IT security
-
News
16 May 2025
No workaround leads to more pain for VMware users
There are patches for the latest batch of security alerts from Broadcom, but VMware users on perpetual licences may not have access Continue Reading
-
News
16 May 2025
Security tests reveal serious vulnerability in government’s One Login digital ID system
A ‘red teaming’ exercise to simulate cyber attacks on the government’s flagship digital identity system has found that One Login can be compromised without detection Continue Reading
-
News
23 Mar 2011
Budget 2011: UK public worried spending cuts will impact data security
A large proportion of the UK public is worried that government spending cuts will have a negative effect on data security, a survey has revealed. Continue Reading
-
Tip
23 Mar 2011
How to stop a DDoS attack after initiation
In this expert response, Nick Lewis explains how to stop a DDoS attack after it has been initiated. Continue Reading
-
Tip
22 Mar 2011
Shodan search engine for penetration tests: How-to
A very handy yet simple to use VA/PT tool, Shodan can be of great use to ethical hackers. Here’s a quick Shodan tutorial. Continue Reading
-
News
22 Mar 2011
What is OpenID? How to use OpenID SSO in your organisation
An OpenID SSO system allows organisations to simplify website user authentication management. But is OpenID security an issue? Expert Michael Cobb explains. Continue Reading
-
News
18 Mar 2011
RSA hit by advanced persistent threat attacks
RSA, the security division of EMC, has revealed that attackers have stolen information from the company's IT systems Continue Reading
-
News
17 Mar 2011
Twitter increases security with HTTPS encrypted tweets setting
Twitter has added a new profile setting to increase the level of security when accessing the mobile blogging site over an unsecured Wi-Fi connections. Continue Reading
-
News
17 Mar 2011
Ban threat looms for Blackberry services as India demand corporate data access
India could block Research in Motion (RIM) from 31 March 2011 after government officials expressed dissatisfaction with access to Blackberry services. Continue Reading
-
News
16 Mar 2011
Trusteer debuts no-software malware protection
Secure web access firm Trusteer has announced a web login and transaction monitoring service to detect malware without installing software. Continue Reading
-
News
16 Mar 2011
RIM urges Blackberry users to disable Javascript after web browsing vulnerability revealed
Research in Motion (RIM) is advising Blackberry smartphone users to disable Javascript to protect against a security vulnerability in its web browser. Continue Reading
-
News
15 Mar 2011
IT failures blamed for immigration system faults
IT failures have been blamed for failures of the points based immigration system in a National Audit Office (NAO) report. Continue Reading
-
News
15 Mar 2011
Adobe warns of zero-day vulnerability in Adobe Flash
Adobe has published a security advisory for a critical vulnerability in Adobe Flash that can be used to take control of an attacked machine. Continue Reading
-
Tip
15 Mar 2011
Top 7 anti rootkit software for Windows
It can be quite a tough task to kick out rootkits from infected Windows systems. Our list of top anti rootkit software will prove handy. Continue Reading
-
News
10 Mar 2011
Most organisations approach IAM in the wrong way, says Gartner
Most organisations are approaching identity and access management (IAM) in the wrong way, by planning deployments around technologies, says Gartner. Continue Reading
-
News
10 Mar 2011
Advanced persistent threats - are businesses prepared?
Businesses usually attain adequate levels of IT defences at the point that it becomes more cost effective for cyber criminals to target someone else. Continue Reading
-
News
09 Mar 2011
Industry calls on employers to say what security skills are needed
The National Skills Academy for IT is calling on employers to address the cyber security skills gap by sharing views on the most useful courses and qualifications. Continue Reading
-
Tip
09 Mar 2011
PCI DSS compliance checklist for virtualized environments
A comprehensive Payment Card Industry Data Security Standard (PCI DSS) compliance checklist for protection of cardholder data in virtual environments. Continue Reading
-
News
08 Mar 2011
Exclusive: Free software guru Richard Stallman on government IT and why he hates the cloud
The founding father of the free software movement tells Computer Weekly why government just doesn't "get it" Continue Reading
-
News
07 Mar 2011
France's G20 files target of cyber attack
France's files on the G20 meetings were the target of a cyber attack, the country's finance minister has confirmed. Continue Reading
-
News
07 Mar 2011
Western Digital bids $4.3 billion for Hitachi Global Storage Technologies
Western Digital has tabled a bid of $4.25m (£2.6bn) to acquire Hitachi Global Storage Technologies ending the Japanese HDD vendor's previous preparations for an IPO. Continue Reading
-
News
07 Mar 2011
HSBC uses token to secure smartphone banking
HSBC is sending four million online banking customers a security token which will enable them to log in to their online bank account wherever they are, without using a card reader. Continue Reading
-
News
07 Mar 2011
Malvertising, pop-up ad virus problems demand more user protection
A recent pop-up ad infection on the London Stock Exchange's website highlights the growing scourge of malicious advertising, or malvertising. Continue Reading
-
Tip
02 Mar 2011
Employee information awareness training: PCI policy templates
To comply with PCI DSS -- and keep cardholder data secure -- organisations must train their employees on data handling best practices. This tip explains how. Continue Reading
-
News
01 Mar 2011
Intel finalises £5bn acquisition of McAfee
Intel has confirmed the completion of its $7.7bn (£5bn) acquisition of security software giant McAfee. Continue Reading
-
E-Zine
01 Mar 2011
Data dedupe: A natural fit with backup
The Spring edition of Storage Europe featured articles and the lastest information on data deduplication, backup, and cloud technologies. Download it now for all this and more. Sponsored by: Hewlett-Packard Company, EMC and Dell Compellent. Continue Reading
-
Tip
01 Mar 2011
10 identity and access management (IAM) implementation mistakes
An overview of the common issues organizations overlook while deploying an identity and access management (IAM) solution. Continue Reading
-
News
25 Feb 2011
nullcon 2011 Day Zero: Photo feature
Botnet detection, fuzzing intricacies, Zeus MitMo, VoIP attacks, and more. nullcon Day Zero saw considerable action worth the capture. Continue Reading
-
News
24 Feb 2011
ISC releases security fix for Bind DoS vulnerability
The Internet Systems Consortium has published an advisory and an update for the Bind domain name system software versions 9.7.1 to 9.7.2-P3. Continue Reading
-
News
24 Feb 2011
Exxon, Shell, BP hacked in Night Dragon attacks
Exxon Mobil, Royal Dutch Shell and BP were among the oil companies targeted by hackers working through internet servers in China, say US reports. Continue Reading
-
News
24 Feb 2011
Microsoft fixes security flaw in malware protection engine
Microsoft has patched a flaw in its malware protection engine that could be exploited to gain control of victim's computer. Continue Reading
-
News
22 Feb 2011
Legacy kit and lack of skills hold back digital video surveillance
A huge legacy investment in analogue equipment and a lack of data integration skills are holding back more widespread adoption of fully digital video surveillance systems, according to research just published. Continue Reading
-
News
22 Feb 2011
Middle East governments stepping up internet control, study shows
The internet has proved to be a powerful tool for rallying social and political change, but Middle East governments have also recognised their capability to disrupt communications Continue Reading
-
Tutorial
22 Feb 2011
Information security tutorials
SearchSecurity.co.uk's tutorials offer a variety of online information security training courses you can take on your own time at your own pace specifically for UK readers. They are designed to arm you with the foundational and tactical information you need to deal with the increasingly challenging job of keeping your organization's information secure. Continue Reading
-
Tutorial
22 Feb 2011
Quick and dirty Wireshark tutorial
Wireshark has become a very useful tool for many infosec pros. This hands-on Wireshark tutorial will acquaint you with the network sniffer’s capabilities. Continue Reading
-
News
21 Feb 2011
RSA 2011: Microsoft promotes co-ordinated vulnerability disclosure
Software producers remain largely unresponsive to input from security researchers, according to Aaron Portnoy, manager of the security research team HP TippingPoint. Continue Reading
-
News
21 Feb 2011
RSA 2011: Top attacks business will face in 2011
Social networking will be the attacker platform of choice in 2011, says Ed Skoudis, founder and senior security consultant with InGuardians. Continue Reading
-
News
17 Feb 2011
New SMB vulnerability identified in Windows XP and Server 2003
A new SMB vulnerability discovered in Windows could open systems to DoS attacks and remote access. The vulnerability, tagged as CVE-2011-0654, has been rated "critical" and confirmed on Windows Server 2003 SP2 and Microsoft Windows XP SP3. Continue Reading
-
News
17 Feb 2011
RSA 2011: RSA, EMC and VMWare advise on defending against advanced persistent threats
Security leaders have outlined ways organisations can better defend against advanced persistent threats (APTs) in a paper published by RSA, the security division of EMC. Continue Reading
-
News
17 Feb 2011
Optus email rejects shortened URLs
Optus has adjusted its email security regime to repel incoming emails that use URLs shortened by services like bit.ly or TinyURL. Continue Reading
-
News
15 Feb 2011
RSA 2011: Cybersecurity leads conference with cloud security keynote
Cybersecurity is one of the key topics at the RSA Conference 2011 taking place this week in San Francisco. Continue Reading
-
News
14 Feb 2011
Dell rolls out services for enterprise mobility
Dell has introduced a portfolio of services to help businesses manage mobile devices and an increasingly mobile workforce. Continue Reading
-
News
11 Feb 2011
Mobile hacker attacks will damage business in 2011
Businesses cannot afford to ignore mobile hacking attacks as they are proving extremely lucrative over shorter periods, a study of mobile threats has found. Continue Reading
-
News
10 Feb 2011
ID card database is destroyed
The National Identity Register (NIR), which was built to hold the fingerprints and personal details of millions of ID card holders, has been publicly destroyed. Continue Reading
-
News
10 Feb 2011
IT departments are unable to support employee devices
Security concerns are holding companies back from allowing staff to use their own technology at work. Continue Reading
-
News
10 Feb 2011
Mobile workers practise lax security
More than half of Europeans practise unsafe networking when they work away from the office, according to research by German remote access experts NCP Engineering. Continue Reading
-
News
09 Feb 2011
Microsoft's February Patch Tuesday outlines five critical vulnerabilities
Microsoft has released 12 security bulletins addressing 22 vulnerabilities in its monthly security update for February Continue Reading
-
News
08 Feb 2011
Post Office faces legal action over alleged accounting system failures
More than 50 postmasters are planning legal action against the Post Office to reclaim money they paid to the Post Office after being accused of theft and false accounting. Continue Reading
-
News
08 Feb 2011
AXA in £150m settlement for software glitch
Financial services giant AXA will be forced to pay millions of pounds to clients after it emerged that errors in trading software were hidden by three of its subsidiaries, prompting bad performance in investment portfolios. Continue Reading
-
News
08 Feb 2011
Businesses must learn how to defend against cyberattack, says McAfee
Cybercrime has thrived over the past decade according to recent reports from security firm McAfee, but business can expect even more dramatic change in the next ten years, researchers say. Continue Reading
-
Photo Story
08 Feb 2011
Ten most dangerous places to offshore your IT
A report published by the Brown-Wilson Group details which locations are the most risky places to outsource. Continue Reading
-
E-Zine
01 Feb 2011
Handle with care: Calculating and managing risk is tricky business
Faced with an ever increasing bevy of sophisticated threats, information security risk managers have a difficult job. This edition of IT in Europe: Information Security e-zine assesses the reputation of risk management, considers the role of the CISO when sharing sensitive data with third parties, and ranks the global cyberthreat. Continue Reading
-
News
31 Jan 2011
Vodafone restores services to Egypt after mobile shutdown
Mobile operator, Vodafone, has restored mobile phone services in Egypt after a 24-hour shutdown. Continue Reading
-
News
28 Jan 2011
SMEs still lack data backup
Many small business lack data recovery plans, despite a recent uptake in cloud adoption, according to a survey. Continue Reading
-
Tip
28 Jan 2011
Seven social media security best practices
This tip aims to highlight seven crucial factors to be considered while devising a strategy for optimal social media security. Continue Reading
-
News
26 Jan 2011
Cybercriminals target data in transit
Cybercriminals are shifting away from basic "smash and grab" attacks targeting stored data to more complex methods of data harvesting in transit, security research reveals. Continue Reading
-
News
25 Jan 2011
Spam level dips
The recent decline in global spam was the result of a halt in the spam-sending activities of three botnets and unrest among pharmaceutical spam-sending gangs, Symantec's latest MessageLabs Intelligence Report has revealed. Continue Reading
-
News
25 Jan 2011
Smart meter and smart grids: security risk or opportunity?
A smart meter in every home in the UK by 2017 is the government plan as a first step towards a smart grid, but how can we ensure the benefits will outweigh the security risks? Continue Reading
-
News
21 Jan 2011
Parliament to debate cost-sharing element of Digital Economy Act
Secondary legislation on sharing the costs of the Digital Economy Act's measures to tackle online copyright infringement has been laid in Parliament. Continue Reading
-
News
21 Jan 2011
RBI guidelines focus on fortifying IT security by banks
RBI has issued security guidelines for the Indian banks that touch upon aspects such as IT governance, security, and cyber fraud. Continue Reading
-
News
19 Jan 2011
2010 IT security threats point to priorities for 2011, says Sophos
Cyber threats of 2010 highlight the top risks to business for 2011, including social media sites, whistleblowers, and hacktivists, warns security firm Sophos. Continue Reading
-
News
19 Jan 2011
More than 1,000 patient records lost on unencrypted laptop
A doctor is to be disciplined following the loss of 1,147 patient records on an unencrypted laptop. Continue Reading
-
Tip
18 Jan 2011
Top seven social media threats
Discover the top seven social media threats in the first of a two-part series on social media related security threats and preventive measures. Continue Reading
-
News
14 Jan 2011
Biometric authentication technology curbs microfinance org’s losses
Growing Opportunity implements biometric authentication technology to overcome financial losses resulting from duplicate loan applications. Continue Reading
-
News
12 Jan 2011
Microsoft January Patch Tuesday misses open security issues
Microsoft's January 2011 Patch Tuesday security update contains only two bulletins, but misses several open security issues. Continue Reading
-
News
12 Jan 2011
Government departments criticised over data sharing mistake
Three government agencies have been criticised over a data sharing mistake that led to the wrongful disclosure of a woman's personal and financial information. Continue Reading
-
Opinion
11 Jan 2011
Security Zone: The ISO/IEC 38500 IT Governance Standard
IT governance means different things to different folks, yet it is generally understood to require alignment with best practice standards and methodologies. However, it can be really hard to see the wood for the trees due to the multiple frameworks, all of which can be applicable for organisations to demonstrate good governance. Continue Reading
-
Tip
07 Jan 2011
10 security incident management best practices
Here’s a quick tip on the security incident management processes an organization should adopt to combat the current dynamic threat scenario. Continue Reading
-
News
07 Jan 2011
Microsoft to patch critical IE vulnerability to block ongoing attacks
Microsoft will issue two security bulletins, addressing a critical vulnerability affecting all versions of WIndows. Continue Reading
-
News
06 Jan 2011
Update: Who takes the blame for the Lloyds TSB duplicate payment error?
Over 200,000 people were affected by a glitch at Lloyds TSB, when an error with its merchant system duplicated payments on New Year's Eve. Jenny Williams investigates. Continue Reading
-
News
06 Jan 2011
$21m acquisition of Immunet takes Sourcefire to the cloud
Snort creator Sourcefire has announced the $21m (£13.5m) acquisition of cloud-based anti-malware technologies firm Immunet. Continue Reading
-
News
05 Jan 2011
BCS CEO David Clarke talks about the future of the IT industry
David Clarke, CEO of the chartered institute of computing the BCS, talks to Computer Weekly about being awarded an MBE, the future of the IT profession and tackling a membership revolt against his leadership last year. Continue Reading
-
News
22 Dec 2010
FTC clears £5bn Intel acquisition of McAfee
The Federal Trade Commission (FTC) in the US has approved Intel's $7.7bn (£5bn) acquisition of security software giant, McAfee. Continue Reading
-
News
01 Dec 2010
Phishing attack on Facebook leverages iframes
Popular social networking site, Facebook being used for phishing attacks and open redirects, claims Websense Security Labs. Continue Reading
-
News
23 Nov 2010
Martha Lane Fox calls for ‘revolution’ in online government services
Digital champion Martha Lane Fox has published a report calling for a centralised government internet address to replace 750 websites. In a review... Continue Reading
-
Tip
17 Nov 2010
How to use the Microsoft FCIV command-line checksum tool
Downloading files from the Internet always poses a risk, but there are strategies that can make the process more secure. In this tip, Michael Cobb explains how to use the Microsoft FCIV tool to check the hash values of downloaded files and create hashes and checksums of you own. Continue Reading
-
Podcast
16 Sep 2010
PODCAST: McAfee's endpoint chief on mobile internet security
Candace Worley, Senior Vice President and General Manager for Endpoint Security at McAfee explains how new endpoints like tablets and mobile phones are changing the requirements for internet security. Continue Reading
-
Answer
08 Sep 2010
Dynamic code analysis vs. static analysis source code testing
Managing vulnerabilities involves a wide array of security testing, including both dynamic and static source code analysis. Learn how the two differ, as well as how they are performed in this expert response. Continue Reading
-
Photo Story
30 Jul 2010
How to browse the web securely
Internet users need to be on their guard for rogue web sites, phishing attacks and security holes in web browsers. Jenny Williams offers some top tips on browsing safely and securely. Continue Reading
-
Photo Story
13 Jul 2010
Photos: MoD Taranis - unmanned combat aircraft
A prototype unmanned combat aircraft of the future, Taranis, has been unveiled by the MOD for the first time today. Named after the Celtic god of thunder, the concept demonstrator will test the possibility of developing the first ever autonomous stealthy Unmanned Combat Air Vehicle (UCAV) that would ultimately be capable of precisely striking targets at long range, even in another continent. Continue Reading
-
Tip
05 Apr 2010
Using resource allocation management to prevent DoS and other attacks
Resource allocation management is an effective way to prevent denial-of-service (DoS) and other attacks. Find out how to allocate resources in order to increase the security of your organisation. Continue Reading
-
News
24 Feb 2010
Chinook Mk2's safety-critical backup system was faulty
Software supplier EDS found so many anomalies in fuel-control software on the Chinook Mk2 helicopter that it became concerned that the Ministry of Defence and RAF would ignore the potential importance of each flaw because of the high volume of errors, a confidential report reveals. Continue Reading
-
News
22 Feb 2010
What was the 'dangerous' flaw in safety-critical Chinook system?
Defence contractor EDS - now part of HP - warned the Ministry of Defence that flaws in a Fadec safety-critical system fitted to the Chinook Mk2 helicopter could cause it to malfunction, months before a fatal crash on the Mull of Kintyre. Continue Reading
-
Feature
22 Feb 2010
EDS report on 'dangerous' Chinook software published for the first time
Computer Weekly is publishing, for the first time, a technical analysis of the software installed on the Chinook Mk2 helicopter, the Chinook model which featured in the RAF's worst peacetime crash. Continue Reading
-
News
12 Jan 2010
Senior airmen question safety of Chinook software
Three fellows of the Royal Aeronautical Society have questioned whether the Chinook Mk2, of the type which crashed on the Mull of Kintyre in 1994, was airworthy. Continue Reading
-
News
07 Jan 2010
MoD renews attack on dead Chinook pilots despite software flaw disclosures
The Ministry of Defence has renewed its attack on the dead pilots of Chinook ZD576, after the publication of documents that revealed a "dangerous" flaw in software installed on the type of helicopter that crashed. Continue Reading
-
News
05 Jan 2010
Chinook computer flaws - ex-ministers speak out
Former Defence ministers are calling for a new inquiry into the crash of Chinook 576, after new disclosures of a "positively dangerous" flaw in software...
Continue Reading -
News
04 Jan 2010
Chinook computer was 'positively dangerous' say newly-disclosed MoD documents
A computer flaw in the type of Chinook helicopter that crashed on the Mull of Kintyre, killing all 29 on board, was known to be "positively dangerous", according to military documents that have not been published until today. Continue Reading
-
Photo Story
10 Dec 2009
Ten IT Christmas wishes for business
The end of the year and the seasonal festivities are often a time for reflection. But what will CEOs be asking CIOs to give them for Christmas? Continue Reading
-
News
07 Dec 2009
NHS IT scheme to be scaled back
The Chancellor Alistair Darling and the Treasury are to scale back spending on the NHS's National Programme for IT. Continue Reading
-
Tip
02 Dec 2009
Best practices for (small) botnets
Your enterprise might have a strategy to deal with a large-scale botnet attack, but how would you deal with a micro-botnet that knows how to bypass antivirus and firewalls? Get botnet help with this expert advice. Continue Reading
-
Tip
26 Oct 2009
Develop a unified communication security plan
Here is a handy guide to help you develop a comprehensive unified communication (UC) security strategy which covers UC infrastructure and applications. Continue Reading
-
News
21 Oct 2009
Israel carves a niche in IT security
IT security, risk, governance, continuity and compliance technologies are fast becoming some of Israel's top exports.
Analysing and...
Continue Reading -
Tip
09 Sep 2009
How to use a netstat command in Windows to watch open ports
Mike Cobb shows how a simple command line tool can provide invaluable information about what's happening on your system Continue Reading
-
News
03 Sep 2009
Labour rejects review of Chinook crash
Defence Secretary, Bob Ainsworth, has ruled out ordering a new inquiry into the controversial Chinook crash, which left all 29 people on board dead, including... Continue Reading
-
News
02 Sep 2009
Tories commit to Chinook crash review
The Tories have made it party policy to appoint a senior judge to review a finding of gross negligence against the two deceased pilots of a Chinook Mk2 helicopter which crashed on the Mull of Kintyre in June 1994. Continue Reading
-
News
31 Jul 2009
Gary McKinnon loses case to avoid extradition, could face 60 years in jail
Hacker Gary McKinnon has failed in his last attempt to avoid extradition to the United States where he could face 60 years in prison. Continue Reading
-
News
16 Jun 2009
Air France Airbus pitot sensor linked to two fatal crashes
Faults similar to those on an Air France Airbus that crashed into the sea on 1 June were major factors in two little-noticed fatal losses of passenger... Continue Reading
-
News
04 Jun 2009
Chinook crash: critical internal memo on software flaws
Computer Weekly is publishing, in full for the first time, an MoD memo that is the clearest evidence yet that software problems made the helicopter unsafe to fly at the time of the accident. Continue Reading
-
Tip
03 Jun 2009
How to manage firewall testing using Nmap
Nmap includes many features that can be used to circumvent poorly implemented firewalls. Learn how the freely available tool can test your network devices. Continue Reading
-
Tip
05 May 2009
How to find credit card numbers and other sensitive data on your users' computers
If you worry that important and sensitive data like credit card numbers is lurking on your users' hard drives, read on to learn how to search for and corral this information. Continue Reading
-
Photo Story
30 Apr 2009
Infosec 2009: Catch up with this year's show in pictures
Infosec 2009: The story of this year's Infosec with annotated pictures, so if you weren't there, this is a great to get a flavour of the highlights. Continue Reading