Application security and coding requirements
-
E-Zine
18 Mar 2025
UK under-prepared for catastrophic cyber attack
In this week’s Computer Weekly, MPs have been told the UK is under-prepared to cope with a catastrophic cyber attack – we find out where the problems lie. Our new buyer’s guide assesses the challenges of datacentre capacity planning. And one of the UK’s most successful businessmen, Sir Martin Sorrell, gives his view on the risks and opportunities of AI. Read the issue now. Continue Reading
-
News
18 Mar 2025
Seaco charts course for unified security strategy
Shipping container leasing giant consolidates security tools onto a single platform, leveraging AI and extended detection and response to improve security operations Continue Reading
-
News
24 Dec 2020
Top 10 cyber crime stories of 2020
Here are Computer Weekly’s top 10 cyber crime stories of 2020 Continue Reading
-
News
23 Dec 2020
Top 10 cyber security stories of 2020
Here are Computer Weekly’s 10 top cyber security stories of 2020 Continue Reading
-
Feature
23 Dec 2020
Patching: Balancing technical requirements with business considerations
With an increasing reliance on subscription models alongside the regular patching of software, updates have become an essential part of modern business practices. However, care needs to be taken to ensure the optimum patching process is implemented Continue Reading
-
News
18 Dec 2020
Finnish government tables laws to protect data from cyber criminals
Government is strengthening its legal framework to protect data from hackers in the wake of a massive breach at a psychotherapy centre Continue Reading
-
News
17 Dec 2020
Dodgy browser extensions put social media users at risk
More than three million users of third-party browser extensions for Instagram, Facebook, Vimeo and others have been infected with malware, according to Avast Continue Reading
-
News
17 Dec 2020
FireEye and partners release SolarWinds kill-switch
A so-called kill-switch for the dangerous SolarWinds Sunburst attack should allay some user fears, but is not a full fix for the issue Continue Reading
-
E-Zine
15 Dec 2020
How security will be different after Covid-19
In this week’s Computer Weekly, the world of cyber security will probably never return to its pre-pandemic state – we look ahead. The combination of remote working and streaming video is putting extra strain on networks. And we look at how digital transformation is changing the way contact centres are run. Read the issue now. Continue Reading
-
News
11 Dec 2020
Disputed PostgreSQL bug exploited in cryptomining botnet
PGMiner cryptomining botnet remained unnoticed by exploiting a disputed CVE in PostgreSQL Continue Reading
-
News
09 Dec 2020
Amnesia:33 IoT flaws dangerous and patches unlikely, say experts
The disclosure of multiple flaws by Forescout has raised big questions for the developers of connected products, and for their users Continue Reading
-
News
09 Dec 2020
Patch Tuesday: Microsoft presents just 58 CVEs for Christmas
The final Patch Tuesday of 2020 contains 58 fixes, a minnow compared to some recent drops, but many are still of high importance Continue Reading
-
News
08 Dec 2020
Russian state actors exploiting VMware bug to hijack data, users warned
Russian APT groups are actively exploiting a vulnerability in VMware products to access protected data, according to latest warnings Continue Reading
-
News
07 Dec 2020
Grindr and others patch critical Android bug
Fixes for CVE-2020-8913 deployed as app developers shore up their defences against a disclosed Google Play vulnerability Continue Reading
-
News
04 Dec 2020
Avast and Borsetta to support Intel’s AI security project
Security firm Avast and AI security specialist Borsetta have signed up to support an Intel-led artificial intelligence security research project Continue Reading
-
News
03 Dec 2020
Lax Android app developers putting millions of users at risk
Eight months after Google patched a critical vulnerability, developers have failed to update their apps, putting millions of users of apps such as dating services Bumble and Grindr at risk Continue Reading
-
News
02 Dec 2020
Singapore government remains ‘juicy target’ for cyber attackers
The government is baking security into the design and implementation of its IT systems and looking to increase bug bounties to fend off cyber threats Continue Reading
-
News
26 Nov 2020
APAC plagued by APT, ransomware attacks
The Asia-Pacific region was a primary target of advanced persistent threat groups, mostly from China, Iran, North Korea and Russia, that carried out 34 campaigns between June 2019 to June 2020 Continue Reading
-
News
24 Nov 2020
Belgian security researcher hacks Tesla with Raspberry Pi
Belgian security researcher Lennert Wouters once again succeeds in hacking a Tesla vehicle, this time by exploiting the Bluetooth Low Energy standard Continue Reading
-
E-Zine
24 Nov 2020
How Covid-19 has accelerated tech innovation in the NHS
Of all the terrible things that Covid is, what it has done is accelerate the digital journey. In this issue of Computer Weekly, we look at the track and trace app, which was redeveloped and enhanced at breakneck speed, and explore how the pandemic has accelerated the roll-out of new technology such as artificial intelligence and video conferencing tools at NHS trusts. We also present some research into how Covid has affected IT spending. Read the issue now. Continue Reading
-
19 Nov 2020
Cyber security is next frontier for open source
Open security will facilitate the interoperability and capabilities of cyber security tools while alleviating vendor lock-in for enterprises, says IBM Continue Reading
-
E-Zine
19 Nov 2020
CW APAC: Expert advice on zero-trust security
Zero trust is a security model that eliminates the traditional perimeter and assumes that no user or device can be trusted until proven otherwise. In this handbook, Computer Weekly looks at how enterprises can take a zero-trust approach to securing their network, devices and workforce. Continue Reading
-
E-Zine
17 Nov 2020
How Mastercard is taking digital payments into a new era
In this week’s Computer Weekly, we talk to Mastercard about how the credit card giant is using new technologies to take digital payments into a new era. After months of unprecedented uncertainty, we ask CIOs how they are planning for the next 12 months. And we examine how the growth in remote working will affect IT salaries. Read the issue now. Continue Reading
-
News
11 Nov 2020
Microsoft drops fix for serious zero-day among 112 Patch Tuesday updates
November’s Patch Tuesday contains fixes for 112 bugs, including a potentially serious zero-day exploit that malicious actors are already taking advantage of Continue Reading
-
News
10 Nov 2020
IT Priorities 2020: After Covid-19, security goes back to basics
This year’s transition to remote working highlighted big gaps in the fundamentals of security, as updated TechTarget/Computer Weekly data reveals Continue Reading
-
News
05 Nov 2020
Microsoft to support next generation of security startups
Tech giant lends its support to the NCSC Cyber Accelerator scheme, which is seeking its seventh cohort of startups Continue Reading
-
News
28 Oct 2020
Trump supporters targeted by cryptocurrency scammers
The successful breach of Donald Trump’s official website shows up lax security on his campaign team and is yet another timely warning that nobody is immune to cyber crime Continue Reading
-
News
28 Oct 2020
Barracuda eyes Indochina markets
Barracuda is looking to expand its local presence and headcount in fast-growing emerging markets of Vietnam, Cambodia and Laos Continue Reading
-
News
21 Oct 2020
NSA’s top CVE list a timely reminder to patch
Many of the CVEs detailed on the NSA’s top 25 chart are golden oldies Continue Reading
-
News
21 Oct 2020
Trump and Biden campaign apps easy targets for cyber criminals
You don’t need a stellar IQ to exploit the dangerous StrandHogg Android vulnerability, and users of both Donald Trump’s and Joe Biden’s mobile apps are at risk of falling victim to it Continue Reading
-
News
14 Oct 2020
Microsoft fixes 87 bugs in October 2020 Patch Tuesday
Smaller October Patch Tuesday update includes fixes for critical bugs in Windows 10 and Windows Server 2019 Continue Reading
-
News
13 Oct 2020
Suppliers neglecting virtual appliance security, putting users at risk
Software suppliers are often distributing their products on virtual appliances that contain known vulnerabilities or are running outdated or unsupported operating systems, according to a report Continue Reading
-
News
12 Oct 2020
Five Eyes spy group again demands access to private messages
Spooks are once again calling for the tech industry to break end-to-end encryption in messaging platforms Continue Reading
-
News
12 Oct 2020
Cyber security skills ad branded ‘crass’ by minister
Security skills campaign advert depicting a ballet dancer comes in for criticism as the arts sector struggles in the pandemic Continue Reading
-
News
12 Oct 2020
Making sense of zero-trust security
Implementing zero-trust security is not an easy feat, but enterprises can still get it right if they approach it from a process perspective and get a handle on their infrastructure footprint Continue Reading
-
News
09 Oct 2020
Magecart strikes website of school payments service Wisepay
Magecart credit card skimmer harvested financial data of users of Wisepay’s platform over a two-day period Continue Reading
-
News
08 Oct 2020
NCSC relaunches SME security guide with home working focus
The NCSC is issuing an updated version of its guide to security for SMEs, reflecting the long-lasting changes to the world of work seen in 2020 Continue Reading
-
News
05 Oct 2020
MosaicRegressor APT campaign using rare malware variant
Kaspersky researchers have shared details of a APT campaign utilising a rarely seen and hard-to-stop variety of malware Continue Reading
-
News
02 Oct 2020
Find and fix your Adobe Flash dependencies, says NCSC
As Adobe’s Flash Player approaches end-of-life, the National Cyber Security Centre is urging organisations to fix their Flash dependencies Continue Reading
-
News
30 Sep 2020
GitHub makes code vulnerability scanning feature public
Code-scanning service is now out of beta and generally available, helping teams to bake security into their code at the development stage Continue Reading
-
News
29 Sep 2020
NCSC expands schools programme to north-east England and Northern Ireland
Following an initial roll-out in Gloucestershire and Wales, the NCSC’s CyberFirst Schools programme is being extended to north-east England and Northern Ireland Continue Reading
-
News
28 Sep 2020
TikTok ban stayed after last-minute court case
TikTok’s lawyers have staved off an imminent ban for the time being, after successfully arguing that it infringed rights guaranteed under the Constitution of the United States Continue Reading
-
News
28 Sep 2020
Security now main driving force behind digital transformation
Organisations are urgently remodelling their core technology stack in the light of the Covid-19 pandemic, and this is pushing security to the top of the agenda Continue Reading
-
News
24 Sep 2020
Third-party code bug left Instagram users at risk of account takeover
A critical vulnerability in Instagram’s image processing could have allowed attackers to take over not just their victim’s account, but their entire device Continue Reading
-
News
24 Sep 2020
Race to patch as Microsoft confirms Zerologon attacks in the wild
Don’t be the organisation that made the headlines because it failed to patch. Microsoft says it is seeing cyber attacks ramping up around the Zerologon CVE-2020-1472 bug Continue Reading
-
News
22 Sep 2020
Scam mobile apps spreading via rogue TikTok accounts
Malicious TikTok accounts are promoting a number of adware scam mobile apps Continue Reading
-
News
21 Sep 2020
Big questions to be answered over TikTok and WeChat reprieve
TikTok and WeChat seem to have received a stay of execution, but big questions and contradictions remain Continue Reading
-
News
17 Sep 2020
Saudi Arabia sees cyber security boom as coronavirus bites
Saudi Arabian CIOs have been forced to increase their security posture as the Covid-19 pandemic transforms working methods Continue Reading
-
News
16 Sep 2020
Retailers urged to get to grips with Magento as attacks spike
A huge spike in online retailers being hacked with Magecart credit card skimmers is being blamed on unsupported versions of Adobe Magento Continue Reading
-
News
16 Sep 2020
Lorca security scaleups to get Splunk data expertise
Lorca inducts Splunk onto its co-marketing programme, giving security scaleups access to new data expertise Continue Reading
-
News
15 Sep 2020
Risky development practice leaves company access keys exposed
Database stores, cloud storage and myriad other services are being put at risk by the accidental exposure of company access keys during development Continue Reading
-
News
15 Sep 2020
TikTok-Oracle partnership moves forward for consideration
Joint venture proposal could create thousands of jobs and secure TikTok’s future outside China Continue Reading
-
News
14 Sep 2020
Microsoft drops out of TikTok talks, paves way for Oracle partnership
Microsoft confirms it is dropping out of the running to acquire the US operations of TikTok, leaving the way clear for an imminent partnership deal with Oracle Continue Reading
-
News
10 Sep 2020
Cyber security is next frontier for open source
Open security will facilitate the interoperability and capabilities of cyber security tools while alleviating vendor lock-in for enterprises, says IBM Continue Reading
-
News
10 Sep 2020
Lorca security scaleups hit funding milestone
£153m of investment has been raised by Lorca cohort companies in just two years, almost four times the original target Continue Reading
-
News
09 Sep 2020
September’s Patch Tuesday heavy on RCE vulnerabilities
Microsoft’s September update contains patches for 129 common vulnerabilities and exposures, including a high number of remote code execution issues Continue Reading
-
News
06 Sep 2020
Why predictive threat intelligence is key
Threat intelligence startup Cyfirma is using virtual agents to gather intelligence on potential cyber attacks that are being coordinated in underground forums before they occur Continue Reading
-
News
02 Sep 2020
Northumbria University suffers major disruption after cyber attack
Some exams cancelled as university appoints external specialists to investigate incident Continue Reading
-
Opinion
01 Sep 2020
Security Think Tank: Security at the distributed edge
That datacentre security is a complex subject is not in doubt, and given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure as the traditional centralised model? Continue Reading
-
News
25 Aug 2020
TikTok takes Trump to court
Under-fire video app TikTok files a formal complaint in the federal courts challenging the Trump administration’s attempt to ban it in the US Continue Reading
-
News
18 Aug 2020
Reports Oracle to enter TikTok bidding war
Oracle may be about to make a bid to acquire the US operations of TikTok from its Chinese parent ByteDance, according to the FT Continue Reading
-
News
12 Aug 2020
Microsoft patches two zero-days with active exploits
Microsoft drops another major Patch Tuesday update, including fixes for two zero-day exploits that are already being exploited by cyber criminals Continue Reading
-
News
11 Aug 2020
Citrix users urged to patch five XenMobile CVEs
Patches are available for CVEs 2020-8208 through 8212 and should be installed as soon as possible Continue Reading
-
Opinion
07 Aug 2020
Don’t believe the hype: AI is no silver bullet
We want to believe AI will revolutionise cyber security, and we’re not necessarily wrong, but it’s time for a reality check Continue Reading
-
News
06 Aug 2020
Qualcomm chip vulnerability puts millions of phones at risk
Qualcomm has patched multiple vulnerabilities in its chip hardware that left hundreds of millions of smartphones open to compromise by malicious actors Continue Reading
-
News
04 Aug 2020
New foundation to bolster security of open source software
The Open Source Security Foundation will bring together key open source security initiatives across the industry to improve and support the security of open source software Continue Reading
-
News
03 Aug 2020
Microsoft offers way out of TikTok impasse
Microsoft offers to buy TikTok from its Chinese parent to ease security fears in the US Continue Reading
-
News
31 Jul 2020
Labour Party is latest victim of Blackbaud ransomware attack
Widening Blackbaud data breach ensnares the Labour Party as the cloud software firm continues to duck questions about its behaviour Continue Reading
-
News
20 Jul 2020
Businesses underestimate negative impact of bot traffic
Research from Netacea finds that although awareness of malicious bot activity is high, many are underestimating its true impact Continue Reading
-
News
16 Jul 2020
Coronavirus shines spotlight on cyber security
Programme committee chair of this year's RSA Conference Asia-Pacific and Japan talks up the challenges that IT security professionals in APAC are facing to mitigate security risks amid the Covid-19 pandemic Continue Reading
-
News
15 Jul 2020
Patch Tuesday: Microsoft fixes 123 bugs in July 2020 update
The bugs start coming and they don’t stop coming; Microsoft has issued yet another bumper Patch Tuesday update Continue Reading
-
News
14 Jul 2020
Check Point unearths critical SigRed bug in Windows DNS
SigRed vulnerability is highly dangerous, but is being fixed as part of the July 2020 Patch Tuesday update Continue Reading
-
News
14 Jul 2020
Recon vulnerability puts thousands of SAP customers at risk
Users of multiple SAP products including S4/HANA should apply the security update as soon as possible to protect their systems Continue Reading
-
News
14 Jul 2020
Australian enterprises facing more cyber attacks
The volume of cyber attacks in Australia jumped from 90% in October 2019 and 81% in February 2019, underscoring the worsening threat landscape in the country Continue Reading
-
News
13 Jul 2020
Zoom zero-day a reminder to stop using Windows 7
Researchers have disclosed a newly discovered zero-day vulnerability to videoconferencing service Zoom, which only affects users of Windows 7 systems Continue Reading
-
News
09 Jul 2020
More Joker malware apps chucked off Google Play Store
Infamous Joker billing fraud malware continues to sneak past Google’s security controls Continue Reading
-
Opinion
08 Jul 2020
Security Think Tank: The past and future of security automation
Artificial intelligence and machine learning techniques are said to hold great promise in security, enabling organisations to operate an IT predictive security stance and automate reactive measures when needed. Is this perception accurate, or is the importance of automation being gravely overestimated? Continue Reading
-
News
08 Jul 2020
Security funding soars despite Covid-19 slump, but problems lie ahead
The overall cyber security funding ecosystem in the UK is healthier than ever despite Covid-19, but the figures mask stark and concerning disparities in where the money is going Continue Reading
-
News
07 Jul 2020
Cyber4Summer scheme to divert young people from cyber crime
Cyber4Summer platform will offer 100 different tracks covering a range of security skills to divert them from falling into a life of cyber crime Continue Reading
-
Opinion
07 Jul 2020
Security Think Tank: Balancing human oversight with AI autonomy
Artificial intelligence and machine learning techniques are said to hold great promise in security, enabling organisations to operate an IT predictive security stance and automate reactive measures when needed. Is this perception accurate, or is the importance of automation gravely overestimated? Continue Reading
-
News
06 Jul 2020
Lorca scale-ups bring diverse security to the fore
London Office for Rapid Cybersecurity Advancement announces the cyber security scale-ups that will make up its fifth cohort Continue Reading
-
News
06 Jul 2020
North Korea behind spate of Magecart attacks
The Magecart credit card skimmer found on the website of retailer Claire’s Accessories was likely put there by the Lazarus or Hidden Cobra North Korean APT group, reports Sansec Continue Reading
-
Opinion
06 Jul 2020
Security Think Tank: SIEM and AI – a match made in heaven?
Artificial intelligence and machine learning techniques are said to hold great promise in security, enabling organisations to operate an IT predictive security stance and automate reactive measures when needed. Is this perception accurate, or is the importance of automation gravely overestimated? Continue Reading
-
Opinion
03 Jul 2020
Security Think Tank: Artificial intelligence will be no silver bullet for security
AI and machine learning techniques are said to hold great promise in security, enabling organisations to operate an IT predictive security stance and automate reactive measures when needed. Is this perception accurate, or is the importance of automation gravely overestimated? Continue Reading
-
Opinion
02 Jul 2020
Security Think Tank: AI cyber attacks will be a step-change for criminals
AI and machine learning techniques are said to hold great promise in security, enabling organisations to operate an IT predictive security stance and automate reactive measures when needed. Is this perception accurate, or is the importance of automation gravely overestimated? Continue Reading
-
News
01 Jul 2020
UK’s unsung cyber security heroes sought
Nominations have opened for the fifth annual Security Serious Unsung Heroes Awards Continue Reading
-
News
01 Jul 2020
Zoom making progress on cyber security and privacy, says CEO
Three months after being hit by a spate of security incidents, Zoom’s CEO, Eric Yuan, has been discussing progress towards a more secure product Continue Reading
-
News
01 Jul 2020
Mysterious EvilQuest macOS ransomware spreads through torrents
A new strain of ransomware, dubbed EvilQuest, is threatening Apple Mac environments, and seems to behave quite oddly Continue Reading
-
Opinion
01 Jul 2020
Security Think Tank: Get your house in order before deploying AI
AI and machine learning techniques are said to hold great promise in security, enabling organisations to operate a IT predictive security stance and automate reactive measures when needed. Is this perception accurate, or is the importance of automation being gravely overestimated? Continue Reading
-
News
01 Jul 2020
FakeSpy Android malware targets Royal Mail app users
The FakeSpy malware was first identified in October 2017 but is now significantly more powerful and dangerous Continue Reading
-
Opinion
30 Jun 2020
Security Think Tank: ‘Shift left’ to secure containers
Adopting containers promises great organisational efficiency advantages, but the fast-evolving technology can be problematic for security teams. What do CISOs need to know to safeguard containers? Continue Reading
-
News
25 Jun 2020
Pub ‘check-in’ apps provoke fresh privacy concerns
With pubs and restaurants required to collect customer data for contact tracing when they reopen, data privacy risks will be heightened Continue Reading
-
Opinion
24 Jun 2020
Security Think Tank: Securing containers needn’t be taxing
Adopting containers promises great organisational efficiency advantages, but the fast-evolving technology can be problematic for security teams. What do CISOs need to know to safeguard containers? Continue Reading
-
Feature
23 Jun 2020
How to apply zero-trust models to container security
Containers have become a common fixture in software development, but they have resulted in new concerns for security teams. Is zero-trust the answer to tackling them? Continue Reading
-
News
23 Jun 2020
Neurodiversity on the rise among career hackers
More diverse hackers enhance the ability of both traditional and cutting-edge cyber security solutions to find and fix vulnerabilities, according to a new report from Bugcrowd Continue Reading
-
News
23 Jun 2020
Flash-based MacOS malware hides in plain sight
By masquerading as a legitimate Adobe web application, the new malware strains can trick Mac users into bypassing their on-board defences Continue Reading
-
News
18 Jun 2020
Cisco patches dangerous Webex vulnerability
CVE-2020-3347 bug enables cyber criminals to steal meeting records from within Cisco’s Webex service Continue Reading
-
News
17 Jun 2020
Coronavirus: Cyber security spend to slow in 2020
Analysts revise down previous growth targets for security technology as the Covid-19 pandemic bites Continue Reading
-
News
16 Jun 2020
Activists call on Zoom to implement encryption for all
A coalition of tech organisations and nonprofits have urged Zoom CEO Eric Yuan to make end-to-end encryption available to all users Continue Reading
-
News
15 Jun 2020
Accessories store Claire’s hit by Magecart credit card fraudsters
Attackers gained access to retailer’s website as long ago as March Continue Reading
-
News
14 Jun 2020
Coronavirus: Enterprise VPN adoption in India set to rise
Advancement in cloud technologies and secured remote access to applications will significantly contribute to the overall growth of India’s VPN market, says GlobalData Continue Reading
-
News
11 Jun 2020
CISOs buying into unified security proposition
The time is right for all-in-one security solutions, according to a report Continue Reading