Application security and coding requirements
-
News
25 Mar 2025
ETSI launches first post-quantum encryption standard
European telco standards body launches its first post-quantum cryptography cyber standard, covering the security of critical data and communications Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
24 Mar 2025
Will DeepSeek force us to take application security seriously?
The rise of DeepSeek has prompted the usual well-documented concerns around AI, but also raised worries about its potential links to the Chinese state. The Security Think Tank considers the steps security leaders can take to counter threats posed by nation state industrial espionage? Continue Reading
-
E-Zine
22 Nov 2022
Cyber criminals target World Cup Qatar 2022
In this week’s Computer Weekly, as the FIFA World Cup opens in Qatar, we examine the cyber security threats from criminals targeting the event. We report from the Gartner Symposium on the latest predictions for enterprise software development. And we talk to the CIO of Kyiv City Council about managing IT in the shadow of war. Read the issue now. Continue Reading
-
News
21 Nov 2022
Bug Bounty Calculator helps organisations fine-tune their payouts
Newly launched comparison tool will supposedly help operators of vulnerability disclosure or bug bounty programmes to ensure their payments match market rates and expectations, and attract the right sort of attention Continue Reading
By- Alex Scroxton, Security Editor
-
News
09 Nov 2022
Microsoft serves smorgasbord of six zero-days
November’s Patch Tuesday fixes significantly fewer vulnerabilities of late, but includes six actively-exploited zero-days, three of them of critical severity Continue Reading
By- Alex Scroxton, Security Editor
-
News
03 Nov 2022
The Security Interviews: Building trust online
Consumer reviews website Trustpilot has built and scaled its IT security team and is now turning to agile methods and DevSecOps to further enhance its cyber capabilities Continue Reading
By -
News
02 Nov 2022
OpenSSL vulnerabilities ‘not as bad as feared’
As previously trailed, OpenSSL patched two buffer overflow vulnerabilities, neither of them as impactful as had been feared Continue Reading
By- Alex Scroxton, Security Editor
-
Blog Post
01 Nov 2022
Why Supply Chain Security Attacks Are So Damaging
Commonly in cyber security-related conversations, strategic references to the edge, boundary, endpoint, cloud etc are commonplace as potential areas of vulnerability. However, in several recent ... Continue Reading
By- Steve Broadhead, Broadband Testing
-
News
31 Oct 2022
Prepare today for potentially high-impact OpenSSL bug
OpenSSL trailed a critical vulnerability patch last week, which will be only the second such flaw ever found in the open source encryption project. Unfortunately, the first was Heartbleed Continue Reading
By- Alex Scroxton, Security Editor
-
News
25 Oct 2022
Apple patches new iPhone zero-day
Apple’s latest patch fixes yet another zero-day, as security issues keep surfacing in its mobile products Continue Reading
By- Alex Scroxton, Security Editor
-
Feature
20 Oct 2022
What do the US’s new software security rules mean for UK organisations?
The White House announced recently that all software supplied to the US government and its agencies needs to be secure, so what does this mean for the UK and EU security sectors? Continue Reading
-
News
18 Oct 2022
Apache vulnerability a risk, but not as widespread as Log4Shell
A newly disclosed Apache Commons Text vulnerability may put many at risk, but does not appear to be as impactful or widespread as Log4Shell Continue Reading
By- Alex Scroxton, Security Editor
-
News
18 Oct 2022
Virtually all vulnerable open source downloads are avoidable
Some 96% of known vulnerable open source downloads could have been avoided altogether, according to a report Continue Reading
By- Alex Scroxton, Security Editor
-
Feature
17 Oct 2022
API management: Assessing reliability and security
Once an API is published, its developer then has responsibility to ensure it is kept up to date and is secure Continue Reading
By- Cliff Saran, Managing Editor
- Adrian Bridgwater
-
News
14 Oct 2022
Australia becoming hotbed for cyber attacks
Research by Imperva shows an 81% increase in cyber security incidents in Australia between July 2021 and June 2022, including automated attacks that doubled in frequency Continue Reading
By- Aaron Tan, TechTarget
-
News
13 Oct 2022
Gartner: Remote work, zero trust, cloud still driving cyber spend
Security leaders are eager to spend on categories including remote and hybrid cyber offerings, zero-trust network access, and cloud Continue Reading
By- Alex Scroxton, Security Editor
-
News
12 Oct 2022
Microsoft fixes lone zero-day on October Patch Tuesday
Microsoft patched a solitary zero-day vulnerability in its latest monthly drop, but fixes for two others disclosed in the past few weeks are nowhere to be seen Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
11 Oct 2022
Reducing the cyber stack with API security
Budgets are tight, making it difficult to secure spend, but is there an argument for jettisoning fragmented approaches to securing APIs in favour of a dedicated end-to-end approach? Doubling down on API security could help businesses not just reduce risk, but also costs Continue Reading
By- Jason Kent
-
News
11 Oct 2022
Contractor left Toyota source code exposed for five years
Source code related to Toyota’s T-Connect service was left exposed on GitHub for over five years by a contractor Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
10 Oct 2022
Security Think Tank: Design security in to reap container benefits
Provided container security basics are built into your development and runtime environment from the start, containerised services and applications can provide rapid – and secure – achievement of business objectives Continue Reading
By- Mairi MacLeod and Farrukh Ahmad
-
Definition
06 Oct 2022
filter (computing)
The term filter in computing can mean a variety of things, depending on the technology or technical discipline in question. Continue Reading
By- Andrew Froehlich, West Gate Networks
-
News
05 Oct 2022
Forrester: US set to dominate AI enterprise software market
Artificial intelligence is the fastest growth area in software. This is driving adoption, which will make AI mainstream technology in business software Continue Reading
By- Cliff Saran, Managing Editor
-
News
29 Sep 2022
Optus breach casts spotlight on cyber resilience
The massive data breach that affected more than 10 million Optus customers has cast the spotlight on API security and other factors that contribute to the cyber resilience of organisations in Australia Continue Reading
-
Opinion
28 Sep 2022
Security Think Tank: Three steps to a solid DevSecOps strategy
Read about how buyers can manage third-party risk when procuring applications, how to secure the software development process, and even how to affect cultural change among developers not used to thinking cyber first Continue Reading
By- Cate Pye and Farrukh Ahmad
-
News
26 Sep 2022
How Russian intelligence hacked the encrypted emails of former MI6 boss Richard Dearlove
Hack by Russian-linked ColdRiver group exposed former MI6 chief Richard Dearlove’s contacts and email communications with government, military, intelligence and political officials Continue Reading
By- Duncan Campbell , 2QQ Ltd, Sussex University
-
Opinion
23 Sep 2022
It’s time for engineering teams to own DevSecOps
It may seem counterintuitive, but maybe organisations should consider delegating responsibility for DevSecOps to engineering teams, not security teams, argues Elastic’s Mandy Andress Continue Reading
By- Mandy Andress, Elastic
-
News
22 Sep 2022
Nordic private equity firms pursue cyber security acquisitions
Increasing interest in the security sector from Nordic private equity firms is a reflection of growing threats and increasing enterprise security budgets Continue Reading
By- Gerard O'Dwyer
-
News
21 Sep 2022
15-year-old Python bug present in 350,000 open source projects
A Python tarfile vulnerability first disclosed in 2007 still persists to this day, according to analysis from Trellix Continue Reading
By- Alex Scroxton, Security Editor
-
News
20 Sep 2022
Thousands of customers affected in Revolut data breach
Digital challenger bank has warned its customers to be vigilant after their data was exposed in a cyber attack Continue Reading
By- Karl Flinders, Chief reporter and senior editor EMEA
-
News
16 Sep 2022
Six new vulnerabilities added to CISA catalogue
CISA adds six new vulnerabilities to its most-wanted list, including one that dates back to 2010 Continue Reading
By- Alex Scroxton, Security Editor
-
News
14 Sep 2022
Microsoft patches 64 vulnerabilities on September Patch Tuesday
Microsoft drops fixes for five critical vulnerabilities and one zero-day in its latest monthly update Continue Reading
By- Alex Scroxton, Security Editor
-
News
12 Sep 2022
CISOs should spend on critical apps, cloud, zero-trust, in 2023
Faced with a global recession next year, security buyers should try to direct investment towards technology that protects customer-facing and revenue-generating workloads, say analysts Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
09 Sep 2022
Security Think Tank: Adding trust to AppSec and DevSecOps
When building in trust and assurance into app development through standards, it is critically important not to stifle innovation Continue Reading
By- Rowland Johnson
-
News
08 Sep 2022
Dutch cyber security organisations to join forces
Cyber security organisations in the Netherlands are going to merge into a single central expertise centre and information hub, which all organisations in the country will soon be able to tap into Continue Reading
By- Kim Loohuis
-
Opinion
08 Sep 2022
Security Think Tank: Creating a DevSecOps-friendly cyber strategy
When slowing down is not an option, you need to find a security strategy that is DevSecOps friendly, says Airbus Protect’s Olivier Allaire Continue Reading
By- Olivier Allaire, Airbus Protect
-
News
07 Sep 2022
August ’22 a bumper month for high-impact vulnerabilities
Bugs in products from Apple, Google, Microsoft and VMware dominated the threat landscape in August, says Recorded Future Continue Reading
By- Alex Scroxton, Security Editor
-
News
07 Sep 2022
Prince’s Trust teams with threat management specialist in skills push
Prince’s Trust hopes to address shortfall in cyber professionals and improve diversity in the industry Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
07 Sep 2022
Security Think Tank: The many dimensions of DevSecOps
It is imperative to make our colleagues and customers know that when we talk DevSecOps, we are facing a multiphase challenge that starts at the very beginning of DevOps, and one that never ends Continue Reading
By- Alejandro Bernal
-
News
06 Sep 2022
Saudi Arabian organisations choose to outsource to improve cyber security posture
Overwhelmed by rising threats and a growing number of government mandates, many organisations in Saudi Arabia are looking for outside help to take care of cyber security Continue Reading
By- Pat Brans, Pat Brans Associates/Grenoble Ecole de Management
-
Opinion
05 Sep 2022
Security Think Tank: Good procurement practices pave the way to app security
Application security is as much a question of good procurement practice as it is good development practice, says Petra Wenham of the BCS Continue Reading
By -
Opinion
02 Sep 2022
Security Think Tank: Shift left, shift right. What about shift everywhere?
The concepts of shift left and shift right are highly effective in securing the development process, but for those who want to take things that step further there is shift everywhere Continue Reading
By- Paul Holland, Information Security Forum
-
Opinion
01 Sep 2022
Security Think Tank: Effective DevSecOps requires collaboration
Application security and effective DevSecOps can only be achieved through collaboration with the business – the ultimate goal is to make it safer to do business, which requires considering integrated risk management and identity and access management alongside cyber security and application security Continue Reading
By- Andrew Morris, Turnkey Consulting
-
News
31 Aug 2022
Google debuts open source bug bounty programme
Google is calling on hackers to take pot-shots at its open source projects for the first time through a new vulnerability research programme Continue Reading
By- Alex Scroxton, Security Editor
-
News
31 Aug 2022
Norway has NOK200m plan to bolster cyber defences
Norway is investing heavily in its cyber defences amid heightened threat from Russia Continue Reading
By- Gerard O'Dwyer
-
Blog Post
30 Aug 2022
Breaches You Don’t Hear About
I think it’s fair to say that, over the decades, if the general public had been alerted to all the attempted terrorist attacks tracked down and prevented by intelligence – as opposed to just the ... Continue Reading
By- Steve Broadhead, Broadband Testing
-
Podcast
25 Aug 2022
James Hatch, BAE Systems: Computer Weekly Downtime Upload podcast
We speak to the chief digital officer at BAE Systems’ Digital Intelligence business about the challenges of “digital” in high-trust organisations Continue Reading
By- Cliff Saran, Managing Editor
-
News
23 Aug 2022
DevSecOps: Software developers lack sufficient security focus
GitLab survey shows developers want to produce high-quality code, but ‘shifting’ security left is hard to achieve Continue Reading
By- Cliff Saran, Managing Editor
-
News
19 Aug 2022
Cozy Bear targets MS 365 environments with new tactics
Cozy Bear, or APT29, is trying out new tricks as it seeks access to its targets’ Microsoft 365 environments Continue Reading
By- Alex Scroxton, Security Editor
-
News
19 Aug 2022
Apple patches two zero-days in macOs, iOS
Mac users should urgently apply new patches addressing vulnerabilities in its desktop and mobile operating systems Continue Reading
By- Alex Scroxton, Security Editor
-
News
19 Aug 2022
Inside Singapore’s national digital identity journey
Singapore’s national digital identity system has evolved from providing single sign-on to e-government services to pandemic-related and digital document capabilities in recent years Continue Reading
By- Aaron Tan, TechTarget
-
News
12 Aug 2022
Microsoft doles out $13.7m in bug bounties
Microsoft’s Bug Bounty programme has paid a total of $13.7m to more than 300 researchers in almost 50 countries Continue Reading
By- Alex Scroxton, Security Editor
-
News
10 Aug 2022
GitHub targets vulnerable open source components
There are thousands of vulnerabilities in open source code – GitHub aims to help developers see if their projects are impacted Continue Reading
By- Cliff Saran, Managing Editor
-
News
10 Aug 2022
Microsoft fixes two-year-old MSDT vulnerability in August update
August’s Patch Tuesday drop fixes more than 120 CVEs, including another MSDT RCE zero-day that is being actively exploited. Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
05 Aug 2022
The dangers of the UK’s illogical war on encryption
The unintended consequences of the Online Safety Bill will have a dramatic effect on our ability to communicate securely, including in Ukraine, where it is needed most Continue Reading
By- Robin Wilton
-
News
04 Aug 2022
Spyware activity particularly impactful in July
After a quiet June, vulnerability exploitation ramped up in July, with intrusions linked to spyware seeing unusually high volumes of activity, according to a report Continue Reading
By- Alex Scroxton, Security Editor
-
News
28 Jul 2022
NCSC startups scheme turns focus to operational technology, SME security
NCSC for Startups initiative turns its focus to supporting innovation around securing operational technology and addressing the challenges facing small businesses Continue Reading
By- Alex Scroxton, Security Editor
-
News
28 Jul 2022
Cyber criminals pivot away from macros as Microsoft changes bite
As Microsoft resumes blocking macros by default in its Office application suite, reversing a temporary reversal, analysis from Proofpoint suggests the action has had a remarkable effect Continue Reading
By- Alex Scroxton, Security Editor
-
News
27 Jul 2022
Retail software firm PrestaShop warns users about SQL injection attacks
Open source e-commerce platform PrestaShop warns thousands of small retailers that their customers’ credit card details may be at risk of compromise Continue Reading
By- Alex Scroxton, Security Editor
-
News
26 Jul 2022
Visibility and proactive stance needed to secure OT systems
Critical infrastructure operators need to have more visibility into their IT and operational technology environment, and take a more active stance to fend off sophisticated adversaries, expert says Continue Reading
By- Aaron Tan, TechTarget
-
News
25 Jul 2022
Latest Atlassian Confluence vulnerability raises concerns
CVE-2022-26138 is the second major vulnerability disclosure made for Atlassian’s Confluence collaboration platform in recent months Continue Reading
By- Alex Scroxton, Security Editor
-
News
25 Jul 2022
TMT firms among top targets for cyber attacks in Singapore
Organisations in the technology, media and telecoms sector were among the most lucrative targets for malicious actors as their services penetrate almost every aspect of society Continue Reading
By- Aaron Tan, TechTarget
-
News
20 Jul 2022
(ISC)² expands entry-level cyber programme after UK success
Flush with success from a UK certification programme, reaching 100k in the UK, (ISC)² now wants to provide free security certification to a million people worldwide Continue Reading
By- Alex Scroxton, Security Editor
-
News
15 Jul 2022
Log4Shell on its way to becoming ‘endemic’
US government report concludes that, like Covid, Log4Shell will be with us for a long time to come Continue Reading
By- Alex Scroxton, Security Editor
-
News
13 Jul 2022
July Patch Tuesday brings more than 80 fixes, one zero-day
While some admins can put their feet up and let Windows Autopatch do the hard work of updating their Microsoft estates, for the rest of us, the Patch Tuesday bandwagon keeps on keeping on Continue Reading
By- Alex Scroxton, Security Editor
-
News
12 Jul 2022
Microsoft Windows Autopatch now generally available
Microsoft customers with Windows Enterprise E3 and E5 licences can now take full advantage of its new automated patching service Continue Reading
By- Alex Scroxton, Security Editor
-
News
12 Jul 2022
Singapore doubles down on OT security
The Cyber Security Agency of Singapore will fund 80 scholarships to groom a talent pool of operational technology security experts, among other efforts to bolster the security of critical infrastructure in the city-state Continue Reading
By- Aaron Tan, TechTarget
-
News
11 Jul 2022
Microsoft VBA macro block will return
Microsoft provides more details about its sudden decision to rollback a landmark security policy, and reassures users it is a temporary measure Continue Reading
By- Alex Scroxton, Security Editor
-
News
08 Jul 2022
Microsoft appears to reverse VBA macro-blocking
Microsoft quietly reverses VBA macro-blocking across its Office portfolio in a move that has left security experts puzzled Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
07 Jul 2022
The evolution of threat modelling as a DevSecOps practice
Threat modelling is becoming ever more integrated into software architecture design. Here, Stephen de Vries of IriusRisk looks at the evolution of the process Continue Reading
By- Stephen de Vries
-
News
06 Jul 2022
Plexal seeks new scaleups for next phase of Cyber Runway
Established security startups looking to grow and scale their operations are being invited to join the next phase of Plexal’s Cyber Runway programme Continue Reading
By- Alex Scroxton, Security Editor
-
E-Zine
05 Jul 2022
How to get the right level of cyber insurance
In this week’s Computer Weekly, we look at how the market for cyber insurance is evolving and how to avoid buying the wrong level of cover. We find out what role hydrogen technologies could play in reducing datacentre carbon emissions. And we hear how a 125-year-old bicycle maker is embracing digital innovation. Read the issue now. Continue Reading
-
News
28 Jun 2022
Avast uncovers ‘thieves’ kitchen’ of malware-writing teens
Researchers stumble across online community of 11 to 18-year-olds constructing, exchanging and spreading malware Continue Reading
By- Alex Scroxton, Security Editor
-
News
24 Jun 2022
Developers grapple with open source software security
Software developers are taking longer to fix vulnerabilities and many do not know about the dependencies of open source software components they are using, study finds Continue Reading
By- Aaron Tan, TechTarget
-
News
23 Jun 2022
SolarWinds unveils new development model to avoid a repeat of Sunburst
SolarWinds has unveiled a new, secure-by-design software development model to protect itself from a repeat of the infamous 2020 cyber attack on its systems, and serve as a blueprint for the industry Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
21 Jun 2022
We’re all technologists now – the powerful impact of low-code platforms
Low-code platforms are bringing a shift in how organisations develop and use technology – and it’s the job of the CIO to let it happen in a controlled, secure and connected fashion Continue Reading
By- Rob Mallaband , Crimson
- Tom Cadman, Crimson
-
Feature
20 Jun 2022
Challenges of securing a software supply chain
The US president has issued an executive order to improve cyber security, which has ramifications across the software development supply chain Continue Reading
By- Cliff Saran, Managing Editor
-
News
16 Jun 2022
Dundee security research centre opens with support from SBRC
An £18m hub at Abertay University in Dundee forms the centrepiece of Scotland’s first security research cluster Continue Reading
By- Alex Scroxton, Security Editor
-
Definition
15 Jun 2022
directory traversal
Directory traversal is a type of HTTP exploit in which a hacker uses the software on a web server to access data in a directory other than the server's root directory. Continue Reading
By- Ben Lutkevich, Site Editor
-
News
15 Jun 2022
Patch Tuesday dogged by concerns over Microsoft vulnerability response
The last Patch Tuesday in its current form is overshadowed by persistent concerns about how Microsoft deals with vulnerability disclosure Continue Reading
By- Alex Scroxton, Security Editor
-
News
14 Jun 2022
MS Azure Synapse vulnerability fixed after six-month slog
Microsoft patched a critical Azure Synapse vulnerability twice, but each time the researcher who discovered it was able to bypass it with ease, leading to a lengthy saga Continue Reading
By- Alex Scroxton, Security Editor
-
News
13 Jun 2022
Qatar bolsters cyber security in preparation for World Cup
With hackers honing their cyber weapons to target the upcoming football World Cup, Qatar is busy developing countermeasures and raising awareness Continue Reading
By- Pat Brans, Pat Brans Associates/Grenoble Ecole de Management
-
News
09 Jun 2022
Cyber researchers step in to fill Patch Tuesday’s shoes
Afraid you’ll miss Patch Tuesday when it’s gone? You’re not alone, but security analysts at Recorded Future are taking action to help the community come to terms with its loss Continue Reading
By- Alex Scroxton, Security Editor
-
News
07 Jun 2022
Software house Mega achieves holistic SaaS security with Synopsys
Mega International, a supplier of IT management software, turned to Synopsys’s Coverity and Black Duck products to reassure both itself and its customers that its software-as-a-service offerings were built to the best possible security standards Continue Reading
By- Alex Scroxton, Security Editor
-
News
01 Jun 2022
Executive interview: Jeetu Patel, general manager of collaboration and security, Cisco
Anyone with an idea can help solve a problem if geography and distance don’t matter when bringing in talent, says Cisco’s collaboration and security chief Continue Reading
By- Melisa Osores, Managing Editor para América Latina
-
News
01 Jun 2022
Security leaders call for more observability for cloud native apps
New research highlights the challenges CISOs face securing modern, cloud native applications Continue Reading
By- Cliff Saran, Managing Editor
-
Opinion
30 May 2022
Log4Shell: How friendly hackers rose to the challenge
HackerOne CISO Chris Evans looks back at how the security community successfully rose to the challenge of Log4Shell, and saved end-user organisations millions Continue Reading
By- Chris Evans, CISO and chief hacking officer, HackerOne
-
News
25 May 2022
Building a pathway to commercial quantum computing
The shortage of expertise in quantum technologies will drive up salaries. A new report from TechUK assesses the route to commercialisation Continue Reading
By- Cliff Saran, Managing Editor
-
News
23 May 2022
How Ivanti views patch management with a security lens
Bringing development, operations and security teams together will help organisations to improve their visibility of IT assets and vulnerabilities while keeping threat actors at bay Continue Reading
By- Aaron Tan, TechTarget
-
News
20 May 2022
Microsoft drops emergency patch after Patch Tuesday screw up
Microsoft fixed a certificate mapping issue that caused server authentication failures on domain controllers for users that had installed the most recent Patch Tuesday updates Continue Reading
By- Alex Scroxton, Security Editor
-
News
19 May 2022
Red teaming will be standard in Dutch governmental organisations by 2025
The Dutch government wants to include the testing of the digital security of systems, processes and people – also known as red teaming – in all of its governmental organisations’ test planning and budgeting by 2025 at the latest Continue Reading
By- Kim Loohuis
-
News
18 May 2022
Mastercard biometric programme will allow payment authentication by smile
Mastercard is inviting banks and merchants to join a programme to set standards for biometric payments technology Continue Reading
By- Karl Flinders, Chief reporter and senior editor EMEA
-
News
17 May 2022
Australian CISOs least prepared for cyber attacks
Australian CISOs are under pressure and feel the least prepared globally to deal with the consequences of a cyber attack, study finds Continue Reading
By- Aaron Tan, TechTarget
-
News
13 May 2022
Open source community sets out path to secure software
A 10-point plan to improve the security and resilience of open source software was presented this week at a summit in the US Continue Reading
By- Alex Scroxton, Security Editor
-
News
11 May 2022
Emotet has commanding lead on Check Point monthly threat chart
Emotet remains by some margin the most prevalent malware, according to Check Point’s latest monthly statistics Continue Reading
By- Alex Scroxton, Security Editor
-
News
11 May 2022
Microsoft fixes three zero-days on May Patch Tuesday
It’s the second-to-last Patch Tuesday as we know it, and Microsoft has fixed a total of 75 bugs, including three zero-days Continue Reading
By- Alex Scroxton, Security Editor
-
News
04 May 2022
UK government puts pressure on IT sector to clean up app security
Apps can be exploited to carry malicious payloads that steal personal information and cause financial loss – and not enough is being done to secure them Continue Reading
By- Cliff Saran, Managing Editor
-
Definition
03 May 2022
LDAP injection
LDAP (Lightweight Directory Access Protocol) injection is a type of security exploit that is used to compromise the authentication process used by some websites. Continue Reading
By- Ben Lutkevich, Site Editor
-
News
03 May 2022
Five TLS comms vulnerabilities hit Aruba, Avaya switching kit
Five new vulnerabilities in the implementation of transport layer security communications leave several popular switches vulnerable to remote code execution Continue Reading
By- Sebastian Klovig Skelton, Data & ethics editor
-
News
28 Apr 2022
Manufacturer sues JPMorgan after cyber criminals stole $272m
Manufacturer files lawsuit alleging that US bank failed to inform it of suspicious transaction activity Continue Reading
By- Karl Flinders, Chief reporter and senior editor EMEA
-
News
27 Apr 2022
Log4Shell, ProxyLogon, ProxyShell among most exploited bugs of 2021
These 15 CVEs were the most commonly exploited last year, and if you haven’t mitigated against them, now is the time Continue Reading
By- Alex Scroxton, Security Editor
-
News
26 Apr 2022
Emotet tests new tricks to thwart enhanced security
The operators of the Emotet botnet seem to be trying to find a way to get around recent changes made by Microsoft to better protect its users Continue Reading
By- Alex Scroxton, Security Editor
-
News
25 Apr 2022
Mimecast makes deeper push into ASEAN
Mimecast opens regional office in Singapore and is looking at setting up a datacentre in Southeast Asia as it makes a deeper push into the region Continue Reading
By- Aaron Tan, TechTarget