IT security
-
News
30 Apr 2025
Current SaaS delivery model a risk management nightmare, says CISO
JPMorgan Chase security chief Patrick Opet laments the state of SaaS security in an open letter to the industry and calls on software providers to do more to enhance resilience Continue Reading
-
News
30 Apr 2025
Co-op shuts off IT systems to contain cyber attack
A developing cyber incident at Co-op has forced the retailer to pull the plug on some of its IT systems as it works to contain the attack Continue Reading
-
News
19 Jan 2023
Fraudsters and cyber criminals stole more than £4bn in the UK through 2022
The amount of money stolen by fraudsters and cybercriminals in the UK saw a huge increase in 2022 Continue Reading
-
News
19 Jan 2023
Mailchimp suffers third breach in 12 months
Email marketing service Mailchimp has suffered its third data breach in a year, but has been praised for being open about its latest attack Continue Reading
-
News
19 Jan 2023
Newham Council rejects use of live facial-recognition tech by police
Live facial-recognition technology should not be used by police in Newham until biometric and anti-discrimination safeguards are in place, according to a motion passed unanimously by the council, but the Met Police and the Home Office have indicated they will not suspend its use Continue Reading
-
News
19 Jan 2023
Outdated IT infrastructure poses growing risk to UK Security Vetting
Delays to UKSV’s important work in safeguarding the country’s national security are in part down to a legacy IT estate in dire need of modernisation, says the NAO Continue Reading
-
News
18 Jan 2023
Ukraine CERT leaders touch down in London for talks
The UK’s NCSC has been hosting Ukrainian cyber security leaders for a round of bilateral talks on improving resilience Continue Reading
-
News
18 Jan 2023
David Anderson KC to review UK surveillance laws
Home Office commissions independent review of the Investigatory Powers Act, known as the snoopers’ charter. It will include a review of bulk datasets and government access to internet connection records held by phone and internet companies Continue Reading
-
News
18 Jan 2023
Oracle and CBI: companies cautious, selective in 2023 IT, business investment
Oracle and the CBI are seeing much the same picture of cautious technology investment of UK businesses in 2023, in the context of long Covid and the energy price inflation crisis Continue Reading
-
News
18 Jan 2023
Ukraine cyber teams responded to more than 2,000 attacks in 2022
The Ukrainian authorities responded to more than 2,000 major cyber incidents during 2022, and are blocking thousands more potential attacks every day Continue Reading
-
News
17 Jan 2023
Cloudflare urged to clamp down on pirates, counterfeiters
A whitepaper produced by brand protection specialist Corsearch calls on Cloudflare to do more to stop online content piracy and sales of counterfeit goods Continue Reading
-
News
17 Jan 2023
Crest throws support behind CyberUp CMA reform campaign
Cyber accreditation association Crest International has lent its support to the CyberUp campaign for reform to the Computer Misuse Act of 1990 Continue Reading
-
News
17 Jan 2023
Royal Mail promises ‘workarounds’ to restore services after ransomware attack
Royal Mail CEO Simon Thompson apologises to customers whose businesses are being disrupted by a ransomware attack and promises a ‘workaround’ will be in place in the near future Continue Reading
-
News
16 Jan 2023
The Security Interviews: Protecting your digital self
Our digital self – the virtual presence of who we are online – has a pervasive influence in the real world. People make judgements based on these digital depictions, so what can be done to ensure positive representation? Continue Reading
-
E-Zine
16 Jan 2023
CW EMEA: Protecting the privacy of schoolchildren
In this month’s CW EMEA, we look at how schools in Germany have stopped using Microsoft Office 365 over lack of clarity over how data is collected, shared and used. We also delve into how former UK spy boss Richard Dearlove leaked names of MI6 secret agent recruiters in China to back an aggressive right-wing US campaign against tech company Huawei. Read the issue now. Continue Reading
-
News
15 Jan 2023
Thai enterprises spend more on software amid growing digitalisation
The majority of software spending in Thailand during the first half of 2022 went into applications followed by infrastructure software and development tools, according to IDC Continue Reading
-
News
14 Jan 2023
Experts concerned over silence around government obligation to review UK surveillance laws
The government is required to review the UK’s surveillance law, the Investigatory Powers Act, but experts say they are in the dark about its plans. The National Crime Agency’s operation Venetic has highlighted the need for urgent reforms Continue Reading
-
News
13 Jan 2023
Cabinet Office looks to expand public data sharing for digital ID
Cabinet Office seeks feedback on proposed legislation to enhance data sharing across the public sector, in support of the UK government’s ambition to have a single sign-on identity-check system for all public services Continue Reading
-
Blog Post
13 Jan 2023
AI 2023 and beyond
Artificial intelligence (AI) is set to become part of the boardroom agenda as organisations look at how they can shave off more from operational costs and work out how they can grow the business ... Continue Reading
-
News
13 Jan 2023
LockBit cartel suspected of Royal Mail cyber attack
The still-developing cyber incident at Royal Mail may be the work of the infamous LockBit ransomware operation Continue Reading
-
Blog Post
13 Jan 2023
Alibaba: Generative AI among top tech trends in 2023
Alibaba’s research arm Damo Academy has recently published a list of top trends that are likely to shape the technology landscape this year. Chief among them is the rise of generative AI, which ... Continue Reading
-
News
12 Jan 2023
Companies warned to step up cyber security to become ‘insurable’
Investing in better IT security to protect against cyber crime will make businesses more resilient against other risks Continue Reading
-
News
12 Jan 2023
UK government completes trials of age estimation technology
Government-led trials of age estimation and verification technologies for the sale of alcohol in nightlife venues and supermarkets have been completed, with both government and retail lobbyists pushing for legislation that would allow retailers to adopt the tools for alcohol sales Continue Reading
-
News
12 Jan 2023
Chrome vulnerability could have led to widespread data theft
A dangerous vulnerability in Google Chrome and Chromium-based browsers could have put billions of users’ files at risk of being stolen Continue Reading
-
Opinion
12 Jan 2023
Europe’s cyber security strategy must be clear about open source
Europe’s cyber security policy on open source is lagging behind the US, and despite growing government awareness of the issues, that poses a problem Continue Reading
-
News
12 Jan 2023
Cloudflare completes SASE offer with Magic WAN Connector
Software-defined wide-area network functionality released by online application acceleration and infrastructure provider Cloudflare to complete single-supplier secure access service edge offering Continue Reading
-
News
12 Jan 2023
Guardian confirms Christmas 2022 cyber attack was ransomware
Guardian Media Group bosses confirm the 20 December cyber attack that left staff locked out of its London office and disrupted several key systems was an untargeted ransomware attack Continue Reading
-
News
11 Jan 2023
Royal Mail services hit by major cyber attack
UK postal service Royal Mail is asking customers not to send any overseas letters or parcels while it deals with the impact of an ongoing cyber attack Continue Reading
-
News
11 Jan 2023
Should we be worried about malicious use of AI language models?
WithSecure research into GPT-3 language models, used by the likes of ChatGPT, surfaces concerning findings about how easy it is to use large language models for malicious purposes. Should security teams be concerned? Continue Reading
-
News
11 Jan 2023
Internet shutdowns cost global economy $24bn in 2022
Deliberate disruption of people’s access to the internet by governments is having a substantial economic impact and contributing to a range of human rights abuses, primarily against protestors Continue Reading
-
News
11 Jan 2023
Microsoft fixes EoP zero-day on January Patch Tuesday
On the first Patch Tuesday of 2023, Microsoft fixed an elevation of privilege vulnerability in Windows Advanced Local Procedure Call, which has been actively exploited in the wild and may be co-opted into ransomware campaigns Continue Reading
-
News
11 Jan 2023
NHS data platform costing £480m to supersede Covid-19 data store underway
NHS England has invited suppliers to tender for a data platform that will supersede the Covid-19 data store controversial for the involvement of data analytics firm Palantir Continue Reading
-
News
11 Jan 2023
Davos 2023: Pervasive cyber crime and cyber security gaps pose severe risk to organisations
Governments and organisations face tough trade-offs as they balance immediate problems caused by economic recession, energy shortages and rising interest rates with longer-term risks, including the impact of global warming Continue Reading
-
News
11 Jan 2023
What’s happening with quantum-safe cryptography?
Chinese researchers claim quantum technology is reaching a point where a quantum device will soon be able to crack RSA 2048 public key encryption Continue Reading
-
News
10 Jan 2023
New APT group targets ASEAN governments and militaries
The Dark Pink advanced persistent threat group used custom malware to exfiltrate data from high-profile targets through spear-phishing emails last year, according to Group-IB Continue Reading
-
News
10 Jan 2023
Insurer Beazley introduces catastrophe bond to ease cyber risk
Insurance company Beazley says that its $45m cyber catastrophe bond will help to protect its balance sheet and enable it to offer more cyber insurance cover Continue Reading
-
News
09 Jan 2023
JPMorgan ordered to face lawsuit over cyber attack on Ray-Ban maker
US banking giant JPMorgan forced to respond to accusations that it failed to inform a business customer about suspicious transactions Continue Reading
-
News
08 Jan 2023
Vulnerable organisations to get free Cyber Essentials support
Charities and legal aid firms are among those to be offered free security checks and certifications from the National Cyber Security Centre Continue Reading
-
News
06 Jan 2023
Proposed digital fraud refund rules risk excluding many victims
Proposals to establish a fraud refund mechanism in the UK risk excluding many victims of digitally enabled fraud, a major bank has warned Continue Reading
-
News
06 Jan 2023
Russia’s Turla falls back on old malware C2 domains to avoid detection
Mandiant says it has observed the Russian APT UNC2410, also known as Turla, re-registering expired or sinkholed domains previously used by financially motivated cyber criminals Continue Reading
-
News
06 Jan 2023
Vice Society cyber gang targeted multiple UK schools
The Vice Society ransomware gang has made a habit of attacking educational institutions, and now appears to have struck multiple schools, colleges and universities in the UK Continue Reading
-
News
06 Jan 2023
Meta to appeal £345m fine for Facebook and Instagram privacy breaches
Social media company Meta is to appeal after the Irish Data Protection Commission fined the company for breaching GDPR Continue Reading
-
News
05 Jan 2023
Cyber gang abused free trials to exploit public cloud CPU resources
A South Africa-based cyber crime gang exploited free trials and introductory offers to run cryptominers via public cloud services, then did a runner without paying Continue Reading
-
News
05 Jan 2023
Warning over ransomware attacks spreading via Fortinet kit
Following the disclosure of a critical vulnerability in October 2022, Fortinet VPN devices were exploited in two known ransomware attacks, with access likely sold on the dark web Continue Reading
-
News
05 Jan 2023
Fallout from Guardian cyber attack to last at least a month
The Guardian newspaper’s offices remained shut into the New Year following a supposed ransomware attack, with disruption likely to last some time Continue Reading
-
News
05 Jan 2023
Cashless Denmark has no bank robberies in a year for first time
Denmark saw no bank robberies in a single year for the first time ever, but online fraud continues to increase Continue Reading
-
Feature
05 Jan 2023
Securing low Earth orbit represents the new space race
The barriers to launching satellites into low Earth orbit are falling fast, and that brings new cyber security challenges Continue Reading
-
News
03 Jan 2023
Test of digital ID tech at Surrey nightclub proclaimed success
The majority of visitors to a Camberley venue who piloted a digital identification app developed by 1account said they found it easy to use and preferred it to standard physical ID Continue Reading
-
News
02 Jan 2023
China and India governments among top targets for cyber attackers
Chinese and Indian governments targeted by hacktivists and ransomware groups out to make statement or expose flaws in their respective security postures Continue Reading
-
Feature
29 Dec 2022
Cyber security professionals share their biggest lessons of 2022
In the run-up to 2023, cyber security professionals are taking the time to reflect on the past few months and share their biggest lessons of 2022 Continue Reading
-
News
29 Dec 2022
Top 10 technology and ethics stories of 2022
Here are Computer Weekly’s top 10 technology and ethics stories of 2022 Continue Reading
-
Opinion
29 Dec 2022
How does red teaming test the ultimate limits of cyber security?
An expert ethical hacker reveals how he goes about carrying out a red team exercise Continue Reading
-
Opinion
28 Dec 2022
Why the current fraud model is broken, and how to fix it
Scammers and fraudsters are catching up with the good guys; a new technological approach is needed to fight skyrocketing volumes of digital fraud, says Darwinium founder Alisdair Faulkner Continue Reading
-
News
28 Dec 2022
Complaints that NCA failed in duty of candour over EncroChat warrants ‘incredible’, court hears
NCA lawyers argue that a decision by an NCA intelligence officer to disclose notes of a key meeting after two-and-a-half years boosts her credibility as a witness Continue Reading
-
News
27 Dec 2022
Top 10 ASEAN IT stories of 2022
Despite the challenges over the past year, ASEAN businesses have taken things in stride as they press on with digital transformation, whether it is empowering citizen developers or building cloud-native applications Continue Reading
-
News
22 Dec 2022
Top 10 India IT stories of 2022
We recap the top 10 stories in India, including the digitisation work undertaken by global firms in the country and the progress made by local enterprises in harnessing technology Continue Reading
-
News
22 Dec 2022
NCA ‘wrong-footed’ defence lawyers after agreeing to take expert evidence on EncroChat ‘as read’
The National Crime Agency argued at the Investigatory Powers Tribunal that expert evidence it agreed to ‘take as read’ is limited, flawed and often based on an incorrect interpretation of the law Continue Reading
-
News
22 Dec 2022
Mitiga researchers disclose AWS Elastic IP hijacking vulnerability
Cloud incident response supplier Mitiga has said a new AWS feature has led to a vulnerability that could allow hackers to access and steal Elastic IP addresses and gain control over AWS accounts Continue Reading
-
News
22 Dec 2022
Top 10 cyber security stories of 2022
The war in Ukraine loomed large over the cyber security news agenda, but 2022 also saw growing awareness of open source security, discussion around cyber insurance, and more besides Continue Reading
-
News
22 Dec 2022
Top 10 crime, national security and law stories of 2022
Here are Computer Weekly’s top 10 crime, national security and law stories of 2022 Continue Reading
-
News
22 Dec 2022
Top 10 cyber crime stories of 2022
Cyber crime continued to hit the headlines in 2022, with impactful cyber attacks abounding, digitally enabled fraud ever more widespread and plenty of ransomware incidents Continue Reading
-
News
21 Dec 2022
Top 10 ANZ IT stories of 2022
We recap the top 10 stories in Australia and New Zealand, including the opportunities and challenges that organisations in the region have faced over the past year Continue Reading
-
Definition
21 Dec 2022
hotfix
A hotfix is code -- sometimes called a patch -- that fixes a bug in a product. Continue Reading
-
Feature
21 Dec 2022
A sticky story: How, and why, hackers love stickers on laptops
We’ve all seen laptops adorned with security stickers and in-jokes, but how did this cyber community trend get started, what does it signify, and what does it say about the humans behind the screens? Continue Reading
-
Opinion
21 Dec 2022
Post-Brexit cyber dynamics in the UK and Europe: diverging paradigms?
The UK faces a choice in terms of its ongoing cyber security relationship with the EU – to preserve its collaboration with the EU by adopting an aligned approach or to adopt a divergent approach Continue Reading
-
Definition
20 Dec 2022
surveillance capitalism
Surveillance capitalism is an economic theory proposed by Harvard Business School Professor Emerita Shoshana Zuboff in 2014 that describes the modern, mass monetization of individuals' raw personal data in order to predict and modify their behavior. Continue Reading
-
News
20 Dec 2022
Top 10 software development stories of 2022
We look at how software development has adapted to the changing economic climate over the past 12 months Continue Reading
-
Opinion
19 Dec 2022
Security Think Tank: 2022 brought plenty of learning opportunities in cyber
At the end of another busy 12 months, Turnkey Consulting’s Andrew Morris sums up some of the most important takeaways for cyber pros Continue Reading
-
Definition
19 Dec 2022
cyberbullying
Cyberbullying is a type of bullying in which one or more individuals use digital technologies to intentionally and repeatedly cause harm to another person. Continue Reading
-
News
16 Dec 2022
Shiseido data breach victims plan legal action over fake companies
Employees and former employees of cosmetics firm Shiseido whose data was stolen in a recent breach are planning group legal action after their information was used to establish fraudulent companies in their names Continue Reading
-
News
16 Dec 2022
Defence lawyers claim NCA witness gave unreliable evidence on EncroChat hacking operation
National Crime Agency argues that the lawfulness of surveillance warrants issued to hack the EncroChat phone network should only be considered in the light of facts and assessments known at the time Continue Reading
-
News
16 Dec 2022
UK unis implement new IP traffic policies to combat ransomware
Jisc will introduce new measures to protect UK universities and research institutions from ransomware attacks that exploit the Remote Desktop Protocol remote-access feature Continue Reading
-
News
15 Dec 2022
Lego fixes dangerous API vulnerability in BrickLink service
The Lego Group has remediated two potentially serious API vulnerabilities in its BrickLink digital resale platform, just in time for Christmas Continue Reading
-
News
15 Dec 2022
Cops dismantle 48 DDoS-for-hire websites
An operation combining law enforcement from the UK, US, Netherlands and Europol has disrupted 48 of the world’s most popular DDoS booter websites Continue Reading
-
News
15 Dec 2022
NCA officer questioned in Investigatory Powers Tribunal over failure to disclose EncroChat notes
EncroChat hacking warrant was unlawful and in breach of human rights law, the Investigatory Powers Tribunal hears Continue Reading
-
News
14 Dec 2022
Private health provider data could be shared with NHS England
Plans are advancing to create a single source of healthcare data in England combining both private providers and the NHS to avoid a repeat of the Ian Paterson scandal Continue Reading
-
News
14 Dec 2022
Advanced Azov data wiper likely to become active threat
Check Point deep dives into an emergent data wiper strain known as Azov, which is making waves with hundreds of new samples being submitted to VirusTotal daily Continue Reading
-
News
14 Dec 2022
NHS gets new guidance on public benefits of data sharing
NHS national data guardian Nicola Byrne has published new guidance on how health and social care bodies should approach the task of evaluating public benefit when using data for purposes beyond individual care Continue Reading
-
News
14 Dec 2022
Ethical hackers flex their muscles in 2022
Ethical hackers working through HackerOne programmes found 21% more vulnerabilities in 2022 than in 2021 Continue Reading
-
News
14 Dec 2022
Microsoft fixes two zero-days in final Patch Tuesday of 2022
December’s Patch Tuesday is typically a light month for Microsoft, and this year proved no exception, but there are still several critical issues worth addressing, and two zero-days for defenders to pore over Continue Reading
-
News
14 Dec 2022
New cyber approaches ease Registers of Scotland’s AWS migration
As the holder of the oldest national public land register in the world, Registers of Scotland has a storied history dating back centuries. Find out how Palo Alto Networks is keeping its processes and data secure as it goes all-in on Amazon Web Services Continue Reading
-
Opinion
14 Dec 2022
Security Think Tank: How much digital trust can you place on zero-trust?
The events of the past couple of years have highlighted many considerations that should be taken into consideration when pursuing a zero-trust strategy, says ISACA’s Steven Sim Kok Leong Continue Reading
-
News
13 Dec 2022
Crime Stoppers Tasmania debuts new reporting portal
Reporting tool will enable the public to share crime-related information with law enforcement agencies to support policing in Tasmania Continue Reading
-
News
13 Dec 2022
EU issues draft data adequacy decision in favour of US
The European Commission has concluded that the United States does ensure an adequate level of protection for personal data transferred from the European Union and will now launch the process towards the adoption of an adequacy decision Continue Reading
-
News
13 Dec 2022
The nature of the CISO role will be in flux in 2023
As cyber risk outpaces organisational defences, and cyber attacks and breaches cause more and more damage, the nature of the CISO role is entering a state of flux, according to a report Continue Reading
-
News
13 Dec 2022
Finnish government launches information security voucher scheme
Finland’s government is offering businesses financial support to help them improve their cyber security Continue Reading
-
News
13 Dec 2022
More Uber data exposed in possible supply chain attack
A second incident affecting ride-sharing app Uber appears to have originated through a third party in a supply chain attack Continue Reading
-
E-Zine
13 Dec 2022
AI experts question tech industry’s ethical commitments
In this week’s Computer Weekly, the proliferation of ethical frameworks has done little to change how artificial intelligence is developed – we look at the challenges. We examine the future of the UK semiconductor sector as the government launches a review. And we hear how NatWest has put data at the heart of customer strategy. Read the issue now. Continue Reading
-
News
13 Dec 2022
Customer frustrations mount as Rackspace investigation proceeds
Rackspace says it is making progress on restoring services following a ransomware attack on its Hosted Exchange business, but customers are becoming frustrated with a lack of communication Continue Reading
-
News
12 Dec 2022
Top IT predictions in APAC in 2023
Robotics, cross-cloud data mobility and cyber insurance are some of the key trends that will shape Asia-Pacific’s technology landscape in 2023 Continue Reading
-
News
12 Dec 2022
Cloud-based fingerprint system for UK police nears completion
Police Digital Service announces that a new cloud-based fingerprint system developed under its Transforming Forensics programme is nearly complete, but data protection concerns around the use of US-based cloud providers remain Continue Reading
-
Opinion
12 Dec 2022
Security Think Tank: Embrace prioritisation, people, imperfections
Security and IT professionals should try to make peace with their imperfections in 2023, says Nominet CISO Paul Lewis Continue Reading
-
News
11 Dec 2022
How Zscaler is cracking APAC’s cloud security market
Zscaler’s head in Asia-Pacific and Japan talks up the company’s growth momentum in the region and what it is doing to address areas where it can do better Continue Reading
-
Blog Post
09 Dec 2022
When IT Meets Christmas: The Massacre of the Innocents Updated
But Joseph had installed Anti-Spyware on Mary's phone, after she became pregnant and not by him. So they cashed in their bitcoin, dropped their mobiles down a well and departed for Egypt. Continue Reading
-
News
09 Dec 2022
CIISec, DCMS to fund vocational cyber courses for A-level students
The Chartered Institute of Information Security and the Department for Digital, Culture, Media and Sport plan to fund vocational cyber qualifications for 300 teenagers Continue Reading
-
News
09 Dec 2022
Iranian APT seen exploiting GitHub repository as C2 mechanism
A subgroup of the Iran-linked Cobalt Mirage APT group has been caught taking advantage of the GitHub open source project as a means to operate its latest custom malware Continue Reading
-
News
09 Dec 2022
Online Safety Bill returns to Parliament
MPs and online safety experts have expressed concern about encryption-breaking measures contained in the Online Safety Bill as it returns to Parliament for the first time since its passage was paused in July Continue Reading
-
News
09 Dec 2022
IT system limitations a factor in passport delays
Limitations in the UK’s passport office IT system led to delays in applicants receiving their documents during a recent period of high demand Continue Reading
-
Opinion
09 Dec 2022
Security Think Tank: 2022 changed how we thought about resilience
Increasing cyber resilience is at the heart of the people-processes-technology triangle, and 2022 saw shifts in all three of these aspects, says PA Consulting’s Sharon Shochat Continue Reading
-
News
08 Dec 2022
Consumers to get new protections against dodgy apps
Government’s new code of practice will impose new privacy and security measures on app store operators and developers Continue Reading
-
Feature
08 Dec 2022
Too many secrets: What can today’s cyber teams learn from a 30-year-old film?
Despite being 30 years old, Sneakers remains a classic hacker film. The technology may have dated, but the underlying themes remain relevant and remind us about the threats lurking online Continue Reading
-
News
08 Dec 2022
Apple to tap third party for physical security keys
Apple is launching a number of new security protections, including the addition of third-party-provided hardware security keys Continue Reading