IT security
-
News
12 Jun 2025
UKtech50 2025: the longlist of the UK’s influential tech leaders
Each year, Computer Weekly launches a search for the most influential people in UK IT, asking the tech community who it thinks should be in the top 50 – here is the longlist of everyone nominated for 2025 Continue Reading
-
News
12 Jun 2025
Apple encryption row: Does law enforcement need to use Technical Capability Notices?
History shows that law enforcement can bring successful prosecutions without the need for the Home Office to introduce ‘backdoors’ into end-to-end encryption Continue Reading
-
25 Jan 2022
Digital surveillance of remote workers may increase enterprise risk
From productivity tools to security threats, we explore how digital surveillance is forcing remote workers towards shadow IT. Continue Reading
-
News
24 Jan 2022
WikiLeaks founder Julian Assange can ask Supreme Court to hear extradition appeal
Senior judges said today that WikiLeaks founder Julian Assange can petition the Supreme Court to decide whether to hear an appeal against his extradition to the US Continue Reading
-
News
24 Jan 2022
India’s cyber security industry doubles in size amid pandemic
Revenues from cyber security products and services reached $9.85bn in 2021 thanks to rapid digitalisation and regulatory attention on data and privacy Continue Reading
-
News
21 Jan 2022
Tinder algorithm charging users more based on age
Popular dating app Tinder could have broken data protection and equality laws by using personal data about people’s age to set different prices Continue Reading
-
News
21 Jan 2022
Mandiant analysts: Russia-backed APTs likely to ramp up attacks
More cyber attacks like those perpetrated against targets in Ukraine are to be expected, and they may become more destructive Continue Reading
-
News
21 Jan 2022
ICO criticises government-backed campaign to delay end-to-end encryption
Data protection watchdog warns that delaying end-to-end encryption will put children at risk Continue Reading
-
News
21 Jan 2022
Cyber pros: Don’t revel in REvil’s downfall just yet
The arrests of REvil’s alleged kingpins is a welcome step, but as with any disruption to cyber criminal activity, it is never wise to assume law enforcement action means the threat has passed entirely Continue Reading
-
News
21 Jan 2022
New normal sees SASE, SD-WAN surge as MPLS is phased out
Research confirms that MPLS is ‘out’ and SD-WAN and SASE systems are the clear winners in enterprise networking as more and more European organisations are eliminating all on-prem datacentres, with cloud adoption steaming ahead Continue Reading
-
News
21 Jan 2022
Scam losses in Australia hit record high
Australians lost a record A$323.7m to scams last year, with investment and romance scams accounting for the bulk of their losses Continue Reading
-
News
20 Jan 2022
Ransomware attacks dropped 37% in December, claims NCC
Latest monthly data reveals a significant decline in ransomware attacks at the end of 2021, but a new, emergent gang is making waves Continue Reading
-
News
20 Jan 2022
Updated cyber security regulations proposed for managed services sector
The Network and Information Systems regulations are to be updated to include MSPs and outsourcers, following a spate of supply chain attacks Continue Reading
-
News
20 Jan 2022
Data of 515,000 vulnerable people stolen in Red Cross attack
The International Committee of the Red Cross is probing a cyber attack that has already seen the personal data of hundreds of thousands of the world’s most vulnerable people compromised Continue Reading
-
News
20 Jan 2022
MoonBounce firmware bootkit shows advances in malicious implants
MoonBounce firmware bootkit shows evident technical improvements over others, making it a more dangerous threat to organisations. It is being used by Chinese state-backed actors Continue Reading
-
News
20 Jan 2022
Delayed pay: Umbrella company cyber attacks disrupt salary payments to thousands of contractors
Thousands of contractors across the UK are anxiously waiting to see if their payroll cycles will be disrupted for a second week, after two of the umbrella industry's biggest players were targeted by cyber criminals Continue Reading
-
Opinion
20 Jan 2022
Security Think Tank: Cyber training is useless without staff empowerment
In-house or outsourced? What makes a good security training programme, and what questions should buyers ask when procuring training as a service? Continue Reading
-
News
20 Jan 2022
NCSC for Startups programme seeks ransomware-busters
Innovative ideas for ransomware-busting technology are being sought by the UK’s National Cyber Security Centre and startup incubator Plexal Continue Reading
-
News
20 Jan 2022
Singapore to tighten digital banking security
Banks in Singapore will have to put in place more stringent measures to combat the rise in online phishing scams targeted at bank customers in the city-state Continue Reading
-
News
19 Jan 2022
Government funds charity campaign to warn big tech over the risks of encryption to children
Barnardo’s and other charities begin a government-backed PR campaign to warn of the dangers end-to-end encryption poses to child safety, which has been criticised as being ‘one-sided’ Continue Reading
-
News
19 Jan 2022
Investigators find Beijing 2022 app riddled with security flaws
Security flaws in Olympic app may put personal health data at risk of compromise in a man-in-the-middle attack Continue Reading
-
Feature
19 Jan 2022
Cloud-era disaster recovery planning: Assessing risk and business impact
In the first in a series on cloud-era disaster recovery, we provide a step-by-step guide to building firm foundations for the disaster recovery plan, with risk assessment and business impact analysis Continue Reading
-
News
19 Jan 2022
Chasm exists between ‘true’ and portfolio SASE approaches
Survey of enterprise IT leaders finds little difference between respondents without SASE and those who adopted SASE product portfolios regarding issues such as trade-offs between performance and security Continue Reading
-
Blog Post
19 Jan 2022
2022: Time to take algorithm-enhanced online abuse seriously
The algorithms used by dominant social media companies have compounded the risks to unsupervised children in their bedrooms by automating the processes predators use to find and groom potential ... Continue Reading
-
News
19 Jan 2022
Trellix looks to democratise access to XDR in APAC
The company formed from the merger of FireEye Enterprise and McAfee will team up with managed service providers, among other efforts, to democratise access to extended detection and response capabilities in the region Continue Reading
-
News
19 Jan 2022
Trellix XDR platform forged out of McAfee, FireEye union
The private equity owners of McAfee Enterprise and FireEye are merging the companies into a new entity to ‘define the future’ of cyber security through XDR technology Continue Reading
-
18 Jan 2022
Cyber security failure one of biggest risks facing countries and businesses, warns WEF
Cyber risks are among the top five risks facing organisations and governments over the next two to five years. Digital inequality and the over-crowding of space with communication satellites present further risks Continue Reading
-
E-Zine
18 Jan 2022
The race to quantum computing
In this week’s Computer Weekly, researchers are racing to create the first commercially useful quantum computer – we look at one of the European candidates. Cyber security is one of the greatest risks facing the global economy, warns the World Economic Forum. And we examine the role of employee experience in hybrid working. Read the issue now. Continue Reading
-
News
18 Jan 2022
Exium, Teneo team to deliver digital experience, 5G-capable SASE platform
Work-from-anywhere IT services company and cyber security provider enter into partnership to assist lean enterprise IT teams in their transition to a secure access service edge Continue Reading
-
News
18 Jan 2022
Police take down VPN linked to multiple ransomware hits
German police led a multinational effort to seize and take down the LabVPN service, which was allegedly used by cyber criminals to facilitate ransomware attacks Continue Reading
-
News
18 Jan 2022
Cobalt Strike still C2 infrastructure of choice
Its utility and ease of use, coupled with explosive growth in ransomware actions, makes Cobalt Strike Team Servers the C2 infrastructure of choice for malicious actors Continue Reading
-
News
17 Jan 2022
Test police algorithms in court rather than legislate, Lords told
Police algorithms and their impacts should be tested and challenged in court, rather than controlled by new laws, says policing minister Continue Reading
-
News
17 Jan 2022
‘Russian-backed’ hackers defaced Ukrainian websites as cover for dangerous malware attack
Kiev claims that a hacking group in Belarus – a close ally of Russia – was responsible for hacking Ukrainian government websites amid threats of military action Continue Reading
-
News
17 Jan 2022
Top three questions about the Log4j vulnerability
Singapore’s Ensign Infosecurity answers the top three questions about the impact of the Log4j vulnerability Continue Reading
-
News
17 Jan 2022
Umbrella firm Parasol confirms ‘malicious activity’ as root cause of ongoing systems outage
Umbella company confirms a ‘malicious activity on its network’ as the root cause of a systems outage that has delayed salary payments to thousands of contractors across the UK Continue Reading
-
News
14 Jan 2022
Nato offers tech support after 'massive cyber attack' hits Ukraine
Speculation mounts that Russia is behind a cyber attack which defaced Ukrainian government websites amid growing international tension Continue Reading
-
Podcast
14 Jan 2022
Podcast: 2022 compliance preview – GDPR goes global
We talk to Mathieu Gorge, CEO of VigiTrust, about what’s looming in compliance, with regulations based on the principles of the General Data Protection Regulation plus the concept of cyber accountability Continue Reading
-
News
14 Jan 2022
Umbrella company Brookson self-refers to NCSC following cyber attack on its network
Contractor payroll, accounting and compliance firm confirms its networks have been targeted by an ‘extremely aggressive’ cyber attack that has resulted in some of its systems being proactively taken offline Continue Reading
-
News
14 Jan 2022
Parasol systems outage leaves umbrella contractors facing late payments
Multi-day outage leaves umbrella company contractors working for payroll processing firm Parasol facing late salary payments, with the firm remaining tight-lipped over the cause of its technical difficulties Continue Reading
-
News
13 Jan 2022
Nordic companies targeted in wave of cyber attacks
After a slew of cyber attacks hit major companies in the Nordics at the end of last year, we look at how they were affected and how they have recovered Continue Reading
-
News
13 Jan 2022
NCSC sounds alarm over Russia-backed hacks
The UK’s National Cyber Security Centre joins US calls to be wary of Russian state interference in critical national infrastructure IT systems Continue Reading
-
News
13 Jan 2022
ICO investigates police use of app to covertly record calls from mobile phones
Surrey and Sussex police forces call in regulators after 1,000 police officers downloaded an app to covertly record phone calls on police-issued mobile phones Continue Reading
-
News
12 Jan 2022
MEPs demand EU probe into Pegasus spyware abuse
A group of European Parliament Members has called for an EU-wide investigation into NSO Group’s Pegasus spyware after it emerged EU member states may have used it Continue Reading
-
News
12 Jan 2022
UK government bodies challenged on secure identity
Public sector bodies in the UK recognise secure identity and access management as critical to the roll-out of digital services, but face challenges in addressing this Continue Reading
-
News
12 Jan 2022
Microsoft fixes six zero-days in January Patch Tuesday update
A larger than of late Patch Tuesday update from Microsoft comes as defenders continue to grapple with Log4Shell Continue Reading
-
News
12 Jan 2022
Dutch cyber volunteers receive major funding boost
The Dutch Institute for Vulnerability Disclosure has received a $100,000 donation to expand the scope of its work Continue Reading
-
News
12 Jan 2022
Macquarie joins NSW government’s cloud supplier panel
New South Wales state agencies will be able to access Macquarie’s sovereign cyber expertise and secure cloud, network and datacentre services Continue Reading
-
News
11 Jan 2022
Almost half of Log4j downloads still dangerously exposed
Whether by error or design is unclear, but a great many IT teams are still exposing themselves by downloading outdated, insecure versions of Apache Log4j Continue Reading
-
Definition
11 Jan 2022
Public-Key Cryptography Standards (PKCS)
Public-Key Cryptography Standards (PKCS) are a set of standard protocols, numbered from 1 to 15. Continue Reading
-
Definition
11 Jan 2022
Rijndael
Rijndael (pronounced rain-dahl) is an Advanced Encryption Standard (AES) algorithm. Continue Reading
-
News
11 Jan 2022
Banks accused of neglecting customer security measures
Which? singles out Metro Bank, Virgin Money and TSB over insecure online banking processes Continue Reading
-
News
11 Jan 2022
IT departments struggling to secure printer endpoints
Printers are at risk of attack, just as any other endpoint device, but many IT leaders are struggling to secure their print infrastructure Continue Reading
-
News
11 Jan 2022
Companies propose scanning content pre-encryption to fight CSAM
Firms working on the UK government’s Safety Tech Challenge have suggested that scanning content before encryption will help prevent the spread of child sexual abuse material – but privacy concerns remain Continue Reading
-
News
11 Jan 2022
Cyber security failure one of biggest risks facing countries and businesses, warns WEF
Cyber risks are among the top five risks facing organisations and governments over the next two to five years. Digital inequality and the over-crowding of space with communication satellites present further risks Continue Reading
-
News
11 Jan 2022
Proofpoint acquires Singapore data security startup
Proofpoint’s acquisition of Dathena will bolster its data loss prevention capabilities, enabling organisations to better understand information risk through the use of AI Continue Reading
-
Photo Story
10 Jan 2022
Blackberry OS end of support
The end of support for Blackberry's smartphone operating system represents the end of an era in mobile technology Continue Reading
-
Definition
10 Jan 2022
honeynet
A honeynet is a network set up with intentional vulnerabilities hosted on a decoy server to attract hackers. Continue Reading
-
News
10 Jan 2022
Ministry of Justice caught up in multiple cyber incidents
Besides multiple disclosed data breaches, department was also affected by two ransomware attacks Continue Reading
-
Definition
10 Jan 2022
trusted computing base (TCB)
A trusted computing base (TCB) is everything in a computing system that provides a secure environment for operations. Continue Reading
-
News
09 Jan 2022
Singapore retailer hit by data breach
The personal data of OG’s basic and gold members stored in a database managed by a third-party service provider was reportedly compromised Continue Reading
-
News
06 Jan 2022
France fines Facebook and Google over alleged cookie malpractice
French data protection authorities clamp down on tech platforms for purposely making it more burdensome for users to decline tracking cookies Continue Reading
-
News
05 Jan 2022
Judges to decide whether Assange can appeal against extradition as he reaches 1,000 days in jail
Mexican president Andrés Manuel López Obrador urges US to treat WikiLeaks founder Julian Assange with humanity and to consider Mexico’s offer to grant Assange asylum Continue Reading
-
News
05 Jan 2022
Google buys Siemplify in first phase of cyber investment
Once integrated into Google Cloud, Siemplify’s platform will serve as the basis for deeper security development at Google Continue Reading
-
Definition
04 Jan 2022
access log
An access log is a list of all requests for individual files -- such as Hypertext Markup Language files, their embedded graphic images and other associated files that get transmitted -- that people or bots have made from a website. Continue Reading
-
News
04 Jan 2022
Admins warned that Exchange date fix will take time to roll out
At the start of the New Year, Exchange 2016 and 2019 email servers started queuing email messages due to a date bug Continue Reading
-
News
03 Jan 2022
How APAC firms can stay ahead of cyber threats
Organisations will need to develop behavioural detection, machine learning and threat hunting capabilities to keep pace with the onslaught of cyber attacks Continue Reading
-
News
31 Dec 2021
Top 10 crime, national security and law stories of 2021
Here are Computer Weekly’s top 10 crime, national security and law stories of 2021 Continue Reading
-
News
30 Dec 2021
Top 10 technology and ethics stories of 2021
Here are Computer Weekly’s top 10 technology and ethics stories of 2021 Continue Reading
-
Definition
29 Dec 2021
smart card
A smart card is a physical card that has an embedded integrated chip that acts as a security token. Continue Reading
-
Feature
29 Dec 2021
Everything you need to know about ProxyShell vulnerabilities
Organizations need to patch their Exchange Servers to protect against the ProxyShell exploit. Learn how to do that and more here. Continue Reading
-
Opinion
23 Dec 2021
Vulnerabilities to fraud are increasing across the board
As the pandemic continues to affect how we work, socialise, shop and conduct business, so it has increased opportunities for digital fraud and cyber crime. Jason Lane-Sellers explores the latest LexisNexis Risk Solutions ‘Cybercrime report’ Continue Reading
-
Definition
23 Dec 2021
SPML (Services Provisioning Markup Language)
Services Provisioning Markup Language (SPML) is an open source XML-based standard that facilitates the exchange of account provisioning information among applications, services and organizations. Continue Reading
-
News
23 Dec 2021
Top 10 cyber security stories of 2021
Cyber security dominated the headlines in 2021, making it hard to gain a clear picture of what to pay attention to. What is an IT buyer to do? Continue Reading
-
Feature
22 Dec 2021
Is the IT sector beset by fear-mongering?
The arms race between hackers and security teams has led to a plethora of new technologies, but it can be hard to differentiate between sensible cyber purchases and those that are promoted by exaggerating risk Continue Reading
-
News
22 Dec 2021
Top 10 cyber crime stories of 2021
Cyber crime hit new heights and drew more attention than ever in 2021. We look back at the biggest stories of the year Continue Reading
-
Opinion
22 Dec 2021
How can you balance security with growth?
As businesses focus on recovery and growth, CISOs must deal with today’s challenges while also planning for tomorrow - how can they achieve both safety and success? Continue Reading
-
E-Zine
21 Dec 2021
What is Log4Shell - and why the panic?
In this week’s Computer Weekly, we assess the risks from Log4Shell, a new web software vulnerability described as “catastrophic”. We look at SASE – secure access service edge – which is set to be one of the networking priorities for 2022. And some victims of the Post Office IT scandal are still waiting for proper compensation. Read the issue now. Continue Reading
-
News
21 Dec 2021
IT Priorities 2022: Cloud-first mindset growing in India
Nearly half of organisations in India are expected to spend more on cloud services, underscoring the growing cloud-first mindset that is taking root in the subcontinent Continue Reading
-
E-Zine
20 Dec 2021
CW APAC: Expert guide to cloud migration
Organisations are increasingly moving their workloads to public cloud. In this handbook, focused on cloud migration in the Asia-Pacific region, Computer Weekly looks at the key strategies to follow, how HPE has transitioned into an as-a-service company, the adoption of cloud in Australia and why VMWare’s chief technology officer endorses a cross-cloud approach Continue Reading
- 20 Dec 2021
-
News
20 Dec 2021
Top 10 artificial intelligence stories of 2021
This year, artificial intelligence has moved to operationalisation, explainability and regulatory frameworks. Here are Computer Weekly’s top 10 artificial intelligence stories for 2021 Continue Reading
-
News
20 Dec 2021
Top 10 ransomware and backup stories of 2021
Key articles from 2021 that highlight the link between ransomware and snapshots and backup and their role in repelling attacks, plus effects of the pandemic on backup and recovery Continue Reading
-
Opinion
20 Dec 2021
Security Think Tank: Reframing CISO-boardroom relations
Security learning is a career-long process, so as 2021 draws to a close, participants in the Computer Weekly Security Think Tank sum up the most important cyber lessons they’ve taken away from the past 12 months Continue Reading
-
Opinion
17 Dec 2021
Security Think Tank: When will they ever learn?
Security learning is a career-long process, so as 2021 draws to a close, participants in the Computer Weekly Security Think Tank sum up the most important cyber lessons they’ve taken away from the past 12 months Continue Reading
-
News
17 Dec 2021
HSBC fined £64m for automated transaction monitoring failures
Bank hit by multimillion-pound fine for failures related to its transaction monitoring, which failed to spot potential money-laundering activity Continue Reading
-
Opinion
16 Dec 2021
Enabling secure remote working is once again a top priority
The pandemic has bought many new security risks, particularly around remote working. As the UK government once again urges people to work from home under its Plan B restrictions, these risks must be tackled as a priority Continue Reading
-
Definition
15 Dec 2021
spam filter
A spam filter is a program used to detect unsolicited, unwanted and virus-infected emails and prevent those messages from getting to a user's inbox. Continue Reading
-
News
15 Dec 2021
After Log4j, December Patch Tuesday piles on the pressure
December’s Patch Tuesday update from Microsoft contains several critical CVEs, but this month all attention is focused on the fall-out from Log4Shell, and burn-out is becoming a real issue Continue Reading
-
Opinion
15 Dec 2021
Security Think Tank: Get to know your personal threat landscape
Security learning is a career-long process, so as 2021 draws to a close, participants in the Computer Weekly Security Think Tank sum up the most important cyber lessons they’ve taken away from the past 12 months Continue Reading
-
News
15 Dec 2021
UK government to take ‘whole-of-society’ approach to cyber
Second iteration of the UK’s National Cyber Strategy broadens its focus to build a ‘whole-of-society’ security posture Continue Reading
-
Blog Post
15 Dec 2021
Log4Shell: Why aren't we taking the security of the internet seriously?
To be caught out once may be an oversight, and lessons can be learned. But twice over a seven year timespan, shows a laissez faire attitude to the stability of the internet. In 2014, Heartbleed ... Continue Reading
-
News
14 Dec 2021
Almost half of networks probed for Log4Shell weaknesses
Close to half of corporate networks have already been actively targeted by individuals seeking to exploit the critical Log4Shell Apache bug Continue Reading
-
Opinion
14 Dec 2021
Security Think Tank: We are failing to get the cyber message across to users
Security learning is a career-long process, so as 2021 draws to a close, participants in the Computer Weekly Security Think Tank sum up the most important cyber lessons they’ve taken away from the past 12 months Continue Reading
-
14 Dec 2021
Recovering from ransomware: One organisation’s inside story
In February 2021, French office equipment supplier Manutan fell victim to a DoppelPaymer ransomware hit. IT ops director Jérôme Marchandiau tells the inside story of the incident Continue Reading
-
14 Dec 2021
Online Safety Bill puts user protection onus on platform providers
The Online Safety Bill will place new duties and responsibilities on online platforms accessible from the UK, but as it currently stands, it contains several grey areas Continue Reading
-
E-Zine
14 Dec 2021
The rules for a safer internet
In this week’s Computer Weekly, as the government publishes the Online Safety Bill, we look at what the laws mean for internet services. A ransomware victim shares the insider story of the trauma of losing their corporate IT systems. And we ask, what happens when quantum computers get too powerful to verify their output? Read the issue now. Continue Reading
-
Definition
14 Dec 2021
Chernobyl virus
The Chernobyl virus is a computer virus with a potentially devastating payload that destroys all computer data when an infected file is executed. Continue Reading
-
Definition
13 Dec 2021
password salting
Password salting is a technique to protect passwords stored in databases by adding a string of 32 or more characters and then hashing them. Continue Reading
-
News
13 Dec 2021
What is Log4Shell, and why are we panicking about it?
It’s been described as a ‘design failure of catastrophic proportions’ that threatens the very fabric of the digital world. Find out what the Log4j2 Log4Shell panic is all about, and what you should do about it Continue Reading
-
Opinion
13 Dec 2021
Security Think Tank: There’s much more to do to secure hybrid workers
Security learning is a career-long process, so as 2021 draws to a close, participants in the Computer Weekly Security Think Tank sum up the most important cyber lessons they’ve taken away from the past 12 months Continue Reading
-
News
13 Dec 2021
Top IT predictions in APAC in 2022
Operationalising zero trust, talent retention and containerisation are just some of the key trends that will shape Asia-Pacific’s technology landscape in 2022 Continue Reading
-
News
10 Dec 2021
Julian Assange can be extradited to the US to face espionage and hacking charges, court rules
High Court overturns decision not to extradite WikiLeaks founder after US government gives assurances over his treatment Continue Reading
