IT security
-
News
18 Jul 2025
DWP accused of shielding AI deployments from public scrutiny
Amnesty International and Big Brother Watch say the Department for Work and Pensions’ ‘unchecked’ and opaque experimentation with AI in the UK’s social security system, which treats benefit claimants as automatically suspicious, is being shielded from public scrutiny Continue Reading
-
News
17 Jul 2025
European cyber cops target NoName057(16) DDoS network
A Europol operation has succeeded in disrupting a pro-Russian hacktivist network accused of conducting DDoS cyber attacks on targets in Ukraine and Europe Continue Reading
-
News
20 Jul 2011
(ISC)² publishes official guide to CSSLP
Information security body (ISC)² has published the only official guide to the Certified Secure Software Lifecycle Professional (CSSLP) certification. Continue Reading
-
News
20 Jul 2011
Data breach at York University highlights urgency of security checks, says ICO
The University of York's accidental breach of thousands of students' personal data points to a need for improved security checks, according to the Information Commissioner's Office. Continue Reading
-
Tip
20 Jul 2011
Nmap tutorial: Nmap scan examples for vulnerability discovery
Learn how to use Nmap, the free network scanner tool, to identify various network devices and interpret network data to uncover possible vulnerabilities. Continue Reading
-
News
19 Jul 2011
Microsoft offers bounty in hunt for Rustock spambot operators
A $250,000 reward is being offered to anyone who provides new information that results in the identification, arrest and criminal conviction of the cybercriminals behind the Rustock botnet. Continue Reading
-
News
13 Jul 2011
Managing iPads in enterprise networks
These days users expect to be able to use their iPads inside the business and as thousands of software vendors release applications for the iOS platform which provide data mobility and usability benefits to employees, the prospect of the iPad as a business device is becoming a forced reality. Continue Reading
-
Tip
13 Jul 2011
OCTAVE risk assessment method examined up close
The OCTAVE risk assessment method is unique in that it follows a self-directed approach to risk assessment. Leverage its strengths with this expert tip. Continue Reading
-
News
13 Jul 2011
Central government staff lack skills in IT
A significant proportion of civil servants lack skills in areas such as IT, a National Audit Office report has found. Continue Reading
-
Tip
13 Jul 2011
SAP security tutorial: Top 10 SAP security implementation steps
Implementing SAP software securely isn't only the job of SAP specialists; the entire IT department has a role to play. Learn the top ten steps to a secure SAP implementation. Continue Reading
-
Tip
12 Jul 2011
Metasploit tutorial part 1: Inside the Metasploit framework
In part one of our Metasploit tutorial, learn the framework’s basics, to use it for vulnerability scans and create a simple exploit on a target system. Continue Reading
-
News
12 Jul 2011
Cyber terrorism set to increase after al-Qaeda calls for more cyber attacks, says government
Cyber terrorism will become an increasing problem as the tools and techniques needed for cyber attacks become more widely available, according to a report on the government's new counter-terrorism strategy. Continue Reading
-
News
11 Jul 2011
Microsoft packs a lot into July’s four Patch Tuesday security updates
Microsoft is to release only four security updates in this month's Patch Tuesday security update, but these will cover 22 vulnerabilities in Windows and Office. Continue Reading
-
News
08 Jul 2011
Businesses understand social media risks but fail to take precautions, says survey
Businesses are using social media without taking adequate measures to monitor staff activity, which could open them up to security attacks and create compliance risks. Continue Reading
-
News
07 Jul 2011
FireControl project failed because of inadequate EADS contract, MPs told
The failure of the canned £469m FireControl project was due to an inadequate IT contract, MPs were told at a Public Accounts Committee (PAC). Continue Reading
-
News
07 Jul 2011
ICO calls on UK businesses to open their doors to audits and reduce data breaches
Private enterprises make up a third of data security breach claims, but despite this, many continue to resist the offer of an audit by the Information Commissioner's Office (ICO), according to the privacy watchdog's latest annual report. Continue Reading
-
News
06 Jul 2011
Network security case study: College’s NAC virtual appliance makes grade
Wellington College’s network security case study explains how a NAC virtualization appliance blocks malware and provides increased capacity on demand. Continue Reading
-
News
05 Jul 2011
ICO issues warning over NHS Data Protection Act breaches
Following five more NHS Data Protection Act violations, the Information Commissioner’s Office will redouble efforts to help NHS improve security. Continue Reading
-
News
04 Jul 2011
Hulu withdraws Facebook Connect feature after software glitch leaked users' data
US online video service Hulu has withdrawn its Facebook Connect integration because of security problems discovered soon after launch. Continue Reading
-
News
04 Jul 2011
Hacker group Anonymous steals user names and passwords in cyber attack on Apple
Hacker group Anonymous claims to have stolen 25 internal user names and passwords from Apple in the latest of a series of attacks on government and corporate websites around the world. Continue Reading
-
News
01 Jul 2011
Cyber criminals deploy TDL-4 virus to create indestructible botnet of 4.5m computers
Over 4.5 million computers around the world have been infected by the TDL-4 virus, creating an indestructible botnet. Continue Reading
-
News
30 Jun 2011
Apple fixes 39 bugs in Snow Leopard, preps for Lion release
Releases final non-security update - v10.6.8- for Snow Leopard OS, which fixes 39 flaws. More details inside. Continue Reading
-
News
30 Jun 2011
Japan earthquake and tsunami provides first real test of high-tech disaster recovery, says Microsoft
Japan's earthquake and tsunami that killed at least 15,000 people and left 11,000 missing in March 2011 was the first real test of disaster recovery and business continuity plans on a large scale in a high-tech country, according to Microsoft. Continue Reading
-
News
29 Jun 2011
Update software to reduce risk of cyber attack, top suppliers tell business
Businesses are unnecessarily exposing themselves to cyber attack simply by failing to update to the latest versions of the software they are running, according to Microsoft and Adobe. Continue Reading
-
News
27 Jun 2011
Lulz Security announces it is to disband following 50-day hacking spree 'cruise'
Lulz Security – a group of hackers claiming responsibility for hacking Sony and Nintendo and taking down the websites of the Serious Organised Crime Agency and the US Senate – has announced it is to disband. Continue Reading
-
News
23 Jun 2011
Cisco introduces AnyConnect to mobile devices
The benefits of enabling your workforce with mobile access to enterprise applications, regardless of whether those applications are in the cloud or in the corporate data centre, are clearly recognised. The ease of providing secure remote access to employees, and the ability to maintain corporate data security policies is, however, not simple. Continue Reading
-
News
23 Jun 2011
Tesco Bank customers remain locked out of accounts following migration glitch
Tesco Bank customers are still unable to log into accounts following a migration glitch. Continue Reading
-
News
22 Jun 2011
McAfee releases Android end point security solution
McAfee have announced McAfee Mobile Security software, available for both smartphones and tablets, which according to a recent press release provides a comprehensive mobile security solution by combining three leading McAfee mobile security products: WaveSecure, VirusScan Mobile and SiteAdvisor® for Android. Continue Reading
-
News
22 Jun 2011
European Commission gives green light to CSC acquisition of beleaguered iSoft
The European Commission (EC) has approved CSC's acquisition of healthcare software maker iSoft. Continue Reading
-
News
22 Jun 2011
Mozilla releases final version of Firefox 5 for download
Mozilla has released a fifth version of its web browser, Firefox, available to download for Windows, Mac, Linux and Android. Continue Reading
-
News
22 Jun 2011
Security awareness tips: Making programmes more effective
Several information security pros, via LinkedIn, share their best security awareness tips with SearchSecurity.co.UK. Continue Reading
-
Tip
21 Jun 2011
Top incident response steps: Incident response team responsibilities
Do you know the proper incident response steps to handle a breach? Expert Davy Winder covers how to manage incident response team responsibilities. Continue Reading
-
Feature
20 Jun 2011
How to combat advanced persistent threats: APT strategies to protect your organisation
Simple defence strategies will go a long way to preparing businesses for APTs Continue Reading
-
News
17 Jun 2011
Demystifying IT Rules 2011: What it means for you
The first of a two-part series on the IT Rules 2011 notification under IT Act 2000, looking into its stipulations and their implications for businesses. Continue Reading
-
News
17 Jun 2011
Chinese software flaw makes infrastructure vulnerable, warns report
China's public infrastructure is vulnerable to cyber attack because of vulnerabilities in software used to run weapons systems, utilities and chemical plants, according to Reuters. Continue Reading
-
News
16 Jun 2011
NHS pays £200m advance to CSC as contract renegotiation nears conclusion
The NHS has paid £200m to troubled supplier CSC as an advance while awaiting the conclusion of discussions on amendments to the controversial deal. Continue Reading
-
Tip
15 Jun 2011
Leveraging ISO 27005 standard’s risk assessment capabilities
In this first of a series of articles on risk assessment standards, we look at the latest in the ISO stable; ISO 27005’s risk assessment capabilities. Continue Reading
-
News
15 Jun 2011
Government to create market for personal identity data
The government is preparing to create a marketplace for citizens' personal data to be used for accessing online public services, according to documents that were issued to industry in preparation for the coalition's next-generation identity scheme. Continue Reading
-
News
13 Jun 2011
Busy Patch Tuesday sees 16 Microsoft fixes coincide with Adobe security update release
IT administrators will find their hands full this month with Microsoft planning 16 security updates to fix 34 vulnerabilities on the same day as security updates from Adobe. Continue Reading
-
News
10 Jun 2011
Former T-Mobile employees ordered to pay nearly £80,000 for data theft
The Chester Crown Court has ordered two former employees of UK mobile operator T-Mobile to pay a total of £73,700 after stealing and selling customer data from the company in 2008. Continue Reading
-
News
09 Jun 2011
Nessus Android application extends vulnerability scanner’s mobile reach
Free Android app for Nessus Vulnerability scanner released by developers, Tenable Network Security Inc; extends Nessus’s existing support for iOS devices. Continue Reading
-
News
07 Jun 2011
Adobe patches Flash to fix zero-day XSS vulnerability
‘Important’ cross-site scripting vulnerability in Flash Player on all platforms mitigated to combat zero-day attacks in the wild. Continue Reading
-
News
07 Jun 2011
UK government to propose national website blocking list
The UK government is considering setting up a national blocking list of violent and unlawful websites in plans to tackle radicalisation to be unveiled by Home Secretary Theresa May. Continue Reading
-
News
03 Jun 2011
Hacker group Anonymous steals 10,000 Iranian government e-mails
Hacking group Anonymous has hacked into Iranian government servers and stolen more than 10,000 e-mail messages from the Ministry of Foreign Affairs, say US reports. Continue Reading
-
News
02 Jun 2011
E-mail accounts of senior US officials targeted in Chinese hack attack
Chinese hackers have accessed the accounts of hundreds of Gmail users, including senior US officials, Chinese political activists, military personnel, journalists and officials in several Asian countries, Google has said. Continue Reading
-
News
01 Jun 2011
World IPv6 Day coming June 8 - what should you be doing?
On 8 June, 2011, a number of large networks will offer their content over IPv6 for a 24-hour “test flight”. Continue Reading
-
Tip
01 Jun 2011
Four handy botnet detection techniques and tools: A tutorial
This tutorial will help you determine the right techniques and tools for effective botnet detection. Continue Reading
-
News
31 May 2011
Case study: Invensys saves £546,000 with SMS tokens for 150,000 users
Engineering firm Invensys is embarking on a global roll-out of software-based tokens from SecurEnvoy to replace physical token-based authentication. Continue Reading
-
News
27 May 2011
DWP prepares alternative to identity cards for Universal Credit
The Department for Work and Pensions (DWP) is grooming a British tech start-up to play a key role in its £2bn Universal Credit benefits system. Continue Reading
-
News
26 May 2011
Cross-site scripting attack on Hotmail highlights personal e-mail risk to business
A vulnerability in the Hotmail site has enabled hackers to steal an unknown number of messages from users' accounts, according to security firm Trend Micro. Continue Reading
-
Photo Story
26 May 2011
The computers that won the war: Bletchley Park's codebreaking equipment is rebuilt
The Tunny Gallery, opened at The National Museum of Computing at Bletchley Park on 26 May 2011, tells the incredible story of the interception and decryption of German High Command radio teleprinter messages during World War Two. Continue Reading
-
News
25 May 2011
Apple issues Max OS X update to remove fake AV MacDefender malware
Apple is to release a Mac OS X update to tackle fake antivirus software or "scareware" known as MacDefender, MacSecurity and MacProtector. Continue Reading
-
News
25 May 2011
Virtual desktop benefits include tighter security, hot desking
With the help of hot desking and other virtualisation technologies, the Basildon Borough Council was able to centralise its security administration and reduce its number of desks by more than 30%. Continue Reading
-
Tip
24 May 2011
Three automated penetration testing tools for your arsenal
Automated penetration testing tools provide effective exploit libraries and processes to detect network, as well as application vulnerabilities. Our picks. Continue Reading
-
News
18 May 2011
Future of NHS National Programme for IT in critical condition following NAO report
The remaining NHS National Programme for IT could be scrapped entirely, as the project's aim to deliver electronic records for every patient has fallen far below expectations, according to a National Audit Office report. Continue Reading
-
News
17 May 2011
Government vigilance steps up after George Osborne reveals extent of cyber attacks
Security experts have called for UK government departments to be vigilant after chancellor George Osborne revealed that 20,000 e-mails are sent by hostile intelligence agencies to the UK government each month. Continue Reading
-
Tip
13 May 2011
VA/PT technical report writing best practices for pen testers
A good technical report is indispensible to vulnerability analysis/penetration testing (VA/PT) exercises. Guidelines on how to write concise VA/PT reports. Continue Reading
-
News
12 May 2011
Analysis: Will Android dominance increase IT security threats for business?
The Android Market is forecast to become the world's biggest mobile content platform by August 2011, according to research by mobile application research firm Distimo. Continue Reading
-
News
10 May 2011
New ICO guidance issued on EU cookie law
The Information Commissioner's Office has released practical guidance for companies to comply with the new EU cookie law. Continue Reading
-
News
06 May 2011
Hackers plan third attack on Sony
Hackers are planning a third attack on Sony in retaliation for its handling of the PlayStation Network and Online Entertainment services data breaches, according to US reports. Continue Reading
-
News
05 May 2011
What cloud risks should business consider after Amazon's EC2 outage?
Amazon's recent outage has raised questions over the reliability of cloud services. If Amazon, with its global reach, cannot get IT right, how can CIOs expect other operators to cope? Jenny Williams investigates. Continue Reading
-
Photo Story
05 May 2011
Oracle JDeveloper review
Tim Anderson finds that Oracle's home-grown tool for Java development, JDeveloper, may have a traditional feel, but its smart editor and productivity tools make it particularly useful if you are working with the powerful Oracle ADF. Continue Reading
-
Tip
04 May 2011
Demystifying wardriving: An overview
With companies like Google being criticized for wardriving, this tip aims at decoding the concept and the associated legal implications. Continue Reading
-
News
29 Apr 2011
Store dealing with dishonest employees uses internal theft prevention software
A London-based sushi chain expects to save almost £1 million this year with the help of new fraud-detection software. Continue Reading
-
News
27 Apr 2011
HSBC Insurance works with IBM to solve Solvency II
HSBC Insurance in the UK is using IBM Global Services to support its European Solvency... Continue Reading
-
News
20 Apr 2011
Infosec 2011: APT attacks a real threat to business, says security panel
Advanced Persistent Threats are a reality and cannot be dismissed as a myth or media hype, according to a panel of experts debating the top threats at Infosecurity Europe 2011 in London. Continue Reading
-
News
20 Apr 2011
Shutting down a botnet, US Government disables Coreflood
Coreflood, a botnet almost ten years old, has been taken down by the FBI and US Department of Justice by obtaining permission to hijack the command and control servers and send a 'stop' command to infected PCs. Is this overstepping the privacy line? Continue Reading
-
News
19 Apr 2011
Infosec 2011: Cisco announces new tools for securing the mobile enterprise
Cisco has introduced new security products to its Borderless Networks portfolio to help IT departments manage mobile devices, changing workforce habits and the impact of video on the network. Continue Reading
-
Tip
19 Apr 2011
Secure SDLC best practices
While focus on technicalities is a given during the SDLC, this tip explains how to secure the SDLC, from the analysis phase right through to deployment. Continue Reading
-
News
18 Apr 2011
Growth of NFC to drive overhaul of Chip and PIN equipment
The growth of near-field communication (NFC) in the UK will drive the replacement of retailers' Chip and PIN point of sale (PoS) equipment, according to an analyst. Continue Reading
-
News
13 Apr 2011
Building an Olympics network
Preparation is clearly the key to Olympic success, as players on 27 July 2012 will see years of finely honed practice condensed into one gruelling fortnight Continue Reading
-
News
13 Apr 2011
Infosec 2011: Charity sector shows the way to balance budget and security
Tackling security project by project is an effective way of securing data on a limited budget, says Matt Holland, head of information security at children's charity NSPCC. Continue Reading
-
News
12 Apr 2011
Infosec 2011: Compliance the biggest security juggernaut, says security expert
The biggest security compliance juggernaut for businesses is concentrating on achieving compliance rather than changing they way they work, says Des Ward, president of the Cloud Security Alliance UK and Ireland chapter. Continue Reading
-
News
11 Apr 2011
Manageability issues impede adoption of virtualisation
Virtual infrastructure management challenges are hindering the adoption of virtualisation within businesses, according to research. Continue Reading
-
Tip
11 Apr 2011
Identity and access management (IAM) program implementation guidelines
The first part of this identity and access management (IAM) program guide details how to optimally structure the implementation’s foundation. Continue Reading
-
News
08 Apr 2011
Motivated, information security policye-aware employees are the best defence
Keeping employees motivated is the best way to ensure you have satisfied customers, and if it is an employee's responsibility to keep the customers happy,...
Continue Reading -
News
08 Apr 2011
Admins face huge April Patch Tuesday security update from Microsoft
Microsoft has announced that it will release 17 security bulletins to address 64 vulnerabilities Continue Reading
-
Photo Story
08 Apr 2011
In 1966 England won the World Cup and Computer Weekly launched the world's first weekly IT newspaper
After 45 years in print, Computer Weekly, the award-winning title for senior IT decision-makers, is to become a 100% online publication. Here is a celebration of 45 years in print. Continue Reading
-
News
08 Apr 2011
After breach at RSA, two-factor authentication options abound
Companies specialising in two-factor authentication hope to boost business following the breach of RSA's SecurID, and many plan to capitalise with new products at Infosecurity Europe. Continue Reading
-
News
07 Apr 2011
Sophisticated cyber thieves behind Epsilon data breach, says parent company
US marketing firm Epsilon was hit by one of the biggest data thefts to date, the work of highly sophisticated cyber thieves, says parent company Alliance... Continue Reading
-
Tip
06 Apr 2011
Botnet detection through DNS behavior and clustering analysis
Botnets are fast emerging as one of the most serious threats to Internet security today. This expert tip looks at how botnets can be detected analyzing their unique fast flux characteristics. Continue Reading
-
News
05 Apr 2011
Sex offence technology helps business avoid legal liability
Technology that cross references image hash codes against child sexual abuse material will help businesses avoid legal liability. Continue Reading
-
News
05 Apr 2011
City of York falls foul of data protection act following printer mix-up
The City of York Council has fallen foul of the Data Protection Act after having accidentally disclosed personal data following a printer mix-up. Continue Reading
-
News
04 Apr 2011
RSA discloses phishing-attack data breach details
RSA, the security division of EMC, has revealed the firm's data breach in mid March was the result of a spear phishing attack. The spear phishing attack exploited an Adobe Flash vulnerability that was unpatched at the time. Continue Reading
-
Feature
01 Apr 2011
Secure your SCADA architecture by separating networks
Many critical national infrastructure systems include supervisory control and data acquisition (SCADA) functionality. These systems can be viewed as the set of software, computers and networks that provide remote co-ordination of controls systems for tangible infrastructures such as power generation systems, chemical plants, manufacturing equipment and transportation systems Continue Reading
-
News
31 Mar 2011
Microsoft publishes report on its Security Development Lifecycle
Microsoft has published a new report that outlines nine years of progress in developing, improving and sharing the Security Development Lifecycle (SDL) process. Continue Reading
-
News
30 Mar 2011
Two-factor authentication alternatives
Worried by the breach at RSA? Here are some two-factor authentication alternatives to consider. Continue Reading
-
Tip
30 Mar 2011
Advanced Wireshark tutorial: Packet and network security analysis
This Wireshark tutorial will familiarize you with Wireshark’s advanced features, such as analyzing packets and undertaking packet level security analysis. Continue Reading
-
News
29 Mar 2011
Open Group launches guide to boost ISO 27005 efforts
A new guide from the Open Group is designed to help organisations meet ISO 27005 standards, but some risk management professionals feel it may not be so effective. Continue Reading
-
News
28 Mar 2011
Spotify hit by malicious ads
Spotify, the popular streaming music service, has been displaying malicious advertisements to users of its Free version. Continue Reading
-
News
28 Mar 2011
Businesses spend over £600k a week on data security abroad
Companies are spending up to £624,000 a week to secure their most sensitive business data abroad, a study has revealed. Continue Reading
-
News
25 Mar 2011
Hackers steal member email details from TripAdvisor site
A number of TripAdvisor members may receive spam after hackers stole email details from the travel website. Continue Reading
-
Tip
25 Mar 2011
Mature data loss prevention: 8 questions to ask your vendor
To determine if a data loss prevention (DLP) solution truly meet your organization’s needs, there are certain clarifications you always require. Continue Reading
-
News
23 Mar 2011
SAP combines GRC and BI in new platform
SAP has launched a new governance, risk and compliance platform that combines and integrates existing GRC and business intelligence technologies. Continue Reading
-
News
23 Mar 2011
Budget 2011: UK public worried spending cuts will impact data security
A large proportion of the UK public is worried that government spending cuts will have a negative effect on data security, a survey has revealed. Continue Reading
-
Tip
23 Mar 2011
How to stop a DDoS attack after initiation
In this expert response, Nick Lewis explains how to stop a DDoS attack after it has been initiated. Continue Reading
-
Tip
22 Mar 2011
Shodan search engine for penetration tests: How-to
A very handy yet simple to use VA/PT tool, Shodan can be of great use to ethical hackers. Here’s a quick Shodan tutorial. Continue Reading
-
News
22 Mar 2011
What is OpenID? How to use OpenID SSO in your organisation
An OpenID SSO system allows organisations to simplify website user authentication management. But is OpenID security an issue? Expert Michael Cobb explains. Continue Reading
-
News
18 Mar 2011
RSA hit by advanced persistent threat attacks
RSA, the security division of EMC, has revealed that attackers have stolen information from the company's IT systems Continue Reading
-
News
17 Mar 2011
Twitter increases security with HTTPS encrypted tweets setting
Twitter has added a new profile setting to increase the level of security when accessing the mobile blogging site over an unsecured Wi-Fi connections. Continue Reading
-
News
17 Mar 2011
Ban threat looms for Blackberry services as India demand corporate data access
India could block Research in Motion (RIM) from 31 March 2011 after government officials expressed dissatisfaction with access to Blackberry services. Continue Reading
-
News
16 Mar 2011
Trusteer debuts no-software malware protection
Secure web access firm Trusteer has announced a web login and transaction monitoring service to detect malware without installing software. Continue Reading