IT security
-
News
25 Jul 2024
North Korean cyber APT targeting nuclear secrets
Mandiant has upgraded the North Korean threat actor known as Andariel to APT status and warned of coordinated efforts to steal western military IP, including nuclear secrets Continue Reading
-
Feature
25 Jul 2024
CrowdStrike update chaos explained: What you need to know
A botched software update at cyber security firm CrowdStrike has caused IT chaos around the world. Learn more about the global CrowdStrike update outage as it develops Continue Reading
-
News
30 Jan 2024
We need backup! Pennsylvania police data loss shows why
Police evidence systems data was lost during ‘routine maintenance’, with human error blamed – the case clearly illustrates why data protection can’t be left to chance Continue Reading
-
30 Jan 2024
Chat control: Tech companies warn ministers over EU encryption plans
Tech companies have written to EU ministers to urge them to back the European Parliament, rather than the European Commission, over proposed regulations to police child abuse. Continue Reading
-
E-Zine
30 Jan 2024
Tech companies warn EU over encryption plans
In this week’s Computer Weekly, tech companies are calling on the European Commission to rethink plans to weaken internet encryption – we explore the issues. We talk to credit rating agency Moody’s about why it thinks now is the time to start investing in quantum computing. And we examine how a different approach to recruitment could ease the datacentre sector skills gap. Read the issue now. Continue Reading
-
Definition
29 Jan 2024
indicators of compromise (IOC)
Indicators of compromise are unusual activities on a system or network that imply the presence of a malicious actor. Continue Reading
-
Feature
29 Jan 2024
Top 10 types of information security threats for IT teams
Know thine enemy -- and the common security threats that can bring an unprepared organization to its knees. Learn what these threats are and how to prevent them. Continue Reading
-
News
29 Jan 2024
Lords question legality of police facial recognition
Lords committee ‘deeply concerned’ about the rapid expansion of live facial recognition by UK police, which it says is progressing without any real oversight or accountability Continue Reading
-
Feature
29 Jan 2024
What developers need to know about LLMs in the enterprise
We look at the main areas enterprise developers need to consider when building, testing and deploying enterprise applications powered by large language models Continue Reading
-
News
26 Jan 2024
GenAI tools ‘could not exist’ if firms are made to pay copyright
AI firm Anthropic hits out at copyright lawsuit filed by music publishers, claiming the content ingested into its models falls under ‘fair use’ and that any licensing regime would be too complex and costly Continue Reading
-
Opinion
26 Jan 2024
Security Think Tank: Expect more from GenAI in 2024
But 2024 also feels slightly different; the past 12 months have seen generative AI burst on to the scene, and this year its impact will continue to be felt, says Turnkey Consulting's Harshini Carey. Continue Reading
-
Opinion
26 Jan 2024
Quantum, AI and geopolitical conflict: '24 will be a big year for cyber
With big trends like quantum, generative AI and geopolitical conflict, 2024 looks set to be a big year in security, but defenders have an unparalleled opportunity to harness these trends for good, says Quorum's Federico Charosky Continue Reading
-
News
26 Jan 2024
Akira ransomware gang claims Lush cyber attack
The Akira ransomware gang claims to have stolen over 100GB of data from cosmetics manufacturer and retailer Lush Continue Reading
-
News
26 Jan 2024
UK government consults on age verification tech in alcohol sales
The government has said it wants to allow the use of digital identities and various age-verification technologies in alcohol sales Continue Reading
-
Opinion
26 Jan 2024
Security Think Tank: What to expect in cyber this year
Risk arising from insecure generative AI, an explosion in mainstream acceptance of zero-trust, and increasingly tight cyber insurance policies will all be high on the agenda in 2024, writes Forrester senior analyst Alla Valente Continue Reading
-
Opinion
26 Jan 2024
Bulk sender authentication: More vital than ever
With new guidelines from Google and Yahoo governing bulk emails coming into force in February 2024, here's what you need to know to keep your sales and marketing lists compliant Continue Reading
-
Opinion
25 Jan 2024
The race to regulate AI: 2024 unpacked
EU’s AI Act is set to become ‘gold standard’ of AI regulation. Will other countries adopt the same high standards or like the UK opt for a light touch in favour of growth and investment? Continue Reading
-
News
25 Jan 2024
Bugcrowd sees surge in vulnerability submissions, led by public sector
Crowdsourced vulnerability disclosure and bug bounty platform Bugcrowd says it saw a 151% uptick in submissions related to government and public sector organisations in 2023 Continue Reading
-
Opinion
25 Jan 2024
Mitigating the risks of modern application development
Organisations need to have visibility over their software supply chain, secure and monitor interfaces to legacy systems and adopt zero trust to mitigate the risks of modern application development Continue Reading
-
Opinion
25 Jan 2024
Security Think Tank: 2024 is the year we bridge the cyber divide
ISACA's Steven Sim Kok Leong shares his thoughts on the coming year in cyber security, considering the impact of regulatory change, the evolving role of the CISO, and advances in innovative cyber tech Continue Reading
-
Definition
24 Jan 2024
encryption key management
Encryption key management is the practice of generating, organizing, protecting, storing, backing up and distributing encryption keys. Continue Reading
-
News
24 Jan 2024
WebKit vulnerability sparks Apple’s first major security update of 2024
A zero-day in the open source WebKit browser engine that powers Safari has sparked Apple’s first major patch roll-out of the new year Continue Reading
-
News
24 Jan 2024
Southern Water confirms cyber attack after Black Basta claims
Southern Water, which supplies millions of customers in southeast England, has confirmed it has fallen victim to a cyber attack, although its services appear to be running normally Continue Reading
-
News
24 Jan 2024
Inside Cisco’s security platform strategy
Raj Chopra, senior vice-president of Cisco’s security business, outlines the company’s security platform strategy and how it brought different products together into a single platform Continue Reading
-
News
24 Jan 2024
Critical vulnerability exposes Fortra GoAnywhere users
Fortra GoAnywhere MFT users must take steps to address a newly disclosed zero-day vulnerability without delay Continue Reading
-
News
24 Jan 2024
AI will heighten global ransomware threat, says NCSC
The benefits of artificial intelligence to cyber criminals being well-known, the NCSC now assesses it’s likely AI will soon be widely used to enhance ransomware attacks Continue Reading
-
News
24 Jan 2024
Salesforce’s bug bounty programme paid out $3m in 2023
Ethical hackers disclosed more than 4,000 vulnerabilities to Salesforce last year through its bug bounty programme, and received over $3m in rewards Continue Reading
-
News
24 Jan 2024
Cato claims world’s first SASE-based XDR
Generative AI, detection and response, endpoint protection and new incident response tools headline expansion of core secure access service edge platform beyond networking, threat prevention and data protection Continue Reading
-
Definition
23 Jan 2024
managed detection and response (MDR)
Managed detection and response (MDR) services are a collection of network-, host- and endpoint-based cybersecurity technologies that a third-party provider manages for a client organization. Continue Reading
-
Tip
23 Jan 2024
How to avoid malware on Linux systems
Malware attacks are devastating to companies, and there is no exception for Linux systems. Consider updating systems and assigning correct permissions. Continue Reading
-
Podcast
23 Jan 2024
Podcast: Storage and compliance outlook for 2024
Interesting times ahead in 2024 as we talk to Mathieu Gorge, CEO of Vigitrust, about updates to EU regs, PCI, NIST, post-Brexit divergence and 60 national elections across the globe Continue Reading
-
Feature
23 Jan 2024
Expert guide to e-discovery
An expert guide to why your organisation needs an electronic discovery policy and how to go about creating one Continue Reading
-
Feature
23 Jan 2024
Top incident response service providers, vendors and software
Get help deciding between using in-house incident response software or outsourcing to an incident response service provider, and review a list of leading vendor options. Continue Reading
-
Tip
23 Jan 2024
Building an incident response framework for your enterprise
Understanding incident response framework standards and how to build the best framework for your organization is essential to prevent threats and mitigate cyber incidents. Continue Reading
-
News
23 Jan 2024
Treat cyber risk like financial or legal issue, says UK government
UK government and NCSC launch proposed code of practice on cyber security governance to help directors and business leaders toughen their defences Continue Reading
-
News
23 Jan 2024
Leak of 26 billion records may prove to be ‘mother of all breaches’
The discovery of a dataset comprising 26 billion stolen records may prove to be record-breaking in both its size and the danger it poses to ordinary people Continue Reading
-
News
23 Jan 2024
SEC bitcoin hack was result of SIM-swapping
A cyber attack on the US financial regulator earlier in January 2024 occurred after hackers took over one of its mobile phone accounts in a so-called SIM-swapping attack Continue Reading
-
E-Zine
23 Jan 2024
Davos 2024: AI disinformation tops global risks
In this week’s Computer Weekly, AI-generated disinformation and misinformation will be the top risks for businesses, governments and the public over the next two years, according to the World Economic Forum. Intel’s CTO discusses the chip maker’s plans for the European market. And we examine the dearth of digital skills among elected officials. Read the issue now. Continue Reading
-
Feature
22 Jan 2024
6 must-read blockchain books for 2024
Numerous sources provide comprehensive information on blockchain fundamentals and applications. We narrowed the field to six of the most popular and diverse books available. Continue Reading
-
News
22 Jan 2024
SolarWinds hackers attack Microsoft in apparent recon mission
Russian-backed threat actor behind infamous 2020 SolarWinds Sunburst intrusion hacked into Microsoft’s systems, apparently in an attempt to get hold of intel on themselves Continue Reading
-
Feature
22 Jan 2024
How to build an incident response plan, with examples, template
With cyberthreats and security incidents growing by the day, every organization needs a solid incident response plan. Learn how to create one for your company. Continue Reading
-
News
22 Jan 2024
PAC calls on MoD to fix inventory management IT
The Public Accounts Committee is concerned that the ageing and fragmented IT systems used in the MoD’s inventory management puts front-line forces at significant risk Continue Reading
-
News
22 Jan 2024
Chat control: Tech companies warn ministers over EU encryption plans
Tech companies have written to EU ministers to urge them to back the European Parliament, rather than the European Commission, over proposed regulations to police child abuse Continue Reading
- Opinion 19 Jan 2024
-
News
19 Jan 2024
ICO prompts confusion over police cloud legality
The UK data regulator has suggested that, despite major data protection concerns, it is likely to greenlight police cloud deployments because of an information-sharing agreement with the US government Continue Reading
-
Definition
19 Jan 2024
security incident
A security incident is an event that could indicate that an organization's systems or data have been compromised or that security measures put in place to protect them have failed. Continue Reading
-
News
19 Jan 2024
Neighbouring Kent councils hit by simultaneous cyber attacks
Canterbury, Dover and Thanet Councils in Kent have all been struck by simultaneous cyber attacks knocking systems offline, with indications of a link between all three Continue Reading
-
Opinion
18 Jan 2024
Powering up cyber security defences with AI
AI holds great promise when it comes to securing valuable, and vulnerable, data, but security teams face some challenges if they are to get the best out of it, writes IBM’s Christopher Meenan Continue Reading
-
Blog Post
18 Jan 2024
The Last Word In Analysing SASE Offerings: Evaluation Advice
DEFINING A Network Scorecard For Evaluating SASE Cloud Solutions While it could be argued that there are a near-infinite number of variables – and very few constants – that go into defining a SASE ... Continue Reading
-
News
18 Jan 2024
Cyber non-profit enlists ex-NCSC head as technical chair
Founding NCSC chief exec Ciaran Martin is to join the newly launched Cyber Monitoring Centre non-profit as chair of its technical committee Continue Reading
-
News
17 Jan 2024
NCSC invites security pros to join the big leagues
The NCSC is inviting security pros from across the UK to sign up to work with its experts on an intelligence-sharing initiative Continue Reading
-
Feature
17 Jan 2024
Biometric revolution in IAM: The future of authentication
The IAM landscape is experiencing profound change thanks to the advent of biometrics. Learn about the latest advantages and key benefits of biometrics in identity Continue Reading
-
Feature
17 Jan 2024
Cloud-to-cloud backup: What it is and why you (probably) need it
Basic cloud data protection is just not enough. Several loopholes leave business data vulnerable and that means additional cloud-to-cloud backup should be seriously considered Continue Reading
-
News
17 Jan 2024
The Security Interviews: Rebecca Taylor, SecureWorks Counter Threat Unit
In October 2023, Rebecca Taylor of the SecureWorks Counter Threat Unit was recognised at the annual Security Serious Unsung Heroes Awards for her work. Computer Weekly caught up with her to talk mentoring, cyber career development and diversity Continue Reading
-
Tip
17 Jan 2024
CERT vs. CSIRT vs. SOC: What's the difference?
What's in a name? Parse the true differences between a CERT, a CSIRT, a CIRT and a SOC, before you decide what's best for your organization. Continue Reading
-
News
17 Jan 2024
Victims of 2023 Capita data breaches head to High Court
More than 5,000 people impacted by data breaches arising from two cyber incidents affecting outsourcer Capita have joined a group action lawsuit Continue Reading
-
Blog Post
17 Jan 2024
Tape is back on the main menu
The news that another of the big players in global file systems, Hammerspace, has integrated tape access into its data orchestration software should remind us all that tape’s modern incarnations ... Continue Reading
-
News
17 Jan 2024
Singapore proposes governance framework for generative AI
AI Verify Foundation and Infocomm Media Development Authority have proposed a governance framework for generative AI to address the risks and concerns about the emerging technology Continue Reading
-
Feature
17 Jan 2024
How to create a CSIRT: 10 best practices
The time to organize and train a CSIRT is long before a security incident occurs. Certain steps should be followed to create an effective, cross-functional team. Continue Reading
-
News
16 Jan 2024
Kaspersky shares Pegasus spyware-hunting tool
Kaspersky has developed a way of easily exposing the presence of Pegasus spyware on iOS devices and believes its methodology may also help users identify other such surveillance malware Continue Reading
-
News
16 Jan 2024
Republic of Ireland publishes progress update on digital strategy
Update reveals 2.3 million people in Ireland now have MyGovID accounts, and the Irish government plans to launch a new digital portal for businesses, as well as establishing an AI advisory council imminently Continue Reading
-
Opinion
16 Jan 2024
The human toll of ransomware: how IT pros suffer during incidents
Any ransomware attack causes significant challenges for a business or organisation going through such incident. But ransomware attacks also have tremendous impact on the staff – especially IT teams – working on mitigating the attack’s effect Continue Reading
-
News
15 Jan 2024
British Library catalogues back online after ransomware attack
The British Library has restored online access to its main catalogue of nearly 40 million items on a limited basis as it continues the long and arduous process of recovering from a ransomware attack Continue Reading
-
News
15 Jan 2024
Cosmetics retailer Lush dealing with mystery cyber incident
Cosmetics retailer Lush confirms it’s investigating a cyber attack of an undisclosed nature, but key public-facing systems appear to be unaffected Continue Reading
-
Feature
15 Jan 2024
British Library cyber attack explained: What you need to know
In this essential guide, Computer Weekly investigates the cyber attack on the British Library that has rendered IT systems inoperable and caused service disruption to thousands of users Continue Reading
-
News
15 Jan 2024
Russia hacked ex-MI6 chief’s emails – what they reveal is more Dad’s Army than deep state
A Russian hacking group that published emails of ex-MI6 chief Richard Dearlove claimed to have uncovered a conspiracy, but it was more Dad’s Army than the ‘deep state’, Computer Weekly and Byline Times reveal Continue Reading
-
News
15 Jan 2024
How legal disclosure failures disrupted the Post Office Horizon inquiry
From overly narrow search terms, overzealous deduplication of documents and failed email migrations, poor management of legal discovery has delayed justice for postmasters in the Horizon inquiry Continue Reading
-
News
15 Jan 2024
EU amendment changes open source definition
The EU Cyber Resilience Act has the potential to cause confusion among open source developers, with questions remaining over open development Continue Reading
-
News
15 Jan 2024
IT failure caused weekend chaos at Sussex hospitals
The critical incident at University Hospitals Sussex NHS Foundation Trust, caused by IT issues on Sunday night, has now been resolved Continue Reading
-
News
15 Jan 2024
NCA director sacked after WhatsApp and email security breaches
Nikki Holland, former director of investigations at the NCA, was sacked for “misconduct” after sending sensitive NCA information over personal email and WhatsApp Continue Reading
-
Opinion
15 Jan 2024
How the UK is supporting the Ukraine tech community
The launch of a TechBridge between UK and Ukraine allow IT experts from each country to collaborate and share experiences Continue Reading
-
Tip
12 Jan 2024
Incident response: How to implement a communication plan
Communication is critical to an effective incident response plan. Here are five best practices for communication planning and a free, editable template to get started. Continue Reading
-
Feature
12 Jan 2024
10 types of security incidents and how to prevent them
Cyberattacks are more varied and numerous than ever. Learn the key signs of common security incidents and how to respond to keep systems and data safe. Continue Reading
-
News
12 Jan 2024
UK government seeks public views on impacts of AI-generated porn
The government’s Pornography Review will look in part at the use of AI throughout the industry to generate sexually explicit content without people’s consent Continue Reading
-
News
11 Jan 2024
Cisco fixes high-impact flaw in unified comms platform
Cisco unified comms customers are urged to patch a critical vulnerability in Unity Connection, a messaging and voicemail product Continue Reading
-
Opinion
11 Jan 2024
Redefining the cyber domain to tackle the challenges of tomorrow
Emerging technologies have brought about a new age of cyber – and we need a 360-degree collaborative approach more than ever to succeed Continue Reading
-
News
10 Jan 2024
Davos 2024: AI-generated disinformation poses threat to elections, says World Economic Forum
Disinformation and misinformation are the top risks facing businesses, governments and the public over the next two years Continue Reading
-
News
10 Jan 2024
Windows Kerberos, Hyper-V vulns among January Patch Tuesday bugs
Microsoft starts 2024 right with another slimline Patch Tuesday drop, but there are some critical vulns to be alert to, including a number of man-in-the-middle attack vectors Continue Reading
-
News
10 Jan 2024
SEC social media hack highlights value of MFA
The US SEC briefly appeared to approve new bitcoin trading rules after a social media account was targeted by troublemakers, proving the value of MFA once again Continue Reading
-
News
10 Jan 2024
Scotland ‘sleepwalking’ to mass surveillance with DPDI Bill
The independent checks and balances over biometrics and biometric-enabled surveillance must be strengthened to prevent Scotland from sliding into a surveillance state along with the rest of the UK Continue Reading
-
News
09 Jan 2024
Babuk Tortilla ransomware decryptor made available
A joint effort between Cisco Talos, Avast and the Dutch police will bring relief to many victims of a variant of the Babuk ransomware known as Tortilla Continue Reading
-
Opinion
09 Jan 2024
Inadequate cloud logs are proving a headache for CISOs
The mass adoption of cloud environments is pushing strained CISOs to the brink and a lack of attention to logging isn't helping. Vectra's Mark Wojtasiak calls for organisations to do more to improve visibility in their clouds in 2024 Continue Reading
-
News
09 Jan 2024
Study reveals cyber risks to US elections
With the 2024 US presidential election cycle beginning, a study produced by Arctic Wolf has highlighted big gaps in preparedness and resourcing at government bodies across the US Continue Reading
-
Feature
09 Jan 2024
Top incident response tools: How to choose and use them
The OODA loop helps organizations throughout the incident response process, giving insight into the incident response tools needed to detect and respond to security events. Continue Reading
-
Feature
09 Jan 2024
How to fix the top 5 cybersecurity vulnerabilities
Check out how to fix five top cybersecurity vulnerabilities to prevent data loss from poor endpoint security, ineffective network monitoring, weak authentication and other issues. Continue Reading
-
Feature
09 Jan 2024
Top 30 incident response interview questions
Job interviews are nerve-wracking, but preparation can minimize jitters and position you to land the role. Get started with these incident response interview questions and answers. Continue Reading
-
Blog Post
09 Jan 2024
The future of CISOs in APAC
This is a guest post by Geoffrey Coley, regional chief technology officer for Asia-Pacific at Veritas Technologies The pace at which the cyber threat landscape is evolving with the use of malicious ... Continue Reading
-
Feature
08 Jan 2024
How to become an incident responder: Requirements and more
Incident response is a growth area that provides career advancement options and a good salary. Here's an in-depth look at job requirements, salaries and available certifications. Continue Reading
-
News
08 Jan 2024
British Library ransomware attack could cost up to £7m
The cost of recovering the British Library’s ransomware-stricken IT systems could be up to £7m, it has emerged Continue Reading
-
News
08 Jan 2024
Inside the Met Police’s investigation into EncroChat crime gangs
The Met’s senior investigating officer responsible for investigating criminals using the EncroChat encrypted phone network tells the inside story of the UK’s biggest organised crime bust in a BBC podcast series released this week Continue Reading
-
Opinion
05 Jan 2024
Mind the gap: AI leaders pulling ahead as LLMs take off
Advice on how to implement large language models safely within an enterprise IT environment Continue Reading
-
Definition
04 Jan 2024
computer security incident response team (CSIRT)
A computer security incident response team, or CSIRT, is a group of IT professionals that provides an organization with services and support surrounding the assessment, management and prevention of cybersecurity-related emergencies, as well as coordination of incident response efforts. Continue Reading
-
News
04 Jan 2024
Celona and Palo Alto partner to enhance private 5G network security
Wireless services specialist Celona and security firm Palo Alto Networks are coming together to enhance device protection for organisations operating private mobile networks Continue Reading
-
News
03 Jan 2024
Dutch working to promote cooperation in Europe to keep internet safe
A Dutch cooperative approach offers national and international cooperation opportunities for ISPs to guard against DDoS attacks, lawful interception and detect abuse in networks Continue Reading
-
News
03 Jan 2024
Fighting money laundering with AI
Mike Foster, CEO of SymphonyAI Sensa-NetReveal, talks up how AI can be used to fight financial crime and how the company’s technology can augment existing AML investments Continue Reading
-
News
02 Jan 2024
China’s UNC4841 pivots to new Barracuda ESG zero-day
The Chinese state threat actor behind a series of cyber attacks on Barracuda Networks customers embarked on a campaign targeting the supplier’s email security products in the run-up to Christmas Continue Reading
-
News
02 Jan 2024
Cloudflare eyes GenAI workloads with Workers AI
Cloudflare’s Workers developer platform is touted to make it easier for organisations to deploy GenAI capabilities at the edge to speed up inferencing Continue Reading
-
Blog Post
29 Dec 2023
2024: Putting Cyber Resilience into Social, Political, Business and Budget context.
On-line Safety, Safeguarding, Security, Counter-fraud and Resilience matter to voters and business. Cyber does not ... until they become victims ... Online crime is, however, now the world’s third ... Continue Reading
-
News
29 Dec 2023
Top 10 India IT stories of 2023
We recap the year’s top 10 stories in India, including the country’s datacentre boom and innovations in space and agriculture technologies Continue Reading
-
News
29 Dec 2023
Top 10 AI regulation stories of 2023
From the UK government’s publication of its long-awaited AI whitepaper to its convening of the world’s first AI Safety Summit, here are Computer Weekly’s top 10 AI regulation stories of 2023 Continue Reading
-
Feature
28 Dec 2023
Decoding zero trust in endpoint security: A practical guide for CISOs
The exponential increase in endpoints has vastly expanded the average organisation’s attack surface – address this by applying zero-trust best practice to endpoints Continue Reading
-
News
28 Dec 2023
Top 10 technology and ethics stories of 2023
Here are Computer Weekly’s top 10 technology and ethics stories of 2023 Continue Reading