IT security

MoD reports 18% rise in data loss incidents

The Ministry of Defence reported more than five hundred data security incidents in 2019-20, with seven serious enough to warrant disclosure to the ICO Continue Reading

Australians lost A$176m to scams in 2020

Investment scams topped the list of scams, which grew by 23.1% in 2020 as criminals exploited human psychology using social engineering Continue Reading

NCSC CyberFirst Girls 2021 contest kicks off

UK’s national cyber agency says it has already had hundreds of entrants in spite of the challenges presented by the pandemic Continue Reading

150,000 records accidentally wiped from police systems

Home Office claims data wiped from national police systems only relates to people who have never been convicted of a crime or had further police action taken against them following an arrest Continue Reading

US cyber security agencies get $9bn in Biden plan

New funding proposals come as US government reels from the impact of the December 2020 SolarWinds attack Continue Reading

Coalition proposes secure standard model for Covid-19 passports

Vaccination Credential Initiative is working to ensure that people vaccinated against Covid-19 can access their records in a secure, verifiable and privacy-preserving way Continue Reading

All EU states can take data protection cases against Facebook, says EU court

An opinion from the European Court of Justice has the potential to lead to a flood of privacy complaints against Facebook if upheld Continue Reading

Select a customer IAM architecture to boost business, security

Not all customer IAM platforms are created equal. Will a security-focused or marketing-focused CIAM architecture best meet your organization's needs? Read on for help deciding. Continue Reading

Experian calls for less bureaucratic data regulations

Open banking requires cross-industry collaboration, but sharing personal data requires explicit consent, which can become a bottleneck Continue Reading

Extended detection and response tools take EDR to next level

Extended detection and response tools offer new capabilities -- among them greater visibility -- to enterprises searching for better ways to protect their endpoints. Continue Reading

Old, on-premise systems targeted in Hackney ransomware attack

Council reveals some more insight into how the Pysa ransomware gang infiltrated its systems by exploiting legacy technology Continue Reading

Unforeseen consequences of new technologies put UK at risk

Lords committee told that the risks associated with various emerging digital technologies must be assessed together, with input from UK citizens, if the government is to avoid ‘siloisation’ of fundamentally interconnected problems Continue Reading

APAC firms grapple with cyber security amid pandemic

Some aspects of cyber security have taken a backseat as companies across the Asia-Pacific region rush to shore up their infrastructure to cope with the demands of remote work Continue Reading

Security Think Tank: Plan for hybrid working to become normal

After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hot cakes? Continue Reading

Court to rule on Facebook data sharing after Schrems drops legal challenge against Irish regulator

Irish High Court says it will issue a judgment as soon as possible over a draft decision by Ireland’s data protection commissioner to order Facebook to stop the transfer of data about EU citizens to datacentres in the US Continue Reading

Three-quarters of finance firms report more potentially criminal activity in their networks

Fears of failing to comply with strict regulations grow as financial services firms identify more suspicious financial activity on their networks Continue Reading

World’s largest dark web market disrupted in major police operation

Coordinated international operation including Europol and the UK’s National Crime Agency has successfully taken DarkMarket offline Continue Reading

Covid-19 immunity passport tests to begin in UK

A Covid-19 immunity and vaccination passport developed by two UK firms and backed by Innovate UK has entered the live testing phase Continue Reading

Stolen Pfizer/BioNTech Covid-19 vaccine data leaked

Data dump understood to include screenshots of emails, peer review information, PDFs and PowerPoint presentations Continue Reading

Critical zero-day features in first Patch Tuesday of 2021

Microsoft releases fixes for 84 bugs on the first Patch Tuesday of 2021, including a critical zero-day vulnerability in Microsoft Defender Continue Reading

Palo Alto Networks opens Australia cloud location

The cyber security company’s Australia cloud location will address data localisation requirements amid growing adoption of cloud-based security services Continue Reading

Mimecast latest security firm to be compromised

Users of a specific Mimecast certificate used to authenticate services to Microsoft Office 365 may be at risk of compromise in an attack that may relate to the ongoing SolarWinds incident Continue Reading

Parler collapse opens door to phishing attacks

The shutdown of controversial social media site Parler, and the publication of huge amounts of user data scraped by ethical hackers, is giving cyber crime experts cause for concern Continue Reading

Former ministers speak out on Mike Lynch extradition

As Mike Lynch, founder and former CEO of Autonomy, awaits his US extradition hearing, several former Tory MPs have expressed their concerns Continue Reading

Security Think Tank: Time for security teams to learn from Covid

After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hot cakes? Continue Reading

Early stage UK security startups face funding crisis

Overall cyber security funding since the advent of the pandemic is well up, but investment is dominated by safe, later-stage firms while those raising capital for the first time fall away Continue Reading

Can AI ever match the power of the brain?

In this week’s Computer Weekly, artificial intelligence is still no match for the brain – we talk to Intel’s neuromorphic computing lab to see how researchers are trying to address that. Our buyer’s guide examines identity and access management. And we find out why datacentres are becoming a new target for financial investors. Read the issue now. Continue Reading

How to tackle the IAM challenges of multinational companies

The rapidly changing business, regulatory and IT environment makes identity and access management a tough nut to crack for large multinationals. Continue Reading

New SolarWinds CEO sets out rescue plan

Customers can expect to see more regular and thorough checks on SolarWinds products, alongside greater engagement with the security community Continue Reading

Kaspersky claims link between Solorigate and Kazuar backdoors

Researchers say they have found specific code similarities between the Solorigate/Sunburst malware and the Kazuar backdoor, suggesting some relationship Continue Reading

New Zealand central bank IT system breached in cyber attack

Bank is responding to a cyber attack after hackers breached the system of a third-party supplier Continue Reading

Security Think Tank: Don’t bet on a new normal just yet

After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hot cakes? Continue Reading

Government use of 'general warrants' to authorise computer and phone hacking is unlawful

A court has ruled that the security and intelligence services can no longer rely on ‘general warrants’ to authorise the hacking of large numbers of computers and phones belonging to UK citizens Continue Reading

Picking the right IAM tools is based on more than today’s needs

With remote working now normal, it is important to take proactive steps in managing credentials across platforms that can be subject to multiple data protection regulations. IAM services can streamline this process, but care must be taken to ensure the correct one is chosen Continue Reading

The nation state threat to business

The SolarWinds hack shows the widespread damage possible from a nation state cyber attack. What is the threat to business and how can it be mitigated? Continue Reading

Which? online banking investigation reveals ‘worrying gaps’ in security

Consumer rights organisation has ranked the security of UK online current account providers Continue Reading

How have attitudes to risk and resilience changed?

The New Year is traditionally a time for reflections as well as resolutions. With Throwback Thursday we are happy to offer you both, as we look back to June 2008, when Freeform Dynamics published a ... Continue Reading

Biden picks cyber veteran to reinvigorate security response

Appointment of career intelligence operative Anne Neuberger signals refreshed security approach for the US government under Joe Biden's administration Continue Reading

Trump bans Chinese payment apps

US president signs executive order banning the use of Chinese payments app, citing national security risks Continue Reading

Hackney Council data leaked by Pysa ransomware gang

Council data stolen in October is leaked online in a double extortion attack Continue Reading

WikiLeaks founder Julian Assange to remain in prison despite winning extradition battle

Judge cites Assange’s support of NSA whistleblower as one of the reasons for him being at high risk of absconding. He will remain in Belmarsh prison until the US government completes its appeal Continue Reading

The human firewall's role in a cybersecurity strategy

The human firewall is a crucial element of a long-term, holistic security initiative. Explore how human firewalls can protect your enterprise against attacks. Continue Reading

SolarWinds attack almost certainly work of Russian spooks

Investigations into the far-reaching SolarWinds Solorigate attack did not let up during the holidays Continue Reading

Cloud Application Acceleration

First, we had WanOp, then we had “son of WanOp” AKA SD-WAN (and its much misunderstood – mainly by vendors – sibling, SDN) and then the cloud came along and, well, clouded the scenario somewhat. If ... Continue Reading

Scammers impersonating the ACSC on the prowl

The Australian Cyber Security Centre warns of scammers who are using its name to gain control of personal computers and trick users into revealing personal information Continue Reading

Banking trade body calls for increased contactless payment limit

UK Finance proposes an increase in the limit on spending using contactless cards Continue Reading

Security Think Tank: Cyber effectiveness, efficiency key in 2021

After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hot cakes? Continue Reading

WikiLeaks founder Julian Assange cannot be extradited to face charges in US, court rules

Court rules it would be oppressive to send Julian Assange to the US to face trial after finding he is at high risk of suicide. US government says it will appeal Continue Reading

Security Think Tank: The year of the work-from-home hangover

After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hot cakes? Continue Reading

Journalists’ FOI bids stayed as court reconsiders freedom of information rights of people outside UK

Tribunal questions whether people without a British passport or Britons living overseas are eligible to use the UK’s Freedom of Information Act Continue Reading

Top 10 networking stories of 2020

Here are Computer Weekly’s top 10 networking stories of 2020 Continue Reading

Top 10 investigations and national security stories of 2020

Here are Computer Weekly’s top 10 investigations and national security stories of 2020 Continue Reading

Top 10 technology and ethics stories of 2020

Here are Computer Weekly’s top 10 technology and ethics stories of 2020 Continue Reading

Top 10 ASEAN IT stories of 2020

Here are Computer Weekly’s top 10 ASEAN IT stories of 2020 Continue Reading

UK-EU Brexit deal passes Commons with six-month data adequacy bridge

IT industry trade body TechUK has welcomed a six-month data adequacy bridge, in the wake of the EU-UK trade deal that the House of Commons has voted for Continue Reading

How to monitor remote workers humanely

Monitoring employees who work remotely has taken on a whole extra dimension in the Covid-19 pandemic year of 2020. Financial services firms are among those which suggest ways of doing it humanely and legally Continue Reading

Editor's picks: Top cybersecurity articles of 2020

As the year no one could have predicted comes to a close, SearchSecurity takes a 30,000-foot view of the cybersecurity trends and challenges that defined the last 12 months. Continue Reading

NPCC brings the Christmas present of partnership to UK Cyber Policing

The combination of the Cyber Resilience Centres, Police Cyber Alarm and The Cyber Helpline  provides a major advance towards joining up the UK approach to policing the on-line world, Continue Reading

Security Long Reads: Cyber insiders reveal what’s to come in 2021

In this long read, we gather together the thoughts of cyber security insiders from across the industry to get their take on what will happen in 2021 Continue Reading

Top 10 cyber crime stories of 2020

Here are Computer Weekly’s top 10 cyber crime stories of 2020 Continue Reading

How to manage non-human identities

Identity management has traditionally focused on human identities, but non-human identities are proliferating and must not be overlooked. Businesses can reduce risk by managing both types of identity in the same way using a services-based approach Continue Reading

Endpoint security quiz: Test your knowledge

Test your knowledge of SASE, split tunneling, and device discovery tool capabilities and best practices in this endpoint security quiz for IT professionals. Continue Reading

Top 10 cyber security stories of 2020

Here are Computer Weekly’s 10 top cyber security stories of 2020 Continue Reading

It’s time to accept that disinformation is a cyber security issue

Tackling the manipulation of truth and facts is no easy task, and it’s time for the cyber security sector to take up the challenge Continue Reading

Patching: Balancing technical requirements with business considerations

With an increasing reliance on subscription models alongside the regular patching of software, updates have become an essential part of modern business practices. However, care needs to be taken to ensure the optimum patching process is implemented Continue Reading

Ministry of Justice in the dock for catalogue of serious data breaches

Annual report reveals major incidents of personal data loss affecting 121,355 people and including misplaced, unencrypted USB stick containing documents from a trial, accidental disclosure of identities, and staff files made visible to unauthenticated users Continue Reading

Top 10 end-user computing stories of 2020

Here are Computer Weekly’s top 10 end-user computing stories of 2020 Continue Reading

My Question Answered: Neteventing (not not eventing) In Cyberspace...

My fine friends at Netevents have continued to battle the global lockdown elements (and we now know in England that the words "lockdown" and "tier" mean the same thing - who would have guessed?) ... Continue Reading

Why Security As A Service Makes Common Sense...

Let us go back in time to 2019 – a time when we could actually attend IT events in a physical way. There I am, on the top level of a stand, having a coffee and scanning the hall, seeing “me too” ... Continue Reading

Finnish government tables laws to protect data from cyber criminals

Government is strengthening its legal framework to protect data from hackers in the wake of a massive breach at a psychotherapy centre Continue Reading

Utility supplier People’s Energy has entire customer list stolen

All 270,000 customers of People’s Energy, a renewable energy startup, have had their details compromised in a major data breach incident Continue Reading

SolarWinds cyber attack is ‘grave risk’ to global security

More victims of the SolarWinds Orion Sunburst cyber attack are being identified as the massive scale of the Russia-linked cyber espionage campaign becomes more clear Continue Reading

Dodgy browser extensions put social media users at risk

More than three million users of third-party browser extensions for Instagram, Facebook, Vimeo and others have been infected with malware, according to Avast Continue Reading

EU security strategy a ‘step up’ on cyber leadership, says Brussels

The EU’s new cyber security strategy forms a key component of Shaping Europe’s Digital Future, the Recovery Plan for Europe, and the EU Security Union Strategy Continue Reading

NHS Scotland taps Check Point to secure Covid-19 data

NHS National Services Scotland is working with security firm Check Point to safeguard its sensitive data in the cloud and support its work on the coronavirus Continue Reading

FireEye and partners release SolarWinds kill-switch

A so-called kill-switch for the dangerous SolarWinds Sunburst attack should allay some user fears, but is not a full fix for the issue Continue Reading

UK police unlawfully processing over a million people’s data on Microsoft 365

The roll-out of Microsoft 365 to dozens of UK police forces may be unlawful, because many have failed to conduct data protection checks before deployment and hold no information on their contracts Continue Reading

Danske Bank fights money laundering with AI

Danske Bank is using artificial intelligence to help it prevent a repeat of the huge money laundering scandal that hit one of its operations in Estonia Continue Reading

AWS brings disaster recovery programme to Australia

Project Resilience will offer up to $5,000 worth of credits to public sector and community organisations to offset the cost of storing data on Amazon Web Services Continue Reading

Lancashire police integrate body-worn video into digital policing app

Body-worn video integration will transform Lancashire police’s time-consuming and manual procedures into an efficient digital workflow, but claims that BMV will increase transparency and accountability are not backed by the evidence Continue Reading

SolarWinds cyber attack: How worried should I be, and what do I do now?

Security teams across the world are on high alert as more details emerge of the widespread SolarWinds ‘Sunburst’ attack. What do defenders need to do next? Continue Reading

Cyber crime victims in the Netherlands not reporting offences

Dutch victims of online crime rarely report it to the police and when they do, they are often dissatisfied Continue Reading

How security will be different after Covid-19

In this week’s Computer Weekly, the world of cyber security will probably never return to its pre-pandemic state – we look ahead. The combination of remote working and streaming video is putting extra strain on networks. And we look at how digital transformation is changing the way contact centres are run. Read the issue now. Continue Reading

No going back to pre-pandemic security approaches

The cyber security world will probably never return to its pre-pandemic state, and different approaches to security will come to the fore in 2021. Continue Reading

FireEye identifies flaw in networking monitoring software as US agencies attacked

Cyber security company says investigations have revealed security breach occurred because of a flaw in a network monitoring software Continue Reading

Negotiating the complexities of international transfers of personal data

How to navigate international data transfers, standard contractual clauses and the impact of Brexit on data protection Continue Reading

Confidence in print security drops and data breach costs rise

As cyberattacks continue to increase, capitalising on the new vulnerabilities of remote working, securing the print infrastructure – across the office and home environments – must be a strategic ... Continue Reading

Singapore trials beacons to bolster police operations

Police beacons equipped with video cameras, sirens, floodlights and speakers are being deployed at two parks to improve public safety in a year-long trial Continue Reading

The week in ransomware: Foxconn and Randstad are high-profile victims

Foxconn and Randstad are laid low by cyber criminals, while Sophos spills on Egregor, and prognosticators turn to their crystal balls to divine how ransomware will develop in the next 12 months Continue Reading

Disputed PostgreSQL bug exploited in cryptomining botnet

PGMiner cryptomining botnet remained unnoticed by exploiting a disputed CVE in PostgreSQL Continue Reading

Surge in Covid-19 vaccine phishing scams reported

Check Point and KnowBe4 share details of a growing number of phishing campaigns using the prospect of a Covid-19 vaccine as a lure Continue Reading

Security Think Tank: Integration between SIEM/SOAR is critical

SIEM and SOAR share much in common but there are key differences between the two that may influence the best fit for your organisation. What should security pros consider when making a choice? Continue Reading

Post-pandemic approaches to IAM for cloud security

Cloud technology may have saved businesses from catastrophe during the pandemic, but it has also introduced additional challenges around identity and access management. Here’s why IAM policies are crucial in the new normal Continue Reading

French regulators fine Google and Amazon over cookie policies

Google and Amazon rapped over their use of advertising cookies by the French data protection authorities Continue Reading

Cyber Helpline awarded lottery funding to support victims

The Cyber Helpline, a UK charity that provides emergency support to victims of cyber crime and online stalking, is to receive funding from the National Lottery Continue Reading

After critical year, Vodafone trains security sights on CNI market

Vodafone’s security head Steve Knibbs explains how he plans to bring the lessons of a transformative few years in cyber security to bear on new markets Continue Reading

Data on Pfizer/BioNTech Covid-19 vaccine stolen in cyber attack

The European Medicines Agency has launched a full investigation into an apparent security incident that has seen documents on the Pfizer/BioNTech Covid-19 vaccine stolen Continue Reading

Alan Turing Institute appoints global advisory board to aid digital identity schemes project

The Alan Turing Institute announces an international advisory board for a project investigating digital identity schemes, with a view to building the technology and organisational infrastructure to sustain them as trustworthy Continue Reading

CW Europe: Tour de France fans get a virtual experience

The organisers of this year's Tour de France worked with technology services company NTT in partnership with Amaury Sport Organisation to provide what they described as an “enhanced experience” for race fans who could not be at the roadside because of Covid restrictions. Also read why Deutsche Bank has agreed to sell its retail banking IT operation to one of its main IT suppliers for a token €1. Read the issue now. Continue Reading

How cloud-based SIEM tools benefit SOC teams

It's time for SIEM to enter the cloud age. Learn about the cloud-based SIEM features that can help SOC teams gain a holistic view of their organization's cloud infrastructure. Continue Reading