Endpoint security
-
News
25 Apr 2024
Zero trust is a strategy, not a technology
Zero-trust security should be seen as a strategy to protect high-value assets and is not tied to a specific technology or product, says the model’s creator John Kindervag Continue Reading
-
News
24 Apr 2024
Cyber training leader KnowBe4 to buy email security firm Egress
Security awareness training and phishing simulation specialist KnowBe4 is to buy email security expert Egress Continue Reading
-
News
21 Jun 2021
Parliamentary devices left in taxis, buses, trains and pubs
Nearly 100 devices belonging to parliamentary staffers, including MPs and peers, were lost or stolen over the course of 2019 and 2020 Continue Reading
-
Feature
21 Jun 2021
Best practices for secure printing
The reality of a paperless office remains some way off, so printers are here to stay for a while. But their increasingly connected status means securing them should be a priority Continue Reading
-
News
18 Jun 2021
Lorca Ignite programme targets breakout cyber talent
Six of the most successful companies to have come through Lorca’s existing accelerators are being inducted into an intensive programme Continue Reading
-
News
17 Jun 2021
UnitingCare Queensland restores IT systems after cyber attack
Australian healthcare service provider has restored key corporate systems and integrations between applications following a cyber attack earlier this year Continue Reading
-
Opinion
11 Jun 2021
Security Think Tank: To secure printers think process, technology and people
Though rarely discussed in a cyber context, the prevalence of connected printers and MFPs poses security risks both technological and physical. What does a print security strategy need to take into account? Continue Reading
-
Feature
10 Jun 2021
How the pandemic changed backup
The Covid-19 pandemic forced big changes in how people work – we look at impacts on backup, including increased reliance on the cloud, plus security and compliance vulnerabilities and ransomware Continue Reading
-
Opinion
10 Jun 2021
Security Think Tank: Time to accept printers will leak data
Though rarely discussed in a cyber context, the prevalence of connected printers and MFPs poses security risks both technological and physical. What does a print security strategy need to take into account? Continue Reading
-
News
10 Jun 2021
Australian organisations face heightened cyber attacks
Nearly three in four Australian organisations experienced cyber attacks that largely resulted from a growing remote workforce in 2020 Continue Reading
-
Feature
08 Jun 2021
The rise and rise of supply chain attacks
Supply chain attacks in Asia-Pacific and elsewhere have intensified as cyber threat actors look to exploit the weakest links in business and digital supply chains Continue Reading
-
Opinion
07 Jun 2021
Security Think Tank: What must a secure print strategy take into account?
Though rarely discussed in a cyber context, the prevalence of connected printers and MFPs poses security risks both technological and physical. What does a print security strategy need to take into account? Continue Reading
-
News
04 Jun 2021
HSBC offers all businesses scam awareness app
HSBC is sharing information on the latest scams and how to defend against them thorough its latest app, available to all businesses Continue Reading
-
Opinion
04 Jun 2021
Security Think Tank: Printers can’t be an ‘add-on’ in your cyber strategy
Though rarely discussed in a cyber context, the prevalence of connected printers and MFPs does pose security risks both technological and physical. What does a print security strategy need to take into account? Continue Reading
-
News
04 Jun 2021
Secrecy around EncroChat cryptophone hack breaches French constitution, court hears
French lawyers claim that investigators are unlawfully withholding details of a cryptophone hacking operation in a case that could impact UK prosecutions Continue Reading
-
News
03 Jun 2021
Norway’s auditor general lifts lid on energy industry’s cyber security risks
Auditor General’s Office questions the security posture of Norway’s energy industry Continue Reading
-
News
03 Jun 2021
FireEye sold to private equity, Mandiant regains independence
FireEye has agreed to sell its products business and name to a private equity consortium, while Mandiant will spin out as an independent threat intel business Continue Reading
-
Opinion
02 Jun 2021
Security Think Tank: Steps to a coherent print security strategy
Though rarely discussed in a cyber context, the prevalence of connected printers and MFPs poses security risks both technological and physical. What does a print security strategy need to take into account? Continue Reading
-
Feature
02 Jun 2021
Buying a VPN? Here’s what you need to know
VPNs are an effective cyber security tool for businesses and remote workers, but there are many things to consider before purchasing and implementing one. We explore some of these Continue Reading
-
Opinion
02 Jun 2021
Security Think Tank: Printer risks go deep into IT history
Though rarely discussed in a cyber context, the prevalence of connected printers and MFPs does pose security risks both technological and physical. What does a print security strategy need to take into account? Continue Reading
-
News
25 May 2021
CyberSprinters game gives kids a head start, says NCSC
An online game for primary schools, clubs and youth organisations will teach children aged seven to 11 the fundamentals of staying safe online Continue Reading
-
News
25 May 2021
McAfee to change terms of auto-renewing consumer plans
Consumers who found their McAfee antivirus contracts auto-renewed will be able to get out of their contracts and get their money back Continue Reading
-
News
25 May 2021
Legacy vulnerabilities may be biggest enterprise cyber risk
While high-profile cyber attacks and zero-days grab headlines, statistics gathered by network security specialists Cato suggest CISOs should be addressing legacy threats Continue Reading
-
News
24 May 2021
Dutch researchers build security software to mimic human immune system
Software could help IT systems develop immunity to some cyber attacks in a similar way to how the body fights infection Continue Reading
-
News
24 May 2021
Why the security stack needs to move to the edge
Akamai’s chief technology officer Robert Blumofe makes the case for a decentralised security model to address cyber threats that are emanating from the network edge Continue Reading
-
News
20 May 2021
Malicious scans for at-risk systems start minutes after disclosure
Statistics collated by Palo Alto Networks reveal malicious actors begin scanning the internet for systems at risk of new CVEs within minutes Continue Reading
-
News
20 May 2021
HP taps micro virtual machines in endpoint security
HP’s Wolf Security technology stack uses an endpoint security controller to run computing tasks in micro virtual machines so that any potential malware can be isolated and contained Continue Reading
-
News
19 May 2021
Barclays first bank to publish online scam refund details
All banks must be transparent about the proportion of victims of authorised push payment fraud they refund, says consumer rights organisation Which? Continue Reading
-
News
19 May 2021
Flexxon bakes AI into SSDs to fight unknown threats
Singapore-based Flexxon has developed a solid-state drive that uses artificial intelligence to fend off malware and other unknown threats Continue Reading
-
News
18 May 2021
Cisco acquires Kenna Security amid security expansion
Cisco announces a new acquisition alongside service enhancements around XDR and SASE in support of its security customers Continue Reading
-
E-Zine
18 May 2021
The real-life consequences of ransomware attacks
In this week’s Computer Weekly, after a ransomware attack shut a major US oil pipeline, we examine the real-life consequences for organisations facing similar threats. We ask the experts for their top tips in reducing datacentre running costs. And we hear how data science skills are helping government make better decisions. Read the issue now. Continue Reading
-
News
17 May 2021
Government seeks input on supply chain security
Amid concerns that too few companies are addressing vulnerabilities in their supply chain, DCMS is opening a consultation on new measures to enhance security Continue Reading
-
News
14 May 2021
Okta and Auth0 to expand APAC coverage
Okta’s acquisition of rival Auth0 will enable both companies to expand their footprint in the Asia-Pacific region as demand for identity management services soars amid the pandemic Continue Reading
-
E-Zine
13 May 2021
CW Benelux: Netherlands university launches centre of expertise in applied AI
Amsterdam University of Applied Sciences has launched a centre of expertise in applied artificial intelligence, and students from all faculties of the university will learn how to apply AI in their field of study. Also in this issue, read why a training ‘roadmap’ is needed to get Netherlands police officers up to speed with tackling cyber crime. Continue Reading
-
News
13 May 2021
Refuge launches tech safety site for domestic abuse victims
Created with the help of survivors, Refuge’s resource site offers guidance on protecting yourself from tech-enabled domestic abuse Continue Reading
-
News
12 May 2021
Microsoft fixes four critical bugs on lighter Patch Tuesday
Four critical RCE vulnerabilities put users of various Microsoft products at risk, and should be patched right away Continue Reading
-
News
11 May 2021
Collaboration key to success of UK’s Cyber Security Council
The founders of the UK’s Cyber Security Council have been setting out their plans to professionalise the cyber sector at the NCSC’s CyberUK 2021 event Continue Reading
-
Feature
10 May 2021
How to support a hybrid workforce
As the economy opens up, organisations are rethinking the idea of office-based work – and a more flexible approach is on the cards Continue Reading
-
Blog Post
07 May 2021
One size does not fit all - current cyber security practice as revealed by the DCMS Breaches Survey
The report is an excellent snapshot but it also illustrates why most business leaders (large or small) find it so hard to take cyber security seriously until it is put into the context of their own ... Continue Reading
-
News
07 May 2021
NCSC publishes smart city security guidelines
Guidance for local authorities, IT and cyber professionals aims to ensure the security of connected, smart city projects Continue Reading
-
News
07 May 2021
Ransomware, supply chain attacks show no sign of abating
Security experts at Black Hat Asia 2021 discuss the state of ransomware and supply chain attacks, two of the most common attack vectors that offer high returns for threat actors Continue Reading
-
News
06 May 2021
Google to introduce mandatory MFA for users
In future, holders of Google accounts will have no option but to use multifactor authentication if they want to use the firm’s services Continue Reading
-
News
06 May 2021
HSBC blocks £249m in UK fraud with voice biometrics
HSBC voice recognition technology has reduced telephone banking fraud as demand for the channel increases Continue Reading
-
News
05 May 2021
Sophos: How timely intervention stopped a ProxyLogon attack
A recent incident at an undisclosed customer sheds new light on how malicious actors exploit unpatched Microsoft Exchange servers Continue Reading
-
News
03 May 2021
New standard to simplify IoT device onboarding
Fido Alliance’s device onboarding protocol will automate the process of connecting internet-of-things devices to device management platforms while improving security Continue Reading
-
News
28 Apr 2021
Recruiters can’t afford to hold out for cyber ‘unicorns’
The perfect security candidate is hard to find, so hiring policy needs to be more pragmatic Continue Reading
-
Opinion
27 Apr 2021
Why we need to reset the debate on end-to-end encryption to protect children
Private messaging is the front line of abuse, yet E2EE in its current form risks engineering away the ability of firms to detect and disrupt it where it is most prevalent Continue Reading
-
News
27 Apr 2021
Apple OS updates patch multiple security holes
The much-heralded release of the privacy-centric iOS 14.5 also brings patches for multiple CVEs, and users of Apple smartphones, tablets and notebooks are best advised to update as soon as possible Continue Reading
-
News
27 Apr 2021
North London school wins NCSC girls’ cyber challenge
Highgate School in North London is the winner of this year’s CyberFirst Girls security competition Continue Reading
-
News
27 Apr 2021
The Security Interviews: Making sense of outbound email security
Screening inbound emails is an accepted part of an organisation’s security posture, but the topic of securing outbound traffic is less often discussed. Zivver’s Rick Goud is on a mission to change this Continue Reading
-
News
27 Apr 2021
UnitingCare Queensland hit by cyber attack
Healthcare service provider UnitingCare Queensland was reportedly hit by a ransomware attack that crippled several IT systems Continue Reading
-
News
26 Apr 2021
How Toffs is seizing Asia’s CDN market
Toffs Technologies is eyeing second- and third-tier cities in Asia as it bolsters its infrastructure and experiments with the use of home networks as content delivery networks Continue Reading
-
News
22 Apr 2021
ToxicEye malware exploits Telegram messaging service
The Telegram instant messaging service is being used by malicious actors to manage a remote access trojan called ToxicEye Continue Reading
-
News
21 Apr 2021
NCSC offers teachers free cyber security training
The NCSC’s latest security training offer builds on a package of measures designed to protect schools from cyber attack Continue Reading
-
News
20 Apr 2021
Health app myGP adds Covid-19 vaccine passport function
The new feature is described as the UK’s first NHS-assured Covid-19 certification feature Continue Reading
-
News
20 Apr 2021
UK’s proposed IoT cyber security law gathers momentum
New statistics appear to vindicate UK government proposals to force suppliers to be upfront about IoT security Continue Reading
-
News
20 Apr 2021
Chinese APT exploits critical CVE in Pulse Secure VPN
A newly disclosed vulnerability in Pulse Secure’s VPN is being exploited by a Chinese advanced persistent threat group – assume compromise and mitigate today Continue Reading
-
News
20 Apr 2021
Singapore’s ViewQwest debuts security service
ViewQwest’s SecureNet service uses Palo Alto Networks’ next-generation firewall with deep packet inspection capabilities to guard against cyber threats Continue Reading
-
News
16 Apr 2021
Finnish government strengthens country’s IT network security
Finland’s government has created a new national organisation to help public and private bodies improve network security Continue Reading
-
News
15 Apr 2021
Microsoft is most impersonated brand in phishing attempts
Technology companies continue to be frequently spoofed by cyber criminals in their phishing attempts Continue Reading
-
News
14 Apr 2021
FBI accesses ProxyLogon target servers to disrupt cyber criminals
US Justice Department reveals successful court-authorised effort to clamp down on ProxyLogon exploitation Continue Reading
-
News
14 Apr 2021
NSA unearths more MS Exchange vulnerabilities
Microsoft patches more critical vulnerabilities in Exchange Server a month after the ProxyLogon incident, after being warned by the US National Security Agency Continue Reading
-
News
13 Apr 2021
MP told to ditch official email over hacking fears
MP Tom Tugendhat claims the intelligence services advised him to switch to the Gmail service due to concerns his parliamentary email could be hacked Continue Reading
-
News
13 Apr 2021
Millions of devices at risk from NAME:WRECK DNS bugs
Newly disclosed set of nine DNS vulnerabilities puts over 100 million consumer, enterprise and industrial IoT devices at risk Continue Reading
-
News
13 Apr 2021
EncroChat lawyers raise questions over use of PII secrecy orders on UK decryption capabilities
Lawyers claim that public interest immunity certificates may have been used to withhold information on UK intelligence agencies’ ability to decrypt encrypted communications Continue Reading
-
Definition
12 Apr 2021
endpoint detection and response (EDR)
Endpoint detection and response (EDR) is a system to gather and analyze security threat-related information from computer workstations and other endpoints, with the goal of finding security breaches as they happen and facilitating a quick response to discovered or potential threats. Continue Reading
-
News
09 Apr 2021
Cring ransomware hits ICS through two-year-old bug
A long-disclosed vulnerability in Fortinet’s Fortigate VPN servers is being exploited to distribute Cring ransomware Continue Reading
-
Tip
01 Apr 2021
5 endpoint security best practices to keep company data safe
With an expanding company perimeter, it's time to implement these endpoint security best practices, from asset discovery to device profiling. Continue Reading
-
News
31 Mar 2021
Cyber Security Council to champion UK security pros
A new cyber security professional body has launched with the aim of developing and promoting UK cyber security excellence globally and growing the skills base Continue Reading
-
News
30 Mar 2021
Ransomware attack on London schools highlights warnings
Ransomware attack on Harris Federation comes just days after a fresh NCSC alert for the education sector Continue Reading
-
News
30 Mar 2021
The Security Interviews: How to secure an F1 team in a pandemic
A multi-year digital transformation programme paid off for F1 team Williams Racing when the 2020 season was abruptly postponed thanks to Covid-19. Learn how the team’s CIO has been supporting remote working and protecting data Continue Reading
-
News
29 Mar 2021
Cyber attack takes Channel Nine off-air
The Australian broadcaster was hit by an alleged ransomware attack that disrupted broadcasting operations in its Sydney studio Continue Reading
-
News
26 Mar 2021
Leading Israeli IoT firm lands in US as worldwide malware attacks surge
With US end-user internet of things devices expected to grow to $1.6tn by 2025 and with more than 5.4 billion IoT connected devices in North America alone, tech firms and the black hat community are weighing up the potential Continue Reading
-
News
25 Mar 2021
Four in five UK businesses seek new security suppliers
Decision-makers are ready to buy new security technology, but suppliers must pay close attention to how they present themselves Continue Reading
-
News
25 Mar 2021
Facebook disrupts Chinese espionage operation
Social media giant’s in-house security team has tracked down and disrupted a long-running Chinese campaign targeting the Uighur Muslim minority Continue Reading
-
Feature
24 Mar 2021
How to choose the right email security service for your organisation
With email security threats growing rapidly, businesses can quickly identify and block these by using a top email security service. Here’s how to select the right provider Continue Reading
-
News
23 Mar 2021
NCSC beefs up support for education sector after spate of attacks
Refreshed guidance from the NCSC recommends a defence-in-depth strategy as schools and universities face a renewed wave of cyber attacks Continue Reading
-
Opinion
23 Mar 2021
Security Think Tank: Attacks on CNI – an evolving frontier in warfare
In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
Opinion
22 Mar 2021
Security Think Tank: Back to square one – ground-up CNI protection
In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
News
18 Mar 2021
Eastern Health reports ‘cyber incident’, takes systems offline
Australian healthcare provider Eastern Health takes IT systems offline as a precaution while it looks into a cyber incident Continue Reading
-
Opinion
17 Mar 2021
Security Think Tank: Take a realistic perspective on CNI cyber attacks
In light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
Opinion
17 Mar 2021
Security Think Tank: CNI operators must focus on core issues
In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
News
16 Mar 2021
Unusual DearCry ransomware uses ‘rare’ approach to encryption
Hybrid approach to encryption used by DearCry bears similarities to WannaCry Continue Reading
-
News
16 Mar 2021
Microsoft releases one-click ProxyLogon mitigation tool
Microsoft’s mitigation tool is designed to help customers without dedicated security or IT teams navigate fixing their vulnerable Exchange servers Continue Reading
-
News
16 Mar 2021
Government calls for input into Covid-19 vaccine passports
Evidence gathering exercise will inform the development of the UK’s proposed Covid-19 vaccine passport scheme Continue Reading
-
Tip
15 Mar 2021
Endpoint security vs. network security: Why both matter
As the security perimeter blurs, companies often debate the merits of endpoint security vs. network security. However, it shouldn't be an either-or decision. Continue Reading
-
News
15 Mar 2021
Microsoft Exchange ProxyLogon attacks spike 10 times in four days
Exploitations of the Microsoft Exchange ProxyLogon vulnerabilities have increased tenfold in just four days Continue Reading
-
Opinion
15 Mar 2021
EncroChat ruling has ‘far-reaching effects’ for legal role of interception in UK investigations
The computer forensic experts involved in the review of police use of data hacked from the ultra-secure EncroChat phone network assess the impact of the Appeal Court ruling on future legal use of intercept evidence Continue Reading
-
News
14 Mar 2021
Arrest warrants issued for Canadians behind Sky ECC cryptophone network used by organised crime
The US has issued arrest warrants for the CEO of Sky Global and a former distributor for racketeering, aiding and abetting the distribution of illegal drugs by supplying encrypted phones to criminals Continue Reading
-
News
12 Mar 2021
NCSC issues emergency alert on Microsoft Exchange patch
UK’s national cyber agency calls on organisations affected by the ProxyLogon vulnerabilities to patch their Microsoft Exchange Servers immediately Continue Reading
-
News
12 Mar 2021
DearCry ransomware targets vulnerable Exchange servers
As predicted, ransomware gangs have started to target vulnerable instances of Microsoft Exchange Server, making patching an even greater priority Continue Reading
-
News
11 Mar 2021
Attack on surveillance cameras a warning over security, ethics
The attack on a video surveillance startup by a hacktivist group raises questions not just over cyber security, but the use and extent of surveillance technology Continue Reading
-
News
11 Mar 2021
After Emotet takedown, Trickbot roars up threat charts
Malicious actors are turning to new tricks as Emotet fades away Continue Reading
-
E-Zine
11 Mar 2021
CW Europe: Nordic tech startups create blueprint for post-Covid working environment
Business can learn lessons from Nordic tech startups to prepare employees to return to the office after Covid restrictions end. Also read why Netherlands police need a training ‘roadmap’ to get them up to speed to tackle cyber crime. Continue Reading
-
Feature
09 Mar 2021
Explore 5 business email compromise examples to learn from
Gift cards are for gifts, never for payment. Explore real-world examples of business email compromise to learn common attack patterns and red flags. Continue Reading
-
News
09 Mar 2021
Belgian police raid 200 premises in drug operation linked to breach of encrypted phone network
More than 1,600 police and law enforcement officials conduct drug raids after the compromise of an encrypted mobile phone network that has parallels with EncroChat Continue Reading
-
News
09 Mar 2021
Private equity house buys McAfee enterprise business
Deal to sell off enterprise unit will see McAfee become a pure-play consumer organisation Continue Reading
-
News
05 Mar 2021
Singapore Airlines the latest victim of supply chain attack
A restricted set of data of over 580,000 frequent flyer members of Singapore Airlines was exposed in a supply chain attack against Sita’s passenger service system Continue Reading
-
News
04 Mar 2021
Okta picks up Auth0 for $6.5bn
Multibillion-dollar acquisition a vote of confidence in future of identity and access management services Continue Reading
-
News
04 Mar 2021
Microsoft Exchange CVEs more widely exploited than thought
US CISA issues emergency guidance as impact of four newly disclosed Microsoft Exchange vulnerabilities becomes clearer Continue Reading
-
News
04 Mar 2021
Qualys caught up in Accellion FTA breach
Security services supplier confirms that some of its data was stolen via vulnerabilities in Accellion’s file transfer product Continue Reading
-
News
04 Mar 2021
UK contactless payment limit more than doubled
UK increases the amount that can be spent in one go using a contactless payments card to £100 Continue Reading