IT security
-
News
11 Jul 2024
Dutch research firm TNO pictures the SOC of the future
In only a few years, security operations centres will have a different design and layout, and far fewer will remain Continue Reading
-
News
04 Apr 2024
Changes needed for SOCs and CSIRTs, claims Dutch research institute
Cyber security specialists need a game-changer to keep up with their adversaries, who increasingly use automation and AI for their attacks Continue Reading
-
News
20 Nov 2023
Cubbit DS3 Composer brings DIY cloud to object storage pool
Cubbit customers can now build and configure S3-compatible clouds from unused capacity and offer MSP-grade services with high levels of resilience, security and data sovereignty Continue Reading
By- Antony Adshead, Storage Editor
-
News
20 Nov 2023
IT not ready for AI, Pure Storage survey finds
Storage, compute and networking hardware won’t cope without upgrades, and that often means total IT infrastructure overhaul Continue Reading
By- Antony Adshead, Storage Editor
-
News
20 Nov 2023
Defence lawyers seek appeal of tribunal ruling on police EncroChat cryptophone hack
Defence lawyers are seeking leave to appeal against a tribunal ruling that found the National Crime Agency had lawfully obtained warrants to access messages from 9,000 cryptophones used in the UK Continue Reading
By- Bill Goodwin, Computer Weekly
-
Opinion
20 Nov 2023
Security incident response teams are human, too
What goes into a good incident response plan, and what steps should security professionals take to ensure they are appropriately prepared for the almost inevitable attack, and secure buy-in from organisational leadership? Continue Reading
By- Mandy Andress, Elastic
-
Podcast
17 Nov 2023
Walmart’s enterprise software: A Computer Weekly Downtime Upload podcast
We speak to Walmart’s David Glick about the build/buy debate and how the retailer works with large language models Continue Reading
By- Cliff Saran, Managing Editor
-
News
17 Nov 2023
Microsoft and Meta quizzed on AI copyright
Large language models are trained using vast amounts of public data – but do the hyperscalers comply with copyright laws? Continue Reading
By- Cliff Saran, Managing Editor
-
Definition
16 Nov 2023
Automated Clearing House fraud (ACH fraud)
ACH fraud is the theft of funds through the U.S. Department of the Treasury's Automated Clearing House financial transaction network. Continue Reading
By -
News
16 Nov 2023
Royal Mail spent £10m on cyber measures after LockBit attack
Royal Mail has spent approximately £10m on recovery and improved cyber resilience measures in the wake of the January 2023 LockBit ransomware attack Continue Reading
By- Alex Scroxton, Security Editor
-
Blog Post
16 Nov 2023
Custom chatbots and model gardens: putting Private AI to work
Part 2: More to think about It’s essential to decide where to run your Private AI - or who you will get to run it for you, in some cases - but that is just the start. Assuming that you also want ... Continue Reading
By- Bryan Betts, Freeform Dynamics
-
News
16 Nov 2023
Outgoing police tech watchdog warns of declining oversight
The outgoing biometrics and surveillance camera commissioner for England and Wales discusses police deployment of powerful new surveillance technologies, and the declining state of oversight in this area Continue Reading
By- Sebastian Klovig Skelton, Data & ethics editor
-
News
16 Nov 2023
Ransomware gang grasses up uncooperative victim to US regulator
The ALPHV/BlackCat ransomware gang has added a new tactic to its playbook, going to ever more extreme lengths in search of a pay-off Continue Reading
By- Alex Scroxton, Security Editor
-
News
16 Nov 2023
British Library’s Halloween cyber scare was ransomware
The British Library has provided an update on an ongoing cyber incident affecting its systems, confirming it to be the result of a ransomware attack Continue Reading
By- Alex Scroxton, Security Editor
-
Blog Post
16 Nov 2023
Understanding the rise and role of Private AI
Part 1: AI hype vs fear and doubt The leakage of proprietary IP and other data has been one of the biggest corporate fears around generative AI since the launch of ChatGPT. Some companies even ... Continue Reading
By- Bryan Betts, Freeform Dynamics
-
News
15 Nov 2023
BlackCat affiliate seen using malvertising to spread ransomware
Researchers at eSentire identified a wave activity from an ALPHV/BlackCat ransomware affiliate which has adopted a somewhat unusual approach to delivering its locker Continue Reading
By- Alex Scroxton, Security Editor
-
News
15 Nov 2023
Russian cyber criminal pleads guilty to running IPStorm botnet
Sergey Manikin faces years in jail after his illicit proxy botnet service was taken down by US law enforcement Continue Reading
By- Alex Scroxton, Security Editor
-
News
15 Nov 2023
November Patch Tuesday heralds five new MS zero-days
Microsoft pushes fixes for five new zero-days in its latest monthly update Continue Reading
By- Alex Scroxton, Security Editor
-
News
15 Nov 2023
US government reinforces ICBC hack link to Citrix Bleed
US Treasury adds weight to reports that a ransomware gang gained access to the systems of Chinese bank ICBC by exploiting a critical Citrix flaw Continue Reading
By- Alex Scroxton, Security Editor
-
News
15 Nov 2023
How Gigamon is making its mark in deep observability
Gigamon CEO Shane Buckley talks up the company’s ability to inspect encrypted network traffic for malicious activity, how it stands out with its deep observability capabilities and the tailwinds that are fuelling its growth Continue Reading
By- Aaron Tan, TechTarget
-
Definition
14 Nov 2023
cardholder data environment (CDE)
A cardholder data environment (CDE) is a computer system or networked group of IT systems that processes, stores or transmits cardholder data or sensitive payment authentication data. Continue Reading
By- Rahul Awati
- Sharon Shea, Executive Editor
-
News
14 Nov 2023
Fast-acting cyber gangs increasingly disabling telemetry logs
Sophos guidance for security practitioners and defenders highlights a growing trend for threat actors to disable or wipe telemetry logs to cover their tracks Continue Reading
By- Alex Scroxton, Security Editor
-
E-Zine
14 Nov 2023
The UK AI Safety Summit – what did it achieve?
In this week’s Computer Weekly, we look back at the UK government’s AI Safety Summit and assess what it achieved – and what it didn’t. Our latest buyer’s guide examines the future of business software and modernising legacy applications. And we find out how the UK Product Security and Telecommunications Infrastructure Act aims to protect your smart devices. Read the issue now. Continue Reading
-
News
13 Nov 2023
Rogue state-aligned actors are most critical cyber threat to UK
The prospect of rogue nation-state-aligned attackers bringing down the UK’s critical infrastructure is keeping the NCSC up at night Continue Reading
By- Alex Scroxton, Security Editor
-
News
13 Nov 2023
Lloyds Bank warns over rising threat of crypto scams
Report by Lloyds Banking Group finds there has been a 23% increase in cryptocurrency scams in 2023 compared with last year, targeting mostly younger investors Continue Reading
By- Scarlet Charles
-
News
13 Nov 2023
Encrypted mail service Tuta says it was wrongly accused of being a front for intelligence services
German encrypted email service Tuta, formerly known as Tutanota, has denied claims by a former Canadian police intelligence officer accused of passing secrets to criminals that it was compromised by intelligence services Continue Reading
By- Bill Goodwin, Computer Weekly
-
News
13 Nov 2023
Victims’ legal action over 2015 Carphone Warehouse breach moves forward
A class action against Currys Retail over the 2015 data breach of Carphone Warehouse customers has been granted permission to move forward in the courts Continue Reading
By- Alex Scroxton, Security Editor
-
News
13 Nov 2023
ICO alerted after technical ‘issue’ exposed college files to student barristers
A training college for barristers has reported a data breach that left sensitive data on hundreds of current and former students accessible to other trainees Continue Reading
By -
Opinion
10 Nov 2023
Breached? Don't panic… if you created a robust IR plan
What goes into a good incident response plan, and what steps should security professionals take to ensure they are appropriately prepared for the almost inevitable attack, and secure buy-in from organisational leadership? Continue Reading
By- Paul Lewis, Nominet
-
News
10 Nov 2023
UN disarmament body calls for global action on autonomous weapons
UN draft resolution highlighting the dangers of autonomous weapons passes with overwhelming majority Continue Reading
By- Sebastian Klovig Skelton, Data & ethics editor
-
Opinion
10 Nov 2023
How the Online Safety Act will impact businesses beyond Big Tech
The Online Safety Act will impact an estimated 100,000 online services in the UK and overseas Continue Reading
By- Ria Moody, Linklaters
-
News
10 Nov 2023
Ransomware attack on major Chinese lender disrupts financial markets
The financial services arm of one of the world’s largest banks was taken offline by a supposed LockBit ransomware attack, causing problems for US markets Continue Reading
By- Alex Scroxton, Security Editor
-
News
10 Nov 2023
APAC cyber security workforce hits record high
The cyber security workforce in Asia-Pacific now stands at just under a million people, but demand for cyber security talent in the region continues to outpace supply Continue Reading
By- Aaron Tan, TechTarget
-
Definition
09 Nov 2023
crisis communication
Crisis communication is a strategic approach to corresponding with people and organizations during a disruptive event. Continue Reading
By- Rahul Awati
- Paul Crocetti, Executive Editor
-
Definition
09 Nov 2023
emergency communications plan (EC plan)
An emergency communications plan (EC plan) is a document that provides guidelines, contact information and procedures for how information should be shared during all phases of an unexpected occurrence that requires immediate action. Continue Reading
By- Rahul Awati
- Paul Crocetti, Executive Editor
-
News
09 Nov 2023
Revealed: How Russia’s Sandworm ramped up attacks on Ukraine’s critical infrastructure
New Mandiant intelligence reveals how the APT known as Sandworm has been evolving its playbook, twisting legitimate executables known as LoLBins into malicious tools as it seeks to disrupt daily life in Ukraine Continue Reading
By- Alex Scroxton, Security Editor
-
Definition
09 Nov 2023
mandatory access control (MAC)
Mandatory access control (MAC) is a security strategy that restricts the ability individual resource owners have to grant or deny access to resource objects in a file system. Continue Reading
By -
Opinion
09 Nov 2023
The best IR plans are well-revised and deeply familiar
What goes into a good incident response plan, and what steps should security professionals take to ensure they are appropriately prepared for the almost inevitable attack, and secure buy-in from organisational leadership? Continue Reading
By- Elliott Wilkes
-
News
09 Nov 2023
NCSC makes annual Black Friday plea to consumers
Ahead of the annual festival of retail avarice, the NCSC is once again asking consumers to do the bare minimum to avoid falling victim to scams Continue Reading
By- Alex Scroxton, Security Editor
-
News
09 Nov 2023
Suspected ransomware attack hits Scottish council
Systems at Comhairle nan Eilean Siar were downed on 7 November in a suspected ransomware attack Continue Reading
By- Alex Scroxton, Security Editor
-
News
09 Nov 2023
UK government does not see need for specific AI legislation
The UK government does not currently see the need for new artificial intelligence legislation, as many regulators are already dealing effectively with AI-related harms Continue Reading
By- Sebastian Klovig Skelton, Data & ethics editor
-
News
09 Nov 2023
The Security Interviews: Why cyber needs to integrate better
Cyber security is an intensely technical field, but we shouldn’t ignore the soft skills of communication and collaboration. Wipro’s Tony Buffomante explains why a robust security posture is dependent on a security team engaging with the wider organisation Continue Reading
-
News
09 Nov 2023
Why IT governance is a coding issue
Two new pieces of research point to benefits of policy as code Continue Reading
By- Cliff Saran, Managing Editor
-
E-Zine
09 Nov 2023
Heineken lets the data flow
In this month’s CW EMEA ezine, we find out about Heineken’s mission to make the most out of the data it holds through an enterprise-wide data ecosystem. We also look at how the UK has turned its back on the German government-funded Gaia-X data platform, why cyber experts are urging the EU to rethink vulnerability disclosure plans, and how the IT industry is responding to the software developer skills shortfall. Read the issue now. Continue Reading
-
News
08 Nov 2023
Data-sharing management gap highlights cyber risk, says report
Organisations are struggling to secure their use of communications tools to share data with third-party partners and suppliers, and in the process are exposing themselves to heightened levels of risk, according to a report Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
08 Nov 2023
The plan for the inevitable cyber attack: Get the gist of NIST
What goes into a good incident response plan, and what steps should security professionals take to ensure they are appropriately prepared for the almost inevitable attack, and secure buy-in from organisational leadership? Continue Reading
By- Theodore Wiggins, Airbus Protect
-
News
08 Nov 2023
Iconic Singapore hotel caught up in major data breach
The Marina Bay Sands resort in Singapore uncovered a data breach of its guest loyalty programme last month Continue Reading
By- Alex Scroxton, Security Editor
-
News
08 Nov 2023
King’s Speech misses the mark on cyber law reform, says campaign
A group of activists who want to reform the UK’s computer misuse laws to protect bona fide cyber pros from prosecution have been left disappointed by a lack of legislative progress Continue Reading
By- Alex Scroxton, Security Editor
-
News
08 Nov 2023
The Security Interviews: ISC2’s Clar Rosso on cyber diversity and policy
Computer Weekly catches up with ISC2 CEO Clar Rosso to talk about diversifying the cyber workforce and supporting cyber pros as they keep up with growing compliance and security policy demands Continue Reading
By- Alex Scroxton, Security Editor
-
Definition
08 Nov 2023
call tree
A call tree is a layered hierarchical communication model used to notify specific individuals of an event and coordinate recovery if necessary. Continue Reading
By- Rahul Awati
- Paul Crocetti, Executive Editor
-
Definition
07 Nov 2023
dark web monitoring
Dark web monitoring is the process of searching for and continuously tracking information on the dark web. Continue Reading
By- Ben Lutkevich, Site Editor
-
News
07 Nov 2023
Researchers ‘break’ rule designed to guard against Barracuda vulnerability
Vectra AI researchers found that a Suricata rule designed to detect exploitation of a dangerous Barracuda Email Security Gateway flaw was not entirely effective Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
07 Nov 2023
Enhancing security: The crucial role of incident response plans
What goes into a good incident response plan, and what steps should security professionals take to ensure they are appropriately prepared for the almost inevitable attack, and secure buy-in from organisational leadership? Continue Reading
By- Chris McGowan
-
News
07 Nov 2023
Unesco unveils seven-point anti-disinformation plan
United Nations body outlines seven proposals for civil society, governments, regulators and tech platforms to adopt to combat the source of disinformation Continue Reading
By- Alex Scroxton, Security Editor
-
News
07 Nov 2023
AI Safety Summit review
Computer Weekly takes stock of the UK government’s AI Safety Summit and the differing perspectives around its success Continue Reading
By- Sebastian Klovig Skelton, Data & ethics editor
-
E-Zine
07 Nov 2023
How ExxonMobil is leading with data
In this week’s Computer Weekly, we talk to the leader of ExxonMobil’s data organisation, about the energy giant’s strategy to establish enterprise-wide principles for the use of data. As the UK’s Online Safety Act comes into force, we examine the tech sector’s concerns over the laws around end-to-end encryption. And we look at the software tools available to HR teams to help improve staff retention. Read the issue now. Continue Reading
-
Opinion
06 Nov 2023
IR plans: The difference between disaster and recovery
What goes into a good incident response plan, and what steps should security professionals take to ensure they are appropriately prepared for the almost inevitable attack, and secure buy-in from organisational leadership? Continue Reading
By- Becky Gelder, Turnkey Consulting
-
News
06 Nov 2023
Shadow IT use at Okta behind series of damaging breaches
Okta now believes the initial access vector in a series of damaging breaches was one of its own employees who used a corporate device to sign into their personal Google account Continue Reading
By- Alex Scroxton, Security Editor
-
News
06 Nov 2023
How Trellix’s CISO keeps threat actors at bay
Trellix’s chief information security officer, Harold Rivas, outlines how the company mitigates security threats through containment and by helping security analysts to respond faster to cyber incidents Continue Reading
By- Aaron Tan, TechTarget
-
06 Nov 2023
Tech firms flag risk to end-to-end encryption as Online Safety Bill gets royal assent
Technology organisations remain concerned that the newly implemented Online Safety Act could undermine end-to-end encryption, despite government reassurances that it will ensure online safety. Continue Reading
-
Definition
03 Nov 2023
Common Vulnerabilities and Exposures (CVE)
Common Vulnerabilities and Exposures (CVE) is a publicly listed catalog of known security threats. Continue Reading
By -
Feature
03 Nov 2023
SolarWinds hack explained: Everything you need to know
Hackers targeted SolarWinds by deploying malicious code into its Orion IT monitoring and management software used by thousands of enterprises and government agencies worldwide. Continue Reading
By- Saheed Oladimeji, Sean Michael Kerner
-
Opinion
03 Nov 2023
Incident response planning requires constant testing
What goes into a good incident response plan, and what steps should security professionals take to ensure they are appropriately prepared for the almost inevitable attack, and secure buy-in from organisational leadership? Continue Reading
By- Jack Chapman
-
News
02 Nov 2023
Admins told to take action over F5 Big-IP platform flaws
Two vulnerabilities in the widely used F5 Networks Big-IP platform are now being exploited in the wild Continue Reading
By- Alex Scroxton, Security Editor
-
News
02 Nov 2023
UK workers exhibit poor security behaviours, report reveals
Report by KnowBe4 has found that four in five UK workers do not make security-conscious choices, whether in-office, remote or hybrid working Continue Reading
By- Scarlet Charles
-
Opinion
02 Nov 2023
Use existing structures to build your incident response plan
What goes into a good incident response plan, and what steps should security professionals take to ensure they are appropriately prepared for the almost inevitable attack, and secure buy-in from organisational leadership? Continue Reading
By- Sam Lascelles
-
News
02 Nov 2023
How the UK crime agency repurposed Amazon cloud platform to analyse EncroChat cryptophone data
UK crime agency repurposed AWS-based analytics platform to triage EncroChat data and identify threats to life in messages sent on encrypted phone network Continue Reading
By- Bill Goodwin, Computer Weekly
- Sebastian Klovig Skelton, Data & ethics editor
-
News
02 Nov 2023
EU digital ID reforms should be ‘actively resisted’, say experts
Over 300 cyber security experts have called for the EU to rethink its proposals for eIDAS digital identity reforms, saying some of the provisions risk damaging user privacy and security Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
01 Nov 2023
Incident response planning is vulnerable to legacy thinking
What goes into a good incident response plan, and what steps should security professionals take to ensure they are appropriately prepared for the almost inevitable attack, and secure buy-in from organisational leadership? Continue Reading
-
News
01 Nov 2023
Lloyds bank kicks off Hyderabad operation
Lloyds Banking Group has opened its latest tech operation in Hyderabad, with plans to recruit around 600 IT experts Continue Reading
By- Karl Flinders, Chief reporter and senior editor EMEA
-
News
01 Nov 2023
Darktrace CEO Poppy Gustafsson on her AI Safety Summit goals
As the AI Safety Summit at Bletchley Park takes place, Computer Weekly caught up with Darktrace CEO Poppy Gustafsson to find out what one of the UK’s most prominent AI advocates wants from proceedings Continue Reading
By- Alex Scroxton, Security Editor
-
News
31 Oct 2023
British Library falls victim to cyber attack
The British Library is experiencing a major IT outage following a cyber incident of an undisclosed nature Continue Reading
By- Alex Scroxton, Security Editor
-
News
31 Oct 2023
Biden’s AI plans focus on US workers’ protection
The US president has issued an Executive Order that sets out his administration’s strategy for AI safety and security Continue Reading
By- Cliff Saran, Managing Editor
-
News
31 Oct 2023
SEC sues SolarWinds, alleging serious security failures
SolarWinds and its CISO have been charged with fraud and internal control failures by the US authorities amid allegations of a series of cyber security failings leading up to the 2020 Sunburst attacks Continue Reading
By- Alex Scroxton, Security Editor
-
Definition
30 Oct 2023
ISO 27002 (International Organization for Standardization 27002)
The ISO 27002 standard is a collection of information security management guidelines that are intended to help an organization implement, maintain and improve its information security management. Continue Reading
By- Paul Kirvan
- Ben Cole, Executive Editor
-
Opinion
30 Oct 2023
The implications of biased AI models on the financial services industry
The Bank of England has warned of the risk artificial intelligence models present in creating bias that could pose a threat to the UK’s financial services sector. How do those risks emerge and how they might be mitigated? Continue Reading
By- Jamie Rowlands
-
Definition
30 Oct 2023
supercookie
A supercookie is a type of tracking cookie inserted into an HTTP header to collect data about a user's internet browsing history and habits. Continue Reading
By- Rahul Awati
- Madelyn Bacon, TechTarget
-
News
30 Oct 2023
Frontier AI Taskforce starts recruitment drive
The second progress report from the Frontier AI Taskforce reveals new hires plus vacancy posts for software and research engineers Continue Reading
By- Cliff Saran, Managing Editor
-
News
30 Oct 2023
FDM Group partners with ISACA to boost cyber training programme
The FDM Group has announced a partnership with ISACA to help develop and boost their cyber training programmes and credentials Continue Reading
By- Scarlet Charles
-
Opinion
30 Oct 2023
Reported major cyberattacks are falling – but watch out for the massive threats posed by gen AI
The number of reported major cyberattacks is falling. Are we just getting used to them? Continue Reading
By- Jim Tiller
-
Feature
30 Oct 2023
Greek data watchdog to rule on AI systems in refugee camps
A forthcoming decision on the compliance of surveillance and security systems in Greek refugee camps could set a precedent for how AI and biometric systems are deployed for ‘migration management’ in Europe Continue Reading
-
Definition
27 Oct 2023
compliance officer
Compliance officers are employees tasked with ensuring a company follows its internal rules and best-practice policies while always complying with applicable external laws and government regulations. Continue Reading
-
News
27 Oct 2023
Tech firms cite risk to end-to-end encryption as Online Safety Bill gets royal assent
Tech firms continue to be concerned that the Online Safety Bill could undermine end-to-end encryption despite government reassurances Continue Reading
By- Bill Goodwin, Computer Weekly
-
News
27 Oct 2023
Domestic abuse charities surface fresh worries over NHS data sharing
With new NHS data access options coming into effect at the end of October, a group of campaigners including womens' charities and the BMA have warned that the revived GP-patient data sharing scheme risks putting vulnerable people at risk Continue Reading
By- Alex Scroxton, Security Editor
-
News
27 Oct 2023
Microsoft warns over growing threat from Octo Tempest gang
The English-speaking Octo Tempest extortion gang – which became an ALPHV/BlackCat affiliate recently – presents one of the most significant and rapidly growing threats to large organisations at this time, says Microsoft Continue Reading
By- Alex Scroxton, Security Editor
-
News
27 Oct 2023
How Elastic manages cyber security threats
Mandy Andress, CISO at Elastic, highlights the company’s approach to tackling evolving cyber threats through the use of AI tools and enhanced security measures while strengthening the capabilities of its security offerings Continue Reading
By- Aaron Tan, TechTarget
-
News
27 Oct 2023
Google launches bug bounties for generative AI attack scenarios
Google expands its bug bounty programme to encompass generative AI and takes steps to grow its commitment to supply chain security as it relates to the emerging technology Continue Reading
By- Alex Scroxton, Security Editor
-
News
27 Oct 2023
Germany: European Court opinion kicks questions over EncroChat back to national courts
Germany lawfully obtained data on German EncroChat users from France, but whether the evidence is legally admissible is a matter for national courts Continue Reading
By- Bill Goodwin, Computer Weekly
-
News
26 Oct 2023
ChatGPT, Bard, lack effective defences against fraudsters, Which? warns
Consumer advocacy Which? warns that popular generative AI tools are vulnerable to loopholes that render existing protections against malicious usage easily bypassed Continue Reading
By- Alex Scroxton, Security Editor
-
News
26 Oct 2023
Sunak sets scene for upcoming AI Safety Summit
Prime minister Rishi Sunak has outlined how the UK will approach making AI safe, but experts say there is still too big a focus on catastrophic but speculative risks over real harms the technology is already causing Continue Reading
By- Sebastian Klovig Skelton, Data & ethics editor
-
News
26 Oct 2023
Boardrooms losing control in generative AI takeover, says Kaspersky
C-suite executives are increasingly fretful about what they perceive as a ‘silent infiltration’ of generative AI tools across their organisations Continue Reading
By- Alex Scroxton, Security Editor
-
News
26 Oct 2023
Exploitation of Citrix NetScaler vulns reaching dangerous levels
Observed activity exploiting two new Citrix NetScaler vulnerabilities disclosed earlier this month is ramping up, and users may be running out of time to patch lest they be attacked Continue Reading
By- Alex Scroxton, Security Editor
-
News
25 Oct 2023
UK Finance paints mixed picture of fraud as losses top £500m
UK losses to fraud in the first six months of the year topped £500m, but a slight decline in overall crime rates was observed, according to UK Finance’s latest data Continue Reading
By- Alex Scroxton, Security Editor
-
News
25 Oct 2023
Demystifying the top five OT security myths
Goh Eng Choon, president of ST Engineering’s cyber business, outlines the common myths around OT security in a bid to raise awareness of the security challenges confronting OT systems Continue Reading
By- Aaron Tan, TechTarget
-
News
25 Oct 2023
1Password caught up in Okta support breach
After breaches at BeyondTrust and Cloudflare, 1Password, a third customer of Okta operating in the same space, has revealed that it too was impacted in a breach of the IAM house’s support systems Continue Reading
By- Alex Scroxton, Security Editor
-
Definition
25 Oct 2023
integrated risk management (IRM)
Integrated risk management (IRM) is a set of proactive, businesswide practices that contribute to an organization's security, risk tolerance profile and strategic decisions. Continue Reading
By- Nick Barney, Technology Writer
- Wesley Chai
-
News
24 Oct 2023
Cisco hackers likely taking steps to avoid identification
Cisco confirms that a drop in detections of devices compromised by two zero-days was likely the result of reactive measures taken by the threat actors to avoid discovery Continue Reading
By- Alex Scroxton, Security Editor
-
News
24 Oct 2023
Research team tricks AI chatbots into writing usable malicious code
Researchers at the University of Sheffield have demonstrated that so-called Text-to-SQL systems can be tricked into writing malicious code for use in cyber attacks Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
24 Oct 2023
The new data landscape: how will the new UK-US data bridge affect businesses?
With the UK-US data bridge coming into effect on 12 October 2023, find out what steps your organisation can take to take advantage of, and remain compliant with, the new framework Continue Reading
By- Charlie Bromley-Griffiths
-
News
24 Oct 2023
Kaspersky opens up over spyware campaign targeting its staffers
Kaspersky has shared more details of the TriangleDB spyware that was used against its own workforce by an unknown APT group Continue Reading
By- Alex Scroxton, Security Editor
-
News
24 Oct 2023
Customers speak out over Okta’s response to latest breach
Customers of identity specialist Okta have been attacked via a compromise of its systems, and are claiming Okta’s response leaves something to be desired Continue Reading
By- Alex Scroxton, Security Editor
-
News
24 Oct 2023
Suzy Lamplugh Trust treads path to improved cyber resilience
Personal safety charity enlists the support of the London Cyber Resilience Centre to improve staff awareness and strengthen its overall cyber resilience Continue Reading
By- Alex Scroxton, Security Editor