IT security
-
Opinion
01 May 2025
Explaining what’s happening in a cyber attack is hard but crucial
The recent attacks on Marks & Spencer, Harrods and the Co-op show why it is essential for organisations to have a strategy to communicate effectively with customers affected. Continue Reading
-
News
01 May 2025
Harrods becomes latest UK retailer to fall victim to cyber attack
Harrods confirms it has become latest UK retailer to experience a cyber attack, shutting off a number of systems in an attempt to lessen the impact. Continue Reading
-
Feature
27 Apr 2021
Applying web application reconnaissance to offensive hacking
Learn how to apply web application reconnaissance fundamentals to improve both offensive and defensive hacking skills in an excerpt of 'Web Application Security' by Andrew Hoffman. Continue Reading
-
Feature
27 Apr 2021
Collaboration is key to a secure web application architecture
Author Andrew Hoffman explains the importance of a secure web application architecture and how to achieve it through collaboration between software and security engineers. Continue Reading
-
News
27 Apr 2021
UK supermarkets to trial age estimation tech for alcohol purchases
Biometric age estimation technology developed by Yoti to be tested in UK supermarkets for alcohol purchases as part of government-led digital identities initiative Continue Reading
-
News
27 Apr 2021
Total cost of ransomware attack heading towards $2m
Sophos’ latest study finds that ransomware attacks are proving increasingly disruptive to their victims’ finances Continue Reading
-
News
27 Apr 2021
Leaky Azure storage account puts software developer IP at risk
Source code for multiple products was left exposed in an unsecured Microsoft Azure cloud storage account, say researchers, but attributing responsibility for the error has proved difficult Continue Reading
-
Opinion
27 Apr 2021
Why we need to reset the debate on end-to-end encryption to protect children
Private messaging is the front line of abuse, yet E2EE in its current form risks engineering away the ability of firms to detect and disrupt it where it is most prevalent Continue Reading
-
News
27 Apr 2021
Apple OS updates patch multiple security holes
The much-heralded release of the privacy-centric iOS 14.5 also brings patches for multiple CVEs, and users of Apple smartphones, tablets and notebooks are best advised to update as soon as possible Continue Reading
-
Podcast
27 Apr 2021
Uber drivers’ resistance and the gig economy – Computer Weekly Downtime Upload podcast
In this episode of the Computer Weekly Downtime Upload podcast, Caroline Donnelly and Brian McKenna are joined by Sebastian Klovig Skelton to discuss the legal campaign by Uber drivers for the right to be recognised as workers Continue Reading
-
News
27 Apr 2021
North London school wins NCSC girls’ cyber challenge
Highgate School in North London is the winner of this year’s CyberFirst Girls security competition Continue Reading
-
News
27 Apr 2021
The Security Interviews: Making sense of outbound email security
Screening inbound emails is an accepted part of an organisation’s security posture, but the topic of securing outbound traffic is less often discussed. Zivver’s Rick Goud is on a mission to change this Continue Reading
-
E-Zine
27 Apr 2021
Justice at last in Post Office IT scandal
In this week’s Computer Weekly, 12 years after we broke the story, victims of the Post Office IT scandal finally have their criminal convictions overturned. We take a virtual tour of a Microsoft datacentre and meet a server called ‘Mega-Godzilla Beast’. And we find out how technology is transforming Nationwide Building Society. Read the issue now. Continue Reading
-
News
27 Apr 2021
UnitingCare Queensland hit by cyber attack
Healthcare service provider UnitingCare Queensland was reportedly hit by a ransomware attack that crippled several IT systems Continue Reading
-
News
26 Apr 2021
French legal challenge over EncroChat cryptophone hack could hit UK prosecutions
Lawyers are challenging the legality of a French police operation to harvest tens of thousands of messages from the EncroChat encrypted phone network in a move that could overturn criminal prosecutions in the UK Continue Reading
-
Definition
26 Apr 2021
Tor browser
The Tor (the onion routing) browser is a web browser designed for anonymous web surfing and protection against traffic analysis. Continue Reading
-
News
26 Apr 2021
How Toffs is seizing Asia’s CDN market
Toffs Technologies is eyeing second- and third-tier cities in Asia as it bolsters its infrastructure and experiments with the use of home networks as content delivery networks Continue Reading
-
News
23 Apr 2021
‘Spy cops’ victims share ongoing data protection concerns
Under Cover Policing Inquiry will consider whether the extensive amount of personal data collected about left-wing activists by the Special Demonstration Squad was justified, as witnesses question whether information about them is still being collected Continue Reading
-
News
22 Apr 2021
GCHQ: Cyber investment a guarantor of UK’s global status
GCHQ director Jeremy Fleming sets out a vision for the UK’s cyber security future Continue Reading
-
News
22 Apr 2021
Researchers shed more light on APT29 activity during SolarWinds attack
RiskIQ’s Atlas threat intel team uncovers new patterns and threat infrastructure used in the SolarWind’s attacks Continue Reading
-
News
22 Apr 2021
Automation, zero-trust, API-based security priorities for EMEA CISOs
Report by FireMon sheds light on buyer behaviour across the EMEA region Continue Reading
-
News
22 Apr 2021
ToxicEye malware exploits Telegram messaging service
The Telegram instant messaging service is being used by malicious actors to manage a remote access trojan called ToxicEye Continue Reading
-
Opinion
22 Apr 2021
Security Think Tank: Security culture must underpin vaccine passports
What are the security challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind? Continue Reading
-
News
21 Apr 2021
NCSC offers teachers free cyber security training
The NCSC’s latest security training offer builds on a package of measures designed to protect schools from cyber attack Continue Reading
-
News
21 Apr 2021
EU lays out plans to regulate AI development
Proposal aims to encourage the development of ethical artificial intelligence systems that do not infringe the human rights of EU citizens Continue Reading
-
News
21 Apr 2021
SonicWall Email Security zero-days need urgent patch
Users of SonicWall Email Security are advised to patch immediately, but the supplier is being criticised for the pace of its response Continue Reading
-
News
21 Apr 2021
Time is running out to probe networks for Emotet
Security teams will lose an unprecedented opportunity to gain valuable intelligence to enhance their defences when Emotet is finally ‘executed’ in a few days’ time Continue Reading
-
News
20 Apr 2021
Health app myGP adds Covid-19 vaccine passport function
The new feature is described as the UK’s first NHS-assured Covid-19 certification feature Continue Reading
-
News
20 Apr 2021
UK’s proposed IoT cyber security law gathers momentum
New statistics appear to vindicate UK government proposals to force suppliers to be upfront about IoT security Continue Reading
-
News
20 Apr 2021
Chinese APT exploits critical CVE in Pulse Secure VPN
A newly disclosed vulnerability in Pulse Secure’s VPN is being exploited by a Chinese advanced persistent threat group – assume compromise and mitigate today Continue Reading
-
Opinion
20 Apr 2021
Security Think Tank: ‘Legitimate interest’ crucial for vaccine passports
What are the security issues and challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind? Continue Reading
-
News
20 Apr 2021
Codecov supply chain attack has echoes of SolarWinds
Supply chain attack on code auditing service may have compromised the likes of HPE and IBM Continue Reading
-
Blog Post
20 Apr 2021
Lack of leadership, confusion and frustration - the state of digital identity in the UK
To nobody’s surprise, efforts by a group of peers to force the government to accelerate progress on digital identity in the UK foundered in the House of Lords yesterday (20 April 2021). Baroness ... Continue Reading
-
E-Zine
20 Apr 2021
Shop and go – will Amazon’s cashless ‘just walk out’ store work?
In this week’s Computer Weekly, Amazon has opened its first ‘just walk out’ grocery store in the UK, but is it the right time to hit the high street? We examine the human and technical issues around email security. And we analyse Microsoft’s $19bn purchase of voice recognition supplier Nuance. Read the issue now. Continue Reading
-
20 Apr 2021
Does email security need a human solution or a tech solution?
People spend a lot of time using email systems, but many do not realise that this makes them attractive targets for cyber criminals. With education and technology, businesses can tackle this problem head-on. Continue Reading
-
News
20 Apr 2021
Singapore’s ViewQwest debuts security service
ViewQwest’s SecureNet service uses Palo Alto Networks’ next-generation firewall with deep packet inspection capabilities to guard against cyber threats Continue Reading
-
News
19 Apr 2021
YouGov incentivises sharing of personally identifiable information
YouGov Safe is a new service to help organisations target consumers more precisely, where people can select how much personal data they wish to share Continue Reading
-
News
18 Apr 2021
Government puts Facebook under pressure to stop end-to-end encryption over child abuse risks
Facebook faces growing government pressure to abandon its plans to offer users end-to-end encryption to secure the privacy of their messages as the NSPCC raises concerns about child protection Continue Reading
-
Opinion
16 Apr 2021
The Secret IR Insider’s Diary – from Sunburst to DarkSide
From dealing with SolarWinds fallout to ransomware attacks, it’s been a busy few weeks for the Secret IR Insider, but they've picked up some new tricks along the way Continue Reading
-
News
16 Apr 2021
Finnish government strengthens country’s IT network security
Finland’s government has created a new national organisation to help public and private bodies improve network security Continue Reading
-
News
15 Apr 2021
Dutch accuse UK of ‘damaging confidence’ by disclosing details of EncroChat police collaboration
The Dutch Public Prosecution Service claims Britain has damaged confidence by disclosing details of an international investigation into the EncroChat encrypted phone network to the courts Continue Reading
-
News
15 Apr 2021
Biden sanctions Russia over SolarWinds cyber attacks
US president imposes new sanctions on Russia following malicious cyber attacks against the US and allies Continue Reading
-
News
15 Apr 2021
University of Hertfordshire is latest academic cyber attack victim
Multiple systems are offline at the University of Hertfordshire following a cyber attack Continue Reading
-
News
15 Apr 2021
Microsoft is most impersonated brand in phishing attempts
Technology companies continue to be frequently spoofed by cyber criminals in their phishing attempts Continue Reading
-
News
15 Apr 2021
Ireland’s DPC launches probe into Facebook leak
The Irish Data Protection Commission has launched an ‘own volition’ inquiry into the leak of data from 500 million Facebook profiles Continue Reading
-
E-Zine
15 Apr 2021
CW Middle East: Qatari regulator launches platform to help combat money laundering
The Qatar Financial Markets Authority is using a digital platform to enable financial services professionals to assess their knowledge of anti-money laundering and combating the financing of terrorism. Also in this issue, read how the Covid-19 pandemic has changed the IT spending patterns among enterprises in Saudi Arabia. Continue Reading
-
News
15 Apr 2021
How Windows patching leaves security exposed
Four years on since it devastated IT systems across the NHS, WannaCry remains a threat to organisations around the world Continue Reading
-
News
14 Apr 2021
FBI accesses ProxyLogon target servers to disrupt cyber criminals
US Justice Department reveals successful court-authorised effort to clamp down on ProxyLogon exploitation Continue Reading
-
News
14 Apr 2021
NSA unearths more MS Exchange vulnerabilities
Microsoft patches more critical vulnerabilities in Exchange Server a month after the ProxyLogon incident, after being warned by the US National Security Agency Continue Reading
-
Opinion
14 Apr 2021
Security Think Tank: Vaccine passports cannot be taken lightly
What are the security issues and challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind? Continue Reading
-
Opinion
14 Apr 2021
Security Think Tank: Vaccine passports must be secure by design
What are the security issues and challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind? Continue Reading
-
News
13 Apr 2021
MP told to ditch official email over hacking fears
MP Tom Tugendhat claims the intelligence services advised him to switch to the Gmail service due to concerns his parliamentary email could be hacked Continue Reading
-
News
13 Apr 2021
Covid-19 left people feeling vulnerable to cyber crime
Around 15 million people in the UK experienced cybercrime in the past 12 months, with a cumulative 64 million hours wasted dealing with the fallout Continue Reading
-
News
13 Apr 2021
Millions of devices at risk from NAME:WRECK DNS bugs
Newly disclosed set of nine DNS vulnerabilities puts over 100 million consumer, enterprise and industrial IoT devices at risk Continue Reading
-
News
13 Apr 2021
EncroChat lawyers raise questions over use of PII secrecy orders on UK decryption capabilities
Lawyers claim that public interest immunity certificates may have been used to withhold information on UK intelligence agencies’ ability to decrypt encrypted communications Continue Reading
-
News
12 Apr 2021
Vaccine passports and travel plans race up Covid threat charts
With lockdown restrictions easing in the UK, cyber criminals are tailoring their phishing lures to new areas of interest Continue Reading
-
Feature
12 Apr 2021
Why some jobseekers have turned to cyber crime during the pandemic
Research shows that many people have been seeking cyber crime-related work on the dark web, but why? Continue Reading
-
Opinion
12 Apr 2021
What has a year of home working meant for the DPO?
Byron Shirley of The Compliance Space explores how the role of the data protection officer has changed in the past 12 months Continue Reading
-
News
11 Apr 2021
Executive interview: Unleashing blockchain’s potential
Labrys founder and CEO Lachlan Feeney offers his observations about blockchain adoption in Australia, and what his firm is doing to help organisations unleash the full potential of the technology Continue Reading
-
Blog Post
11 Apr 2021
How do YOU find and attract the Cybersecurity skills/talent YOU need?
Review the salaries you offer to Cybersecurity and Computer Science Graduates - unless your policy is to pay more for those implementing security by design. If you are worried about losing those ... Continue Reading
-
News
09 Apr 2021
Egypt, Italy and US most affected in Facebook leak
Researchers at VPN firm Surfshark have been analysing data on 533 million people leaked from Facebook Continue Reading
-
News
09 Apr 2021
NCSC: Using your pet’s name as a password is very stupid
If your email password is still Rex, Rover or Mr Fluffles, it’s probably best to change it, the NCSC has said Continue Reading
-
News
09 Apr 2021
Cring ransomware hits ICS through two-year-old bug
A long-disclosed vulnerability in Fortinet’s Fortigate VPN servers is being exploited to distribute Cring ransomware Continue Reading
-
News
08 Apr 2021
Nation-state cyber attacks double in three years
Cyber attacks backed by nation states are becoming more frequent and varied, moving the world closer to a point of ‘advanced cyber-conflict’, according to a University of Surrey research project Continue Reading
-
News
07 Apr 2021
Facebook ducks calls to apologise over huge data leak
Facebook gives its side of the story as data on millions of its users leaks, but is yet to apologise for security lapses that put half a billion people at risk of compromise Continue Reading
-
News
07 Apr 2021
A billion extra contactless payments in year since limit increase
Visa said there was an extra one billion contactless payments made by its customers last year Continue Reading
-
News
07 Apr 2021
Unpatched SAP applications are target-rich ground for hackers
Report from SAP and cyber threat research company Onapsis warns that hackers are attacking mission-critical SAP business applications that contain unpatched vulnerabilities Continue Reading
-
News
06 Apr 2021
Facebook data leak could be outside scope of GDPR
Regulators may be unable to do much about leaked data on 533 million Facebook users, as it seems to have been stolen before GDPR came into force Continue Reading
-
Blog Post
06 Apr 2021
API Daze
Earlier this week, the US Supreme Court ruled that Google did not infringe Oracle copyright on the Java SE API (application programming edition). The fact the US Supreme Court has digested a load ... Continue Reading
-
Blog Post
06 Apr 2021
What Agenda is the new GDS Director, Identity Assurance Programme expected to deliver?
Experience in "Significant agile programme management and/or major change delivery" will not be enough. The appointee will need the skills of Machiavelli and the luck of the Devil. Continue Reading
-
Tip
01 Apr 2021
5 endpoint security best practices to keep company data safe
With an expanding company perimeter, it's time to implement these endpoint security best practices, from asset discovery to device profiling. Continue Reading
-
News
01 Apr 2021
EncroChat hearings delayed as lawyers seek disclosure on police hacking
Court hearings precipitated by police cracking the EncroChat secure mobile phone network have been delayed after defence lawyers request further disclosures on police decryption capabilities Continue Reading
-
Feature
31 Mar 2021
How to build a honeypot to increase network security
Create a honeypot that will trap attackers and monitor their activities to enhance your organization's network security. This step-by-step guide takes you through the process. Continue Reading
-
News
31 Mar 2021
NHS is apparently closing security skills gap
By the end of 2020, there were more than twice as many in-house security professionals at NHS trusts as there were two years before Continue Reading
-
Opinion
31 Mar 2021
Security Think Tank: Evolving threats, tech, leaves CNI exposed
In light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
News
31 Mar 2021
Cyber Security Council to champion UK security pros
A new cyber security professional body has launched with the aim of developing and promoting UK cyber security excellence globally and growing the skills base Continue Reading
-
News
31 Mar 2021
Nordics run information sharing on digital vaccination passports
Nordic countries advance plans for digital Covid-19 vaccination passports in a bid to kick-start their economies Continue Reading
-
News
30 Mar 2021
Privacy campaigners hail legal victory over Hancock and Palantir
Civil liberties organisation OpenDemocracy says it has scored a legal victory over health secretary Matt Hancock regarding the involvement of Palantir in the NHS Covid-19 data store Continue Reading
-
News
30 Mar 2021
Ransomware attack on London schools highlights warnings
Ransomware attack on Harris Federation comes just days after a fresh NCSC alert for the education sector Continue Reading
-
Blog Post
30 Mar 2021
New cyberthreats remind us of the need for hyper-vigilance
This is a guest post by Kerry Singleton, managing director for cyber security at Cisco Asia-Pacific, Japan and China In recent weeks, we’ve seen a number of significant cybersecurity threats ... Continue Reading
-
News
30 Mar 2021
The Security Interviews: How to secure an F1 team in a pandemic
A multi-year digital transformation programme paid off for F1 team Williams Racing when the 2020 season was abruptly postponed thanks to Covid-19. Learn how the team’s CIO has been supporting remote working and protecting data Continue Reading
-
News
29 Mar 2021
UK courts face evidence ‘black hole’ over police EncroChat mass hacking
French investigators have refused to disclose how they downloaded millions of messages from a supposedly secure cryptophone network used by organised criminals – leaving UK courts to grapple with a forensic ‘black hole’ of evidence Continue Reading
-
News
29 Mar 2021
Cyber attack takes Channel Nine off-air
The Australian broadcaster was hit by an alleged ransomware attack that disrupted broadcasting operations in its Sydney studio Continue Reading
-
Feature
29 Mar 2021
Ecolabels and data sanitisation key to recycling and reusing IT assets
Ecolabels on hardware and data sanitisation of devices are key to recycling and reusing old IT equipment respectively, helping enterprises avoid unnecessary asset destruction and contributing to increasingly high levels of electronic waste globally Continue Reading
-
News
29 Mar 2021
CW Innovation Awards: SIA taps blockchain for loyalty app
Singapore Airlines, winner of the transportation category in this year’s CW Innovation Awards APAC, expands its blockchain-based digital wallet into a broader digital lifestyle platform Continue Reading
-
News
26 Mar 2021
Surveillance expert ‘unfairly’ refused job at intelligence regulator after MI5 intervened
The Home Office unfairly refused Eric Kind, a specialist in criminal justice and UK surveillance law, clearance for a job at an intelligence watchdog after MI5 claimed he was “insufficiently deferential” Continue Reading
-
Feature
26 Mar 2021
Backup appliances the hot topic for Pas-de-Calais fire brigade
With requirements for strict, long-duration backup and archiving, French fire brigade set out to replace optical media with a StorageCraft appliance and disaster-proof storage Continue Reading
-
News
26 Mar 2021
Retailer FatFace pays $2m ransom to Conti cyber criminals
Retailer FatFace paid out a $2m ransom to restore its data following a January 2021 cyber attack by the Conti ransomware syndicate Continue Reading
-
News
26 Mar 2021
Leading Israeli IoT firm lands in US as worldwide malware attacks surge
With US end-user internet of things devices expected to grow to $1.6tn by 2025 and with more than 5.4 billion IoT connected devices in North America alone, tech firms and the black hat community are weighing up the potential Continue Reading
-
Blog Post
26 Mar 2021
Zombified Gov.uk Verify is officially dead - so what's next?
The UK government has finally admitted in public for the first time that its flagship digital identity programme, Gov.uk Verify, is dead. This will be no surprise to anyone following the project, ... Continue Reading
-
News
26 Mar 2021
Remote working burn-out a factor in security risk
After a year of working from the kitchen table, stress and burn-out are increasing, giving rise to more security risks – and Millennials seem to be particularly affected Continue Reading
-
News
26 Mar 2021
‘Major’ security flaw detected in 5G core network slicing design
Mobile security specialist details potentially revenue-threatening vulnerabilities with key element of next-generation networks and reveals plans to work with industry to provide mitigation prior to widespread deployments Continue Reading
-
News
25 Mar 2021
Cyber security complacency puts UK at risk, says NCSC head
National Cyber Security Centre CEO Lindy Cameron, in her maiden speech in the role, warns of challenges ahead for the UK and sets out the future agenda for cyber Continue Reading
-
News
25 Mar 2021
TUC warns of gaps in British law over use of AI at work
The TUC has published a report warning of AI-powered discrimination against working people enabled by gaps in existing British employment law Continue Reading
-
News
25 Mar 2021
Warning: AWS IAM behaves differently to directory services
IT admins use group policies to manage user access via Active Directory, but AWS takes a subtly different approach, which can be exploited Continue Reading
-
News
25 Mar 2021
Four in five UK businesses seek new security suppliers
Decision-makers are ready to buy new security technology, but suppliers must pay close attention to how they present themselves Continue Reading
-
News
25 Mar 2021
Facebook disrupts Chinese espionage operation
Social media giant’s in-house security team has tracked down and disrupted a long-running Chinese campaign targeting the Uighur Muslim minority Continue Reading
-
News
25 Mar 2021
More than £34.5m stolen in pandemic scams over past year
City of London Police and National Cyber Security Centre report large uptick in threats and crime related to Covid-19 over the past year, in some cases directed specifically at health organisations Continue Reading
-
News
24 Mar 2021
Oil giant Shell hit through Accellion FTA breach
Energy firm discloses cyber attack through Accellion File Transfer Appliance Continue Reading
-
News
24 Mar 2021
Apparent drop in cyber incidents highlights underlying problems
UK organisations report fewer cyber security incidents, but the headline data masks more serious issues, according to a report Continue Reading
-
News
24 Mar 2021
UK faces significant cyber talent shortfall
Cyber security sector is struggling to attract the talented workforce it needs Continue Reading
-
News
24 Mar 2021
Cyber criminals forging Covid-19 vaccine certificates
Vaccine passports and certificates are gaining mainstream traction, which means cyber criminals are also on the bandwagon Continue Reading