of organisations in Australia Continue Reading
-
Opinion
28 Sep 2022
Security Think Tank: Three steps to a solid DevSecOps strategy
Read about how buyers can manage third-party risk when procuring applications, how to secure the software development process, and even how to affect cultural change among developers not used to thinking cyber first Continue Reading
By- Cate Pye and Farrukh Ahmad
-
News
26 Sep 2022
How Russian intelligence hacked the encrypted emails of former MI6 boss Richard Dearlove
Hack by Russian-linked ColdRiver group exposed former MI6 chief Richard Dearlove’s contacts and email communications with government, military, intelligence and political officials Continue Reading
By- Duncan Campbell , 2QQ Ltd, Sussex University
-
Opinion
23 Sep 2022
It’s time for engineering teams to own DevSecOps
It may seem counterintuitive, but maybe organisations should consider delegating responsibility for DevSecOps to engineering teams, not security teams, argues Elastic’s Mandy Andress Continue Reading
By- Mandy Andress, Elastic
-
News
22 Sep 2022
Nordic private equity firms pursue cyber security acquisitions
Increasing interest in the security sector from Nordic private equity firms is a reflection of growing threats and increasing enterprise security budgets Continue Reading
By- Gerard O'Dwyer
-
News
21 Sep 2022
15-year-old Python bug present in 350,000 open source projects
A Python tarfile vulnerability first disclosed in 2007 still persists to this day, according to analysis from Trellix Continue Reading
By- Alex Scroxton, Security Editor
-
News
20 Sep 2022
Thousands of customers affected in Revolut data breach
Digital challenger bank has warned its customers to be vigilant after their data was exposed in a cyber attack Continue Reading
By- Karl Flinders, Chief reporter and senior editor EMEA
-
News
16 Sep 2022
Six new vulnerabilities added to CISA catalogue
CISA adds six new vulnerabilities to its most-wanted list, including one that dates back to 2010 Continue Reading
By- Alex Scroxton, Security Editor
-
News
14 Sep 2022
Microsoft patches 64 vulnerabilities on September Patch Tuesday
Microsoft drops fixes for five critical vulnerabilities and one zero-day in its latest monthly update Continue Reading
By- Alex Scroxton, Security Editor
-
News
12 Sep 2022
CISOs should spend on critical apps, cloud, zero-trust, in 2023
Faced with a global recession next year, security buyers should try to direct investment towards technology that protects customer-facing and revenue-generating workloads, say analysts Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
09 Sep 2022
Security Think Tank: Adding trust to AppSec and DevSecOps
When building in trust and assurance into app development through standards, it is critically important not to stifle innovation Continue Reading
By- Rowland Johnson
-
News
08 Sep 2022
Dutch cyber security organisations to join forces
Cyber security organisations in the Netherlands are going to merge into a single central expertise centre and information hub, which all organisations in the country will soon be able to tap into Continue Reading
By- Kim Loohuis
-
Opinion
08 Sep 2022
Security Think Tank: Creating a DevSecOps-friendly cyber strategy
When slowing down is not an option, you need to find a security strategy that is DevSecOps friendly, says Airbus Protect’s Olivier Allaire Continue Reading
By- Olivier Allaire, Airbus Protect
-
News
07 Sep 2022
August ’22 a bumper month for high-impact vulnerabilities
Bugs in products from Apple, Google, Microsoft and VMware dominated the threat landscape in August, says Recorded Future Continue Reading
By- Alex Scroxton, Security Editor
-
News
07 Sep 2022
Prince’s Trust teams with threat management specialist in skills push
Prince’s Trust hopes to address shortfall in cyber professionals and improve diversity in the industry Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
07 Sep 2022
Security Think Tank: The many dimensions of DevSecOps
It is imperative to make our colleagues and customers know that when we talk DevSecOps, we are facing a multiphase challenge that starts at the very beginning of DevOps, and one that never ends Continue Reading
By- Alejandro Bernal
-
News
06 Sep 2022
Saudi Arabian organisations choose to outsource to improve cyber security posture
Overwhelmed by rising threats and a growing number of government mandates, many organisations in Saudi Arabia are looking for outside help to take care of cyber security Continue Reading
By- Pat Brans, Pat Brans Associates/Grenoble Ecole de Management
-
Opinion
05 Sep 2022
Security Think Tank: Good procurement practices pave the way to app security
Application security is as much a question of good procurement practice as it is good development practice, says Petra Wenham of the BCS Continue Reading
By -
Opinion
02 Sep 2022
Security Think Tank: Shift left, shift right. What about shift everywhere?
The concepts of shift left and shift right are highly effective in securing the development process, but for those who want to take things that step further there is shift everywhere Continue Reading
By- Paul Holland, Information Security Forum
-
Opinion
01 Sep 2022
Security Think Tank: Effective DevSecOps requires collaboration
Application security and effective DevSecOps can only be achieved through collaboration with the business – the ultimate goal is to make it safer to do business, which requires considering integrated risk management and identity and access management alongside cyber security and application security Continue Reading
By- Andrew Morris, Turnkey Consulting
-
News
31 Aug 2022
Google debuts open source bug bounty programme
Google is calling on hackers to take pot-shots at its open source projects for the first time through a new vulnerability research programme Continue Reading
By- Alex Scroxton, Security Editor
-
News
31 Aug 2022
Norway has NOK200m plan to bolster cyber defences
Norway is investing heavily in its cyber defences amid heightened threat from Russia Continue Reading
By- Gerard O'Dwyer
-
Blog Post
30 Aug 2022
Breaches You Don’t Hear About
I think it’s fair to say that, over the decades, if the general public had been alerted to all the attempted terrorist attacks tracked down and prevented by intelligence – as opposed to just the ... Continue Reading
By- Steve Broadhead, Broadband Testing
-
Podcast
25 Aug 2022
James Hatch, BAE Systems: Computer Weekly Downtime Upload podcast
We speak to the chief digital officer at BAE Systems’ Digital Intelligence business about the challenges of “digital” in high-trust organisations Continue Reading
By- Cliff Saran, Managing Editor
-
News
23 Aug 2022
DevSecOps: Software developers lack sufficient security focus
GitLab survey shows developers want to produce high-quality code, but ‘shifting’ security left is hard to achieve Continue Reading
By- Cliff Saran, Managing Editor
-
News
19 Aug 2022
Cozy Bear targets MS 365 environments with new tactics
Cozy Bear, or APT29, is trying out new tricks as it seeks access to its targets’ Microsoft 365 environments Continue Reading
By- Alex Scroxton, Security Editor
-
News
19 Aug 2022
Apple patches two zero-days in macOs, iOS
Mac users should urgently apply new patches addressing vulnerabilities in its desktop and mobile operating systems Continue Reading
By- Alex Scroxton, Security Editor
-
News
19 Aug 2022
Inside Singapore’s national digital identity journey
Singapore’s national digital identity system has evolved from providing single sign-on to e-government services to pandemic-related and digital document capabilities in recent years Continue Reading
By- Aaron Tan, TechTarget
-
News
12 Aug 2022
Microsoft doles out $13.7m in bug bounties
Microsoft’s Bug Bounty programme has paid a total of $13.7m to more than 300 researchers in almost 50 countries Continue Reading
By- Alex Scroxton, Security Editor
-
News
10 Aug 2022
GitHub targets vulnerable open source components
There are thousands of vulnerabilities in open source code – GitHub aims to help developers see if their projects are impacted Continue Reading
By- Cliff Saran, Managing Editor
-
News
10 Aug 2022
Microsoft fixes two-year-old MSDT vulnerability in August update
August’s Patch Tuesday drop fixes more than 120 CVEs, including another MSDT RCE zero-day that is being actively exploited. Continue Reading
By- Alex Scroxton, Security Editor