Endpoint security

Shell thinks technology first in preparation for internet of everything

Shell is reshaping its business to think technology first as it uses the internet of everything to change its business processes Continue Reading

By

• Caroline Baldwin, Freelance editor and journalist

Hacktivism: good or evil?

IT lawyer Dai Davis looks at the rise of hacktivism and its impact on business and international politics Continue Reading

By

• Dai Davis, Percy Crow Davis & Co

Dark web key enabler for cyber criminals, say McAfee researchers

The dark web is a key conduit for the malware industry to refine and distribute its products and services, say security researchers Continue Reading

By

• Warwick Ashford, Senior analyst

IT Security Salary Index (UK)

Are you being paid the right rate for the job? Check out this IT Security salary index from Acumin. Continue Reading

UK IT spending to outpace rest of Europe in 2014

Computer Weekly research reveals the IT spending priorities for UK and European organisations in 2014. Continue Reading

By

• Bill Goodwin, Computer Weekly

Should you allow a bring your own device policy?

Employers are realising there are challenges presented by BYOD which, if not dealt with, could have a serious impact on the business Continue Reading

By

• Sarah Burke

Bank of England publishes Waking Shark II cyber security exercise results

Bank of England publishes the results of its Waking Shark II security exercise, which tested financial institutions' contingency plans for cyber attack Continue Reading

By

• Caroline Baldwin, Freelance editor and journalist

Create a mobile policy employees can trust

With Gartner predicting a fifth of all enterprise BYOD projects would fail by 2016, we look at how businesses can embrace mobility successfully Continue Reading

By

• Sean McGrath, Senior reporter

Internet at risk of 'cybergeddon' says WEF

Internet is at risk of fragmenting amid concerns over spying and cyber crime, says World Economic Forum Continue Reading

By

• Bill Goodwin, Computer Weekly

Microsoft extends XP security updates by 15 months

Microsoft has caved in to user concerns over XP end of support and will now extend security updates by another 15 months Continue Reading

By

• Cliff Saran, Managing Editor

Top European IT initiative to support business in 2014?

Expanding IT to support business growth is one of the biggest areas of focus for IT departments in 2014, so what does this mean? Continue Reading

By

• Warwick Ashford, Senior analyst

More than 1,100 DWP workers disciplined over benefits snooping

More than 1,100 employees at the Department for Work and Pensions have received official warnings since 2008 for prying into benefits records Continue Reading

By

• Caroline Baldwin, Freelance editor and journalist

Security considerations for UK enterprises

This Research Snapshot from Vanson Bourne looks at IT security spending trends, awareness of cyber-threats, and the factors perceived as the biggest security risks for organisations. Continue Reading

FireEye acquires Mandiant in $1bn deal

Security firm FireEye has bought Mandiant in a deal worth just over $1bn Continue Reading

By

• Warwick Ashford, Senior analyst

Bank robberies down 90% thanks to technology, says report

Robberies at British banks have fallen by over 90% in two decades, according to a report by the British Bankers’ Association Continue Reading

By

• Caroline Baldwin, Freelance editor and journalist

Can BlackBerry restore its business appeal?

In this week’s issue of Computer Weekly, we examine whether former Sybase chief, John Chen, will be able to stem the decline of BlackBerry and reinvent the the smartphone maker as a software business for the “bring your own device” (BYOD) era. Our buyer’s guide to the internet of things concludes with a look at how universal connectivity will yield insights in fields as diverse as aviation and hospitality. And we analyse Google’s attempts to compete with Amazon Web Services in public cloud. Continue Reading

Research reveals widespread mobile app hacking

The top 100 paid Android apps and 56% of the top 100 paid Apple iOS apps have been hacked, research has revealed Continue Reading

By

• Warwick Ashford, Senior analyst

European Parliament closes Wi-Fi after man-in-the-middle attack

A number of mailboxes have been compromised and users’ smartphones could be at risk following a man-in-the-middle attack on the European Parliament’s public Wi-Fi Continue Reading

By

• Jennifer Scott, TechTarget

White hat Wi-Fi hacking shows vulnerability of business data

Whitehat hackers have shown that senstitive data can be sniffed easily from public Wi-Fi hotspots Continue Reading

By

• Warwick Ashford, Senior analyst

Report highlights poor UK attitudes to mobile security

Businesses should note that many UK mobile users do not take security precautions and do not know how to guard against data theft Continue Reading

By

• Warwick Ashford, Senior analyst

Global profiles of the fraudster

Computers, rather than conmen, are set to be the future face of fraud, as criminals turn to robotics in an effort to avoid detection, this report from KPMG reveals. Continue Reading

Government overhauls security classification to fit digital age

In its first overhaul since World War II the government is consolidating six security bands to three with a system deemed more appropriate in the digital age. Continue Reading

By

• Karl Flinders, Chief reporter and senior editor EMEA

Dexter payment card malware variant hits South Africa

The Dexter payment card skimming malware discovered last year has resurfaced in South Africa, resulting in millions of pounds lost to fraud Continue Reading

By

• Warwick Ashford, Senior analyst

The ICO issues BYOD warning after breach

The ICO is calling on organisations to ensure data protection policies reflect how employees are using personal devices for work Continue Reading

By

• Warwick Ashford, Senior analyst

MoD announces specialist programme to fend off cyber attacks

The Ministry of Defence (MoD) has announced a strategy to defend UK national security from the threat of cyber attacks Continue Reading

By

• Caroline Baldwin, Freelance editor and journalist

Small businesses must encrypt customer data, says ICO

The Information Commissioner’s Office (ICO) urges small businesses to encrypt customer data after a sole trader was fined for failing to do so Continue Reading

NSA and GCHQ unlock online privacy encryption

UK and US intelligence agencies have unlocked the technology used to encrypt online services, including email, online banking and medical records. Continue Reading

By

• Caroline Baldwin, Freelance editor and journalist

Windows 2012 Server Network Security

This book chapter offers an introduction to Windows 8 and Windows Server 2012 network security and IPv6. It includes a 30% discount code for Computer Weekly readers. Continue Reading

Windows Server 2012 Security from End to Edge and Beyond

This extract from the book Windows Server 2012 Security from End to Edge and Beyond shows you how to plan your platform security requirements and gives you the critical questions to ask. Continue Reading

Printing: a false sense of security?

Louella Fernandes and Bob Tarzey show how secure printing technology can provide authentication, authorisation and accounting capabilities, helping businesses improve document security and meet compliance regulations. Continue Reading

Case study: Keeping it private at Beth Israel Deaconess after the Boston Marathon Attacks

Doctor and healthcare CIO shares his lessons learned from the Boston Marathon attacks and how to protect patient data Continue Reading

By

• Kayleigh Bateman, Computer Weekly

Targeted attacks and how to defend against them

Analysts Bob Tarzey and Louella Fernandes assess the scale and real impact of targeted attacks the measures being taken to defend against them. Continue Reading

Top 10 Android security tips

As Android becomes more prevalent in the enterprise, Computer Weekly gives you 10 top tips for keeping your devices secure Continue Reading

By

• Paul Marchant

The dangers of internet cafés

Businesses need clear computer use policies and need to ensure staff are properly trained in data protection, writes Garry Mackay Continue Reading

By

• Garry Mackay

Big data journalism exposes offshore tax dodgers

How journalists harnessed big data to challenge offshore financial secrecy Continue Reading

By

• Duncan Campbell and Craig Shaw

IT security case studies

Four critical IT security case-studies selected from the winners of Computer Weekly's European User Awards for security Continue Reading

Needle in a Datastack: The rise of big security data

This research from McAfee investigates how well organisations are positioned to address the challenges of managing security in a world of ever increasing amounts and types of data. Continue Reading

IT Security Case Studies

Warwick Ashford presents 4 essential IT security case-studies selected from the winners of Computer Weekly's European User Awards. Continue Reading

FBI warns of increased spear phishing attacks

The FBI has issued a warning about an increase in spear-phishing attacks targeting multiple industry sectors Continue Reading

By

• Warwick Ashford, Senior analyst

BES extends MDM to Android and iPhones

Aiming to rekindle interest in the Blackberry Enterprise Server (BES), Blackberry has extended the platform to support Android and iOS Continue Reading

By

• Cliff Saran, Managing Editor

Telefonica Digital forms security group Eleven Paths

The business division of mobile operator Telefonica launches Eleven Paths, an independent company working on security issues in the workplace Continue Reading

By

• Jennifer Scott, TechTarget

Information Governance

This research from AIIM looks at the risk profile around electronic records, the keep-all versus delete-all options, e-discovery, and the implications of social, mobile and cloud on risk management policies. Continue Reading

Symantec helps NHS trust cut security costs by a quarter

The Royal Liverpool and Broadgreen University Hospitals NHS Trust cut security costs by 25% in its partnership with security supplier Symantec Continue Reading

By

• Warwick Ashford, Senior analyst

CW buyer's guide: context-aware security

This 11-page Computer Weekly buyer's guide looks at how organisations should approach context-aware security technologies and what business benefits they can deliver. Continue Reading

CW Special Report on CSC

This 16-page report from Computer Weekly analyses the challenges facing CSC, its financial performance, the services it offers, its place in the IT market and its future strategy. Continue Reading

Spam SMS messages drop following ICO penalty

The number of spam SMS messages has significantly reduced since government regulator ICO issued £440,000 fines last year Continue Reading

By

• Caroline Baldwin, Freelance editor and journalist

The internet of things is set to change security priorities

IT leaders must protect against the security risks introduced by the growing interaction between technology and the physical world. Continue Reading

By

• Andrew Rose

Conficker makes way for web-based attacks, says Microsoft

Web attacks emerge as top threat as businesses finally begin to win the battle against Conficker and other worms, says Microsoft Continue Reading

By

• Warwick Ashford, Senior analyst

Bots and web apps among top threats to data security, says Check Point

Bots, viruses, breaches and attacks are a constant and real threat to the information security of organisations Continue Reading

By

• Warwick Ashford, Senior analyst

Porn websites pose malware risk, says researcher

Browsing popular pornography internet sites pose a growing risk of malware infection, according to a security researcher Continue Reading

By

• Warwick Ashford, Senior analyst

US Army practises poor data security on mobile devices

Pentagon inspector general finds smartphones and tablets the US Army buys are not configured to protect sensitive data and allow remote wipe Continue Reading

By

• Warwick Ashford, Senior analyst

Case study: Hamilton Fraser embraces BYOD with MobileIron

How insurance firm Hamilton Fraser is using MobileIron to enable employees to bring their own devices while following company policy Continue Reading

By

• Jennifer Scott, TechTarget

What is RSA's build, buy, partner strategy?

Computer Weekly takes a closer look at RSA's build, buy, partner strategy Continue Reading

By

• Warwick Ashford, Senior analyst

Enterprise Security Architecture – an outsourcer's view

Alan Jenkins, chief security officer of outsourcing specialist, T Systems, explains the company's approach to enterprise security architecture. Continue Reading

Enterprise Security Architecture

Mark Brown, Director for Advisory Risk & Information Security at Ernst & Young offers advice to security leaders on developing a robust Enterprise Security Architecture. Continue Reading

Security the future: Keeping up with the business

Gareth Lindahl-Wise, group information security manager at British American Tobacco, explains the company's approach to enterprise security architecture. Continue Reading

How to configure Mac OS X Server

How to secure Mac OS X Server using global password policies and data loss prevention Continue Reading

By

• Rob Buckley

350,000 different types of spam SMS messages were targeted at mobile users in 2012

350,000 different variants of unsolicited spam SMS messages were accounted for in 2012, with 53,000 variants logged for December alone Continue Reading

By

• Caroline Baldwin, Freelance editor and journalist

Health records should be protected like bank details, says BCS

The BCS and NHS say people should protect their online medical records in the same way they look after their bank details Continue Reading

By

• Karl Flinders, Chief reporter and senior editor EMEA

Virtualization Security: Protecting Virtualized Environments

This extract from the book Virtualization Security, includes a 30% discount for Computer Weekly readers. Continue Reading

The Demise in Effectiveness of Signature and Heuristic Based Antivirus

Anti-virus technology is failing to protect organisations from malicious attacks. Security professionals should look at alternative strategies, the NNC group argues in this report. Continue Reading

Business priorities: what to protect, monitor and test

How information security professionals can prioritise what to protect, monitor and test in the light of current budget and resource constraints Continue Reading

Shore up your organisation’s fleet with the right MDM

There are many mobile device management products, but approaches vary. We outline how to choose the right one for your business Continue Reading

By

• Adrian Bridgwater

Securing Macs in the enterprise

A Mac can be more secure than Windows, yet just as insecure; it is harder to configure, easier to use; will not fit in the enterprise, but does not need to. Continue Reading

By

• Rob Buckley

How to secure Macs in the enterprise

Apple computers are becoming increasingly used in the enterprise - we look at how to securely introduce Macs in the corporate network Continue Reading

By

• Rob Buckley

2012 Cost of Cyber Crime Study: UK

The 2012 Cost of Cyber Crime Study: United Kingdom is independently conducted by Ponemon Institute. The benchmark study, sponsored by HP Enterprise Security is based on a representative sample of 38 organisations in various industry sectors. Continue Reading

IT Security Purchasing Intentions 2013

This in-depth research from Computer Weekly and TechTarget reveals the IT security spending priorities of businesses in the UK and Europe. Continue Reading

Cyber criminals target Skype, Facebook and Windows users

Cyber criminals targeted users of Skype, Facebook and Windows using multiple Blackhole exploits in October, according to security firm GFI Software Continue Reading

By

• Warwick Ashford, Senior analyst

Nasa to encrypt data after latest breach

Nasa is to encrypt all its mobile computers after the loss of a laptop containing personal information about more than 10,000 staff Continue Reading

By

• Warwick Ashford, Senior analyst

Many UK firms underestimate cost of data breaches, study finds

Many UK organisations are still failing to understand the implications and costs of data breaches, a study has revealed Continue Reading

By

• Warwick Ashford, Senior analyst

Mobile Security Strategies

This exclusive report for Computer Weekly members explains the security risks and challenges of using mobile devices in the enterprise. Continue Reading

Secure your data – protect your business

This guide for C-level executives explains the risks faced by businesses and the practical solutions they can take to secure their data. Continue Reading

The Global State of Information Security Survey 2013: Key Findings

This global study examines the state of cyber-security and the impact of cyber crime and offers advice to businesses on reducing the risks. Continue Reading

Maltego and advanced exploit writing: The PDF tutorial collection

Right from how to write advanced custom exploits to perform reconnaissance using Maltego, you can find it all in this comprehensive PDF tutorial collection. Continue Reading

By

• SearchSecurity.in Staff

Apple squashes BlackBerry as Brent Borough deploys iPads

Brent Borough Council replaces BlackBerry and deploys MobileIron to securely manage almost 3,000 iPads and iPhones Continue Reading

Free mobile apps a threat to privacy, study finds

Free mobile apps pose a serious threat to privacy because of their ability to capture large amounts of user information Continue Reading

By

• Warwick Ashford, Senior analyst

IT security budgets mismatched to hacker targets, study shows

IT security budgets are not being used to provide defence technologies in some areas most likely to be targeted by hackers, a study shows Continue Reading

By

• Warwick Ashford, Senior analyst

RSA Europe: Cloud key to future information security, says Qualys

Cloud computing is an opportunity information security professionals should not miss, says Philippe Courtot, CEO of security firm Qualys Continue Reading

By

• Warwick Ashford, Senior analyst

CW500: Managing the mobile workforce (part 1)

Mobile working has transformed Colt Telecommunications beyond recognition over the past three years Continue Reading

By

• Bill Goodwin, Computer Weekly

BYOD: IT must tackle printer security

With more staff bringing their own devices to work, IT needs to rethink its printing and scanning policies Continue Reading

By

• Cliff Saran, Managing Editor

Security concerns hold back mobile banking adoption

More than two-thirds of smartphone owners have not yet adopted mobile banking apps because of security concerns, a survey has revealed Continue Reading

By

• Warwick Ashford, Senior analyst

13 Android security apps

Keep your Android mobile device secure with our recommendations for Android security apps. Use these must-have 13 Android security apps and sleep easy. Continue Reading

By

• Karthik Poojary, Amazon

MDM, security vendors scramble to address BYOD security issues

Organisations are looking beyond NAC and MDM to resolve BYOD security issues; MDM, security and hybrid vendors are responding with new products. Continue Reading

By

• Tracey Caldwell, Contributor

11 security audit essentials

IT security audit tools automate the IT security audit process, making it more efficient and effective. Here are 11 must-have IT security audit tools. Continue Reading

By

• Karthik Poojary, Amazon

Exploit development tutorial - Part Deux

In our exploit development tutorial’s second part, we examine how you can write exploits in PERL. Then we see how to port exploits by scripting in Ruby. Continue Reading

By

• Karthik Poojary, Amazon

10 Wi-Fi security tools for your arsenal

With Wi-Fi’s growth, security administrators and pen testers alike have their hands full. Here’s a list of essential Wi-Fi security tools to ease the stress. Continue Reading

By

• Karthik Poojary, Amazon

Burp Suite training tutorial: Part 3 – Sequencer, decoder and composer

In the third installment of our Burp Suite training tutorial, learn how to analyze tokens, decode requests and compare responses using Burp Suite tools. Continue Reading

By

• Karthik Poojary, Amazon

10 Linux security tools for system administrators

Linux-based tools for security are a boon to system admins for monitoring network security. Here are 10 popular and useful Linux-based security tools. Continue Reading

By

• Karthik Poojary, Amazon

Burp Suite Guide: Part I – Basic tools

Our Burp Suite guide series explains how to use Burp Suite for security testing of Web apps. For a start, we look at proxy, spider, site scope and sitemap. Continue Reading

By

• Karthik Poojary, Amazon

Emerging 2012 security trends demand information security policy changes

2012 security trends involving cookies, fines, devices and threats will demand more skills -- and a little finesse -- from security professionals. Continue Reading

By

• Ron Condon

Sslstrip tutorial for penetration testers

Sslstrip is a powerful tool to extract sensitive credentials using HTTPS stripping. This sslstrip tutorial explains the working of sslstrip in-depth. Continue Reading

By

• Karthik Poojary, Amazon

Concerned about tablet security issues? Some are, others not so much

Users love their tablets, but security pros are concerned about tablet security issues. However, though tablets bring new threats, not everyone is ringing the alarm. Continue Reading

By

• Ron Condon

BackTrack 5 guide 4: How to perform stealth actions

With BackTrack 5, how to include stealth into attacks is a necessary skill for penetration testers. Our BackTrack 5 how to tutorial shows you the way Continue Reading

By

• Karthik Poojary, Amazon

BackTrack 5 tutorial Part I: Information gathering and VA tools

Our BackTrack 5 tutorial covers information gathering and vulnerability assessment using BackTrack 5. Continue Reading

By

• Karthik Poojary, Amazon

Step-by-step aircrack tutorial for Wi-Fi penetration testing

Aircrack-ng is a simple tool for cracking WEP keys as part of pen tests. In this aircrack tutorial, we outline the steps involved in cracking WEP keys. Continue Reading

By

• Sanoop Thomas, Contributor

Metasploit guide 4: Armitage cyber attack management GUI

In part four of our Metasploit guide we look at Armitage, the GUI-based cyber attack management tool. This completes the Metasploit guide series. Continue Reading

By

• Karthik Poojary, Amazon

A handy Nessus tutorial

A powerful vulnerability scanner, Nessus is a utility that infosec pros swear by. If you plan to adopt this tool, our Nessus tutorial has all the details. Continue Reading

By

• SearchSecurity.in Staff

Social Engineer Toolkit (SET) tutorial for penetration testers

A social engineering toolkit helps address the human element aspect of penetration testing. Learn how to use Social Engineer Toolkit with this tutorial. Continue Reading

By

• Karthik R, Contributor

Metasploit Pro 4.0 adds support for cloud, SIEM systems

Rapid7 releases Metasploit Pro version 4 with improved automation features and new SIEM and cloud-based pen-testing support. Continue Reading

By

• SearchSecurity.in Staff

Metasploit tutorial part 2: Using meterpreter

Part two of our Metasploit tutorial covers usage details of the meterpreter post-exploitation tool in Metasploit to create exploits that evade detection. Continue Reading

By

• Karthik Poojary, Amazon