IT security
-
News
24 Apr 2024
Education will be key to good AI regulation: A view from the USA
Computer Weekly sat down with Salesforce’s vice-president of federal government affairs, Hugh Gamble, to find out how the US is forging a path towards AI regulation, and how things look from Capitol Hill Continue Reading
-
Opinion
23 Apr 2024
Security Think Tank: Cyber sector, you have failed this community
In the wake of renewed calls for lawmakers to consider enacting legal bans on ransomware payments, the Computer Weekly Security Think Tank weighs in to share their thoughts on how to tackle the scourge for good. Continue Reading
-
E-Zine
09 Sep 2021
CW Europe: Dutch researchers build security software to mimic human immune system
In this issue of CW Europe, find out how researchers in the Netherlands are attempting to help IT systems fight certain cyber attacks in a similar way to the human immune system works. One of the team at Dutch research institute TNO was originally an immunologist, and saw parallels with the human immune system in the field of cyber security. Also in this issue, find out about the so-called “Klarna academy” in Stockholm, which has created the next set of Nordic fintech entrepreneurs. Continue Reading
-
Blog Post
08 Sep 2021
Law enforcement: Question the tech sector's motives
Perhaps there are application areas where law enforcement technology should not be used, one of the witnesses at a recent Justice and Home Affairs Committee meeting warned. Experts from the US, New ... Continue Reading
- 08 Sep 2021
-
News
08 Sep 2021
REvil reappearance may herald new ransom campaigns
The re-emergence of the infamous REvil ransomware gang is a likely sign that more high-profile attacks will unfold over the coming weeks Continue Reading
-
News
08 Sep 2021
Covid positive for security market, but still a source of stress
CIISec’s latest “State of the profession report” highlights both positives and challenges for cyber pros arising from the past two years Continue Reading
-
Blog Post
08 Sep 2021
Marriages Are Back On The Agenda – Even In IT
Ah – the return of “normality” in the UK – i.e., people are still getting ill but the government admits it doesn’t care any longer, other than by increasing taxes… But enough of the ... Continue Reading
-
News
08 Sep 2021
Stolen credit card data worth about £13 on dark web, PayPal worth more
The average price of a stolen credit card on a dark web marketplace comes in at around $17.40, or £12.60, according to new data – but the real money for cyber criminals is in hacked PayPal accounts Continue Reading
-
Opinion
08 Sep 2021
Security Think Tank: Optimising privacy, post-GDPR
Airbus CyberSecurity CTO Paddy Francis explores the impact of regulation on data protection, and how it has changed how one goes about optimising data privacy in the enterprise Continue Reading
-
Feature
08 Sep 2021
Bridging the gender gap in cyber security
Some professional groups and companies in Asia are working hard to improve awareness of the cyber security profession and mentoring talented women in a bid to bridge the gender gap Continue Reading
-
News
07 Sep 2021
Procuring law enforcement tech needs greater scrutiny
Tech firms are playing a high-stakes game to drive adoption of artificial intelligence and surveillance technology in law enforcement Continue Reading
-
News
07 Sep 2021
OT security in APAC remains work in progress
Two operational technology security experts shed light on the state of OT security in the region, and what’s being done to address skills, competency and organisational challenges Continue Reading
-
News
07 Sep 2021
ICO in bid to end cookie pop-ups
Outgoing information commissioner Elizabeth Denham will call on her equivalents across the G7 group of countries to collaborate on an overhaul of cookie consent pop-ups Continue Reading
-
News
07 Sep 2021
Banking anti-fraud scheme blocks 65% more fraud
Scheme designed to protect vulnerable people against banking fraud has been expanded to include online scams Continue Reading
-
Opinion
07 Sep 2021
Security Think Tank: A response to planned data protection changes
The ISF’s Emma Bickerstaffe assesses how organisations might respond to proposed changes to the UK’s data protection regime Continue Reading
-
E-Zine
07 Sep 2021
Highways England delivers a digital roadmap
In this week’s Computer Weekly, we talk to the CDIO of Highways England about her digital services and asset management plans. We explore SIEM and SOAR security tools. And we find out how McLaren Racing is using data analytics to build its cars more efficiently. Read the issue now. Continue Reading
-
07 Sep 2021
Are proposed data protection changes a threat to UK citizens’ privacy?
Though changes are as-yet undefined pending an upcoming consultation, concerns are already being expressed over the government’s plan to liberalise data protection laws in the service of innovation and growth Continue Reading
-
Opinion
06 Sep 2021
The rise of the chief risk officer
The impact of the Covid-19 pandemic has seen chief risk officers take their rightful place in the boardroom Continue Reading
-
Opinion
06 Sep 2021
UK’s new data protection strategy risks costing business more than it gains
The apparent business benefits of pursuing data adequacy agreements around the world may not be as enticing as they at first appear Continue Reading
-
News
06 Sep 2021
How NZ schools are tapping managed network services
Using managed network services has freed up time and resources for New Zealand school teachers and alleviated the pressure and challenges of maintaining technology infrastructure Continue Reading
-
Feature
06 Sep 2021
How do SOAR and SIEM services fare in a rapidly changing cyber threat landscape?
Given that cyber risks are rapidly growing in sophistication and number, we look at whether SIEM and SOAR security tools are still effective Continue Reading
-
News
03 Sep 2021
Berlin court reverses ban on use of EncroChat evidence in criminal trials
Berlin Superior Court allows use of EncroChat evidence in criminal trials but lawyers say the question will ultimately need to be decided by the German Supreme Court Continue Reading
-
News
03 Sep 2021
Mandiant, Sophos detail dangerous ProxyShell attacks
Threat researchers and incident responders continue to track threat activity around the dangerous ProxyShell Microsoft Exchange vulnerabilities, including impactful ransomware hits Continue Reading
-
News
03 Sep 2021
China accused of cyber attacks on Norwegian IT systems
China-based cyber attackers have been blamed for multiple assaults on IT systems in Norway Continue Reading
-
News
02 Sep 2021
How high can the contactless card limit go without two-factor authentication?
The spending limit for contactless cards has reached an eyebrow-raising triple-digit figure – £100 – raising questions about the need for user authentication Continue Reading
-
News
02 Sep 2021
WhatsApp fined €225m over GDPR breaches
Irish data protection watchdog has issued one of the largest GDPR fines to date against Facebook-owned WhatsApp Continue Reading
-
News
02 Sep 2021
Finance firms faced up to £760,000 costs per DNS attack during pandemic
Financial services firms have been the focus of attacks by cyber criminals during the Covid-19 crisis Continue Reading
-
Opinion
02 Sep 2021
Protecting children in the digital playground
The ICO’s Age Appropriate Design Code ushers in a new set of standards that advance children’s rights in the digital age Continue Reading
-
News
02 Sep 2021
Twitter tests auto-block feature for accounts at risk of abuse
Latest Twitter feature automatically blocks abusive users, and is intended to help victims regain control of their experience on the platform Continue Reading
-
Opinion
02 Sep 2021
Security Think Tank: Managing data securely throughout its lifecycle
Managing data in a secure manner is key to ensuring its integrity and therefore its value to the organisation, as well as reducing risk from breaches and misinformation Continue Reading
-
News
01 Sep 2021
Experts warn on Office 365 phishing attacks
Newly observed campaign is particularly dangerous because it appears to neutralise one of the most widely known anti-phishing techniques Continue Reading
-
News
01 Sep 2021
Remote workers routinely bypassed security tools during pandemic
New data from Palo Alto Networks reveals that over 25% of UK security leaders saw their employees circumventing or switching off security measures at the height of the pandemic Continue Reading
-
Feature
01 Sep 2021
Making a mark in cyber security
Claudean Zheng’s knack for hacking landed her a career in cyber security, one that has been dotted by stints in both public and private sectors Continue Reading
-
News
31 Aug 2021
GovTech launches vulnerability rewards programme
Vulnerability rewards programme will offer rewards ranging from $250 to $5,000 to white hat hackers who find vulnerabilities in critical government systems Continue Reading
-
Definition
30 Aug 2021
logic bomb
A logic bomb is a string of malicious code that is inserted intentionally into a program to harm a network when certain conditions are met. Continue Reading
-
Definition
27 Aug 2021
Electronic Code Book (ECB)
Electronic Code Book (ECB) is a simple mode of operation with a block cipher that's mostly used with symmetric key encryption. Continue Reading
-
Opinion
27 Aug 2021
Supply chain cyber security is only as strong as the weakest link
A spate of high-profile cyber attacks has highlighted the criticality of supply chain security and put new pressures on security leaders. How can we ensure that cyber security remains robust down the full length of supply chains? Continue Reading
-
Opinion
27 Aug 2021
How the cyber security market is evolving
The cyber security market has gained even greater importance in the post-Covid era and continues to grow and evolve. But what factors are driving trends in that market and what should your organisation consider when making cyber security investments? Continue Reading
-
News
27 Aug 2021
Are proposed data protection changes a threat to UK citizens’ privacy?
Though changes are as-yet undefined pending an upcoming consultation, concerns are already being expressed over the government’s plan to liberalise data protection laws in the service of innovation and growth Continue Reading
-
Definition
26 Aug 2021
stateful inspection
Stateful inspection, also known as dynamic packet filtering, is a firewall technology that monitors the state of active connections and uses this information to determine which network packets to allow through the firewall. Continue Reading
-
News
26 Aug 2021
Tech giants commit to Biden's cyber security action plan
Some of the world’s most prominent tech giants have made a series of commitments to enhance the US’ national cyber security posture following a high-profile meeting with president Biden Continue Reading
-
News
26 Aug 2021
Government unveils post-Brexit data flow proposals
The government will pursue data partnerships with countries including Australia, South Korea and the US as part of a post-Brexit data regime that may also see substantial changes to the UK’s data protection law Continue Reading
-
Opinion
26 Aug 2021
Security Think Tank: Steps to a solid data privacy practice
Petra Wenham of the BCS shares her expertise on building, or rebuilding, a solid business data privacy practice in a post-Covid-19 world Continue Reading
-
News
26 Aug 2021
NZ privacy lead John Edwards named new information commissioner
DCMS has named John Edwards, currently New Zealand privacy commissioner, to succeed Elizabeth Denham as UK information commissioner Continue Reading
-
Feature
26 Aug 2021
How women can succeed in cyber security
A cyber security professional at Australia’s IAG shares her career journey and insights on how women can succeed in the field Continue Reading
-
News
25 Aug 2021
Calling the cops for ransomware attacks doesn’t help, say cyber pros
A new study for the #Ransomaware campaign reveals some insight into why so few victims report ransomware attacks Continue Reading
-
News
25 Aug 2021
UK loses £1.3bn to fraud and cyber crime so far this year
New figures from the National Fraud Intelligence Bureau show a threefold spike in reported financial losses to fraud and cyber crime in the first six months of 2021 Continue Reading
-
News
24 Aug 2021
13 million malware attacks on Linux seen in wild
Cryptominers, web shells and ransomware are the most common varieties of malwares targeting Linux systems, thanks to its prevalence as the backbone of most public cloud services Continue Reading
-
News
24 Aug 2021
Half of MS Exchange servers at risk in ProxyShell debacle
Up to 50% of MS Exchange users in the UK are exposed to three vulnerabilities that are now being actively exploited Continue Reading
-
Opinion
24 Aug 2021
The ransomware debate – to pay or not to pay?
The debate around banning ransomware payments is highly nuanced, and we must take care to avoid overt victim-blaming, in favour of an open and honest approach, says SASIG’s Martin Smith Continue Reading
-
News
24 Aug 2021
Over a million opt out of NHS data-sharing
Failure to communicate benefits of data-sharing proposals and privacy concerns are prompting large numbers of people to opt out of a proposed NHS Digital scheme Continue Reading
-
E-Zine
24 Aug 2021
How datacentre power growth is leaving Dublin in distress
In this week’s Computer Weekly, we look at the challenges faced by Dublin’s datacentre sector, as growth leaves the city’s electricity infrastructure creaking. We ask whether recent initiatives to close the UK’s digital skills gaps are working. And we examine the latest injustice to hit the Post Office Horizon scandal. Read the issue now. Continue Reading
-
News
24 Aug 2021
Campaign groups claim police have bypassed Parliament with plans for live facial-recognition tech
Civil society groups call for Parliament to scrutinise the use of live facial-recognition cameras Continue Reading
-
News
24 Aug 2021
More data breaches in Australia arising from ransomware
The number of data breaches in Australia arising out of ransomware attacks grew by 24% during the first half of 2021, according to OAIC’s latest data breach report Continue Reading
-
Blog Post
23 Aug 2021
Building back better "right to work" checks
There is barely a week left to cement the improvements made over the past year and turn potential disaster into triumph by adopting the recommendations of the Better Hiring Institute for a smooth ... Continue Reading
-
Feature
23 Aug 2021
Considerations when deciding on a new SIEM or SOAR tool
A successful deployment of any security tool very much depends on the maturity of security processes in the organisation Continue Reading
-
News
23 Aug 2021
Flexxon and Lenovo tie up on AI-infused SSDs
Singapore-based Flexxon teams up with Lenovo to make its solid-state drive that uses artificial intelligence to fend off cyber threats available on ThinkPad-based laptops Continue Reading
-
Definition
23 Aug 2021
ILOVEYOU virus
The ILOVEYOU virus comes in an email with 'ILOVEYOU' in the subject line and contains an attachment that, when opened, results in the message being re-sent to everyone in the recipient's Microsoft Outlook address book. Continue Reading
-
Definition
20 Aug 2021
certificate revocation list (CRL)
A certificate revocation list (CRL) is a list of digital certificates that have been revoked by the issuing Certificate Authority (CA) before their actual or assigned expiration date. Continue Reading
-
News
20 Aug 2021
Swedish IT industry braced for China’s response to Huawei 5G ban
Swedish IT and communications equipment suppliers fear economic backlash from China following Huawei ban Continue Reading
-
News
20 Aug 2021
How the pandemic transformed IAG’s Hangar 51 accelerator
Businesses of all shapes and sizes have had to take a different approach during the pandemic – Dupsy Abiola, head of global innovation at IAG, explains how IAG transformed its Hangar 51 accelerator during the coronavirus outbreak Continue Reading
-
Opinion
20 Aug 2021
Security Think Tank: Data privacy not in isolation, but on a spectrum
The gap between data privacy and data governance is narrowing, and security leaders need to be aware of the implications, says KuppingerCole’s Anne Bailey Continue Reading
-
News
19 Aug 2021
Pub apps harvesting swathes of customer data unnecessarily
Some pub and restaurant chain apps demand data such as gender and marital status, raising eyebrows among privacy campaigners Continue Reading
-
News
19 Aug 2021
IT leaders fear ‘trickle-down’ of nation-state cyber attacks
Three-quarters of IT decision-makers are concerned that the tactics, techniques and procedures used by nation-state attackers could be used against them Continue Reading
-
News
18 Aug 2021
How Australia’s Octopus Deploy is simplifying DevOps
Brisbane-based startup Octopus Deploy recently secured $172.5m in venture funding to advance its goal of simplifying software deployments for DevOps teams Continue Reading
-
News
18 Aug 2021
MoD seeks security tech to harden military systems
The Defence and Security Accelerator has launched a programme to root out technology that will reduce the military’s exposure to cyber attacks Continue Reading
-
News
18 Aug 2021
Global VPN downloads soar in first half of 2021
Song remains the same with VPNs as repressive regimes’ continued regulatory demands and remote working see virtual private network usage rocket over the first six months of the year Continue Reading
-
Opinion
18 Aug 2021
Security Think Tank: Data privacy and ethics in a post-Covid world
The radical change caused by the pandemic requires new approaches to data privacy practice, says PA Consulting’s Daniel Gordon Continue Reading
-
News
17 Aug 2021
Educational publisher Pearson fined for data breach cover-up
Securities and Exchange Commission says publisher misled its investors over the extent of a 2018 data breach Continue Reading
-
News
17 Aug 2021
Security Think Tank: Building privacy-preserving apps and platforms
ISACA’s Gaurav Deep Singh Johar explores how to embed privacy practices into digital platform architecture Continue Reading
-
E-Zine
17 Aug 2021
How to choose between SIEM and SOAR
In this week’s Computer Weekly, our buyer’s guide examines the use of SIEM and SOAR to improve IT security, and asks which you should use, and when? We look at what you need to know about NVMe over Fabrics, the emerging storage networking technology. And we find out how Oracle customers are introducing its Fusion Cloud suite. Read the issue now. Continue Reading
-
16 Aug 2021
When is SIEM the right choice over SOAR?
Better instrumentation leads to better IT security but monitoring can quickly overload IT teams. Automation can help, but it may not always be needed Continue Reading
-
News
16 Aug 2021
ICO consults public on personal data in employment practices
The ICO has launched a public consultation on employers’ use of personal data to help it provide practical guidance for both businesses and workers Continue Reading
-
News
16 Aug 2021
Nearly half of retailers hit by ransomware in 2020
In the face of increasingly prevalent and sophisticated ransomware attacks, retail organisations need to develop alternative ways of restoring lost or encrypted data, as paying the ransom does not guarantee its return in almost a third of cases Continue Reading
-
Feature
16 Aug 2021
When is SIEM the right choice over SOAR?
Better instrumentation leads to better IT security but monitoring can quickly overload IT teams. Automation can help, but it may not always be needed Continue Reading
-
News
13 Aug 2021
UN special rapporteurs call for surveillance tech moratorium
In the wake of revelations about NSO Groups Pegasus spyware, a number of special rapporteurs from the United Nations are re-igniting calls for a global moratorium on the sale and transfer of surveillance technologies Continue Reading
-
News
13 Aug 2021
Cyber Runway programme supports new security businesses
The Cyber Runway programme is a government-backed scheme to support entrepreneurs, startups and scaleups in launching and growing new security businesses Continue Reading
-
Blog Post
13 Aug 2021
The DDoS Battle
In the many years I’ve been testing and analysing the security side of IT, one evident point is that the classic forms of attack: identifying common vulnerabilities and Distributed Denial of ... Continue Reading
-
News
13 Aug 2021
Hospitals see cyber security investment as a low priority
Almost half of hospitals have experienced an IT shutdown as a result of a cyber attack in the past six months, but just over one in 10 hospital executives see cyber security investment as a high priority Continue Reading
-
News
12 Aug 2021
ICO consults on new international data transfer agreement
Information Commissioner’s Office to consult on its draft international data transfer agreement and guidance, which will replace standard contractual clauses to protect personal data during overseas transfers Continue Reading
-
E-Zine
12 Aug 2021
CW Benelux: Netherlands sees increase in the number of women opting for an ICT career
The IT skills gap in the Netherlands could be about to narrow as more women take up jobs in the sector. Figures from last year revealed that the number of female ICT professionals grew by 6.5%, while the number of male ICT professionals increased by only 1.7%. Read more about it in this issue. Also find out why more openness about ransomware attacks in the Dutch business community could be the first step to defeating a growing problem. Continue Reading
-
News
12 Aug 2021
LGA goes live with Digital Pathfinders Programme
Programme offers £20,000 in funding to councils that come up with ‘pioneering solutions’ for cyber security, digital inclusion and connectivity Continue Reading
- 12 Aug 2021
-
News
11 Aug 2021
US wins bid to widen grounds of appeal in Julian Assange extradition case
The US government accused medical expert professor Michael Kopelman of misleading the court by failing to disclose details of Assange’s relationship Continue Reading
-
News
11 Aug 2021
Hacker makes off with $600m in world’s largest crypto-heist
Despite bagging $600m worth of cryptocurrency in what has been described as the biggest decentralised finance hack, the hacker has already started returning the funds Continue Reading
-
News
11 Aug 2021
Microsoft fixes seven critical bugs on light Patch Tuesday
All seven critical vulnerabilities in Microsoft’s August Patch Tuesday were related to remote code execution, and there was one zero-day related to Windows Update Medic Service Continue Reading
-
News
11 Aug 2021
The Netherlands still lacks digital resilience, says report
Report by National Coordinator for Counterterrorism and Security says the Netherlands’ digital resilience has improved, but is still insufficient Continue Reading
-
News
10 Aug 2021
Ransomware demands and payments hit new records
Ransomware groups continue to intensify their operations as ransom demands and payments increase alongside use of “quadruple extortion” tactics during first half of 2021 Continue Reading
-
News
10 Aug 2021
Third of finance firms accelerate use of artificial intelligence to detect money laundering
Financial services firms are stepping up their use of artificial intelligence and machine learning technology to fight increasing money laundering activity Continue Reading
-
News
10 Aug 2021
Dutch lead the way in protecting themselves against internet risks
Dutch citizens come top in a study on awareness of internet risks in Europe, which showed major differences across the continent Continue Reading
-
10 Aug 2021
Privacy Shield: US surveillance law reforms essential for EU-US data
EU Committee on Civil Liberties, Justice and Home Affairs study calls for major reforms of US spying laws to enable an EU-US data-sharing agreement to replace Privacy Shield. Continue Reading
-
E-Zine
10 Aug 2021
Real-time data analytics in action
In this week’s Computer Weekly, we examine the emerging applications of real-time analytics and highlight the challenges for businesses to maximise the benefits. EU experts are calling for reform of US surveillance laws – we look at the issues. And we talk to the co-CEO of HR software giant Workday. Read the issue now. Continue Reading
-
News
10 Aug 2021
Researchers uncover database with 126 million unsecured records
Business-to-business marketing firm OneMoreLead was storing tens of millions of records in an unsecured database, exposing at least 63 million people to fraud, identify theft and phishing campaigns Continue Reading
-
News
10 Aug 2021
How Grab is using Kafka in fraud detection
Grab is using Apache Kafka in its fraud detection and prevention platform to ingest event streams from its mobile software development kits and client backends to pick up fraudulent activities Continue Reading
-
News
09 Aug 2021
Possible ransomware attack hits Italian vaccine booking system
It is still unclear who is behind the attack that caused Covid-19 vaccine bookings in Lazio, Italy, to grind to a halt, as despite masses of files being encrypted no specific ransom demands have been made for the decryptor Continue Reading
-
News
06 Aug 2021
Apple unveils plans to scan US iPhones for child sex abuse images
Apple will introduce child sexual abuse material detection for US users later this year, but some experts are worried that the technology could be repurposed to scan phones for other kinds of content Continue Reading
-
News
05 Aug 2021
11 areas will trial digital identity scheme for residential property sector
MyIdentity scheme will allow estate agents, conveyancers, solicitors and mortgage providers across 11 locations to trial the use of digital identity to speed up and make home buying more secure Continue Reading
-
News
05 Aug 2021
Nine security flaws found in critical hospital infrastructure
The ‘PwnedPiper’ vulnerabilities identified in systems used by 80% of US hospitals could be used to launch ransomware attacks Continue Reading
-
News
05 Aug 2021
BlackMatter goes on the record about DarkSide and REvil links
BlackMatter gives details of its ransomware-as-a-service operation and distinguishes itself from now-defunct ransomware gangs in interview with cyber security analysts from Recorded Future Continue Reading
-
News
05 Aug 2021
SAP customers more alert to internal than external threats
SAP customers are more concerned by insider threats than by external attacks, according to a report. And yet the average SAP customer has around 2,500 vulnerabilities within their customised SAP code Continue Reading
-
Definition
05 Aug 2021
cyberstalking
Cyberstalking is a crime in which someone harasses or stalks a victim using electronic or digital means, such as social media, email, instant messaging (IM) or messages posted to a discussion group or forum. Continue Reading