Network security management

Websites hacked to show child abuse images

More than 25 business websites worldwide have been hacked to show illegal images of child sex abuse Continue Reading

Big data journalism exposes offshore tax dodgers

How journalists harnessed big data to challenge offshore financial secrecy Continue Reading

Continual vigilance key to security, says Damballa

UK businesses must update their approach to cyber security to look for signs of compromise continually Continue Reading

Securing your Wi-Fi data network

Has the 2007 assault on the Wi-Fi network of the US based TJX retail group shocked corporations enough to take note and ensure their networks are actually secure?CW Europe investigates the dip in high-profile security breaches, across the region. Continue Reading

IT security case studies

Four critical IT security case-studies selected from the winners of Computer Weekly's European User Awards for security Continue Reading

Needle in a Datastack: The rise of big security data

This research from McAfee investigates how well organisations are positioned to address the challenges of managing security in a world of ever increasing amounts and types of data. Continue Reading

IT Security Case Studies

Warwick Ashford presents 4 essential IT security case-studies selected from the winners of Computer Weekly's European User Awards. Continue Reading

UK takes cyber threats to infrastructure seriously

The UK is taking seriously potential cyber threats to critical national infrastructure, according to GCHQ head Iain Lobban Continue Reading

Security Think Tank: Prism unlikely to change much

Does the data collected by Prism put the US Government at risk from other state or non-state sponsored activists? Continue Reading

UK businesses failing to secure virtual environments, study finds

Most UK businesses are failing to secure data in virtual environments, a survey of IT decision makers has revealed Continue Reading

Telefonica Digital forms security group Eleven Paths

The business division of mobile operator Telefonica launches Eleven Paths, an independent company working on security issues in the workplace Continue Reading

Privileged accounts key to most APT attacks, says Cyber-Ark

The theft, misuse and exploitation of privileged accounts is becoming an increasingly key tactic in advanced persistent threat attacks Continue Reading

What’s to be done about data breach discovery?

The time from first contact by cyber attackers to the victim learning of it is still measured in months and years, not hours and days Continue Reading

CW buyer's guide: context-aware security

This 11-page Computer Weekly buyer's guide looks at how organisations should approach context-aware security technologies and what business benefits they can deliver. Continue Reading

CW Special Report on CSC

This 16-page report from Computer Weekly analyses the challenges facing CSC, its financial performance, the services it offers, its place in the IT market and its future strategy. Continue Reading

Another online firm hit by data breach

Online deals service LivingSocial is the latest company to report a breach of its computer systems that may mean attackers accessed customer details Continue Reading

Spam SMS messages drop following ICO penalty

The number of spam SMS messages has significantly reduced since government regulator ICO issued £440,000 fines last year Continue Reading

Infosec 2013: University research challenges reliability of IPS

Research shows intrusion prevention systems (IPS) are not as effective at detecting malicious activity as some might think Continue Reading

The internet of things is set to change security priorities

IT leaders must protect against the security risks introduced by the growing interaction between technology and the physical world. Continue Reading

Conficker makes way for web-based attacks, says Microsoft

Web attacks emerge as top threat as businesses finally begin to win the battle against Conficker and other worms, says Microsoft Continue Reading

Bots and web apps among top threats to data security, says Check Point

Bots, viruses, breaches and attacks are a constant and real threat to the information security of organisations Continue Reading

Porn websites pose malware risk, says researcher

Browsing popular pornography internet sites pose a growing risk of malware infection, according to a security researcher Continue Reading

Anonymous threatens to declare cyber war on North Korea

Anonymous hacktivist collective has threatened North Korea with cyber war if leader Kim Jong-un does not resign and install free democracy Continue Reading

UK government sets up cyber security fusion cell

A cyber security “fusion cell” for cross-sector threat data sharing aims to put government, industry and information security analysts side-by-side Continue Reading

Employees ignore security rules, say infosec pros

Most information security professionals believe corporate employees wilfully ignore security rules, survey at RSA Conference 2013 reveals Continue Reading

Case study: Hamilton Fraser embraces BYOD with MobileIron

How insurance firm Hamilton Fraser is using MobileIron to enable employees to bring their own devices while following company policy Continue Reading

What is RSA's build, buy, partner strategy?

Computer Weekly takes a closer look at RSA's build, buy, partner strategy Continue Reading

Security the future: Keeping up with the business

Gareth Lindahl-Wise, group information security manager at British American Tobacco, explains the company's approach to enterprise security architecture. Continue Reading

How to tackle big data from a security point of view

Before leaping into big data, companies must be clear what they are trying to achieve, otherwise their investment will be wasted Continue Reading

How to find the most vulnerable systems on your internal network

Most corporate networks share common vulnerabilities, but many could be mitigated with education in “hacker thinking” for technical staff Continue Reading

Why has NAC, like DLP, failed to take off?

Why are organisations not investing in systems that are designed to keep malicious actors out of their networks? Continue Reading

ICO hits Sony with £250,000 data breach penalty

The Information Commissioner’s office (ICO) has fined Sony Computer Entertainment Europe £250,000 for breaching the Data Protection Act Continue Reading

Why has DLP never taken off?

Why is data loss prevention (DLP) technology not being adopted if it provides the very protection most businesses need? Continue Reading

Business priorities: what to protect, monitor and test

How information security professionals can prioritise what to protect, monitor and test in the light of current budget and resource constraints Continue Reading

2012 Cost of Cyber Crime Study: UK

The 2012 Cost of Cyber Crime Study: United Kingdom is independently conducted by Ponemon Institute. The benchmark study, sponsored by HP Enterprise Security is based on a representative sample of 38 organisations in various industry sectors. Continue Reading

IT Security Purchasing Intentions 2013

This in-depth research from Computer Weekly and TechTarget reveals the IT security spending priorities of businesses in the UK and Europe. Continue Reading

Many UK firms underestimate cost of data breaches, study finds

Many UK organisations are still failing to understand the implications and costs of data breaches, a study has revealed Continue Reading

The Global State of Information Security Survey 2013: Key Findings

This global study examines the state of cyber-security and the impact of cyber crime and offers advice to businesses on reducing the risks. Continue Reading

Hacking attempts to top one billion in Q4, predicts NCC Group

One billion hacking attempts will be made globally in the final quarter of 2012, according to information assurance firm NCC Group Continue Reading

Police arrest man for DDoS attacks on Theresa May sites

Police have arrested a 41-year-old man in connection with a cyber attack on websites connected to home secretary Theresa May Continue Reading

‘VM-aware’ viruses on the rise

Viruses targeting virtual machines (VM) are growing in numbers and will soon be the dominant force in the world of cyber crime, says Kaspersky Continue Reading

IT security budgets mismatched to hacker targets, study shows

IT security budgets are not being used to provide defence technologies in some areas most likely to be targeted by hackers, a study shows Continue Reading

ICO hits Stoke-on-Trent City Council with £120,000 fine

Stoke City Council has breached the Data Protection Act, for the second time in two years, after details of a child protection legal case were emailed to the wrong person. Continue Reading

ZTE targets local government for UK growth

Despite security controversy, Chinese firm ZTE’s UK head of sales tells Computer Weekly one of its first targets will be local government Continue Reading

Organisations need alternative data protection as security models fail

Organisations' security models are failing - so could it be time to adopt an intelligence-led approach to data protection and fighting cyber crime? Continue Reading

RSA Europe: Thousands of unprotected virtual servers exposed to the web

Organisations are failing to protect data in virtual environments, says Jason Hart, vice-president cloud solutions, SafeNet Continue Reading

RSA Europe: Security concerns whole supply chain, says Misha Glenny

Targeted attacks affect the whole supply chain, not just big corporations, author Misha Glenny tells RSA Conference Europe 2012 attendees Continue Reading

Security firm warns against Samsung Galaxy Tab for enterprise use

Security specialist Context Information Security says vulnerabilities in the Samsung Galaxy Tab make it unsuitable for use in the enterprise Continue Reading

Hackers target White House military network

Hackers using computers in China have infiltrated an “unclassified” network in the US White House, believed to be used for issuing nuclear commands. Continue Reading

Izz ad-Din al-Qassam hackers launch cyber attack on US bank Wells Fargo

A hacker group connected to Hamas says it attacked US bank Wells Fargo in reaction to the video 'Innocence of Muslims' posted on YouTube Continue Reading

MDM, security vendors scramble to address BYOD security issues

Organisations are looking beyond NAC and MDM to resolve BYOD security issues; MDM, security and hybrid vendors are responding with new products. Continue Reading

SIEM deployment case study shows patience is required

Williams Lea’s SIEM is already helping reduce manual log reviews. But there’s still a lot of work to be done before the SIEM can be fully deployed. Continue Reading

New batch of IDS, IPS evasion techniques are hitting their targets

Stonesoft has discovered 163 new advanced evasion techniques (AET), claiming these AETs can pass below the radar of some IDS, IPS products. Continue Reading

OpenVAS how-to: Creating a vulnerability assessment report

In this OpenVAS how-to, learn how to use the free scanner to create a vulnerability assessment report and assess threat levels. Continue Reading

Best practices for audit, log review for IT security investigations

Device logs can be one of the most helpful tools infosec pros have, or they can be a huge waste of space. Continue Reading

Best practices for (small) botnets

Your enterprise might have a strategy to deal with a large-scale botnet attack, but how would you deal with a micro-botnet that knows how to bypass antivirus and firewalls? Get botnet help with this expert advice. Continue Reading

How to use a netstat command in Windows to watch open ports

Mike Cobb shows how a simple command line tool can provide invaluable information about what's happening on your system Continue Reading

Using Wireshark to monitor and secure your network

Learn how to use packet analyser, Wireshark, in this illustrated tutorial. Continue Reading

Getting the best bargain on network vulnerability scanning

When it comes to enterprise network analysis, is it best to use a commercial vulnerability scanner or an open source product? Mike Chapple explains. Continue Reading

Losing the war to lock down networks might help enterprises innovate

While security concerns cannot be set aside, users unwilling to leave their own applications at home might bring some innovation to the office. Continue Reading

Wireless network security made easy - from "The Book of PF"

How to get wireless networks running and some options for making your wireless network more secure, including encryption for IEEE 802.11 wireless networks. Continue Reading

Holidays are over; now beware the gadgets

The post-holiday influx of consumer devices poses increased risk of data leakage and other threats to network security. Continue Reading

Cisco Trusted Security to boost network security, management

Cisco's Trusted Security (TrustSec) hardens network security while easing some management. Continue Reading

Cisco upgrades Catalyst 4500 and 6500 switches

Cisco today released updates to its modular Catalyst 4500 and 6500 switch series to add more capacity, scalability and redundancy. Continue Reading

USB storage devices: Two ways to stop the threat to network security

USB storage devices pose a significant threat to network security. This tip discusses some basic strategies for blocking unauthorized USB device use. Continue Reading

Juniper updates network access control

Juniper has updated its Unified Access Control NAC products to include better pre- and post-admission, identity and role awareness and other new features. Continue Reading

Researchers warn of new attack methods against Cisco IOS

Several new attack methods against Cisco IOS were uncovered during an analysis conducted by researchers at Information Risk Management. Continue Reading

Bringing the network perimeter back from the 'dead'

Many have expressed the importance of endpoint security, going so far as to say the perimeter is dead. Not so fast, says network security expert Mike Chapple. Continue Reading

NAC switches, appliances help track users, malware

Some vendors are offering switches and appliances to monitor traffic for malware and unauthorized access, as the NAC market sorts itself out. Continue Reading

Network access control vendors: Attraction vs. retention

Network access control (NAC) vendors were evaluated based on attractiveness and customer retention in a recent survey by Current Analysis. Continue Reading

Network analysis -- Enhancing security assessments

Network security assessment doesn't have to rely on expensive automated tools. In this tip, learn how to use data from freely available tools to produce a comprehensive view of network security. Continue Reading

VoIP vulnerability threatens data

VoIP vulnerabilities have now reached a level of sophistication that allows hackers to steal, view or delete data. Continue Reading

Cisco warns of critical IOS flaws

Attackers could exploit multiple flaws in Cisco's IOS to cause a denial of service or remotely execute arbitrary code. Continue Reading

Black Hat 2007: Researchers highlight new database attack method

At this week's hacker confab, expert penetration testers will demonstrate how cyberthieves can reach into corporate databases -- without exploiting a specific software flaw -- to steal credit card and Social Security numbers. Continue Reading

Stop simultaneous connections to corporate LANs and external Wi-Fi networks

How can you stop simultaneous connections to corporate LANs and external Wi-Fi networks? Find out from expert Lisa Phifer. Continue Reading

NAC growth sluggish as companies consider network security options

Companies are taking a wait-and-see approach, hoping the technology's maturity will make it more cost effective. Continue Reading

Wireless security -- Defending Wi-Fi clients

In this tip, Lisa Phifer examines how host-resident wireless IPS agents can help you safeguard Wi-Fi client devices to ensure strong wireless security. Continue Reading

Network security: Overlay versus perimeter security model debated at Catalyst

Traditional network perimeter security -- firewalls, and even network access control -- may soon be pushed out in favour of using VPNs for network security, which could ease the security burden for networking staff, according to Dave Passmore. The Research Director at Burton Group pointed out that there is a growing disagreement about where security controls should reside and how those controls should be implemented. Continue Reading

Securing the enterprise VoIP perimeter

How to make VoIP work without sacrificing firewalls or network perimeter security. Continue Reading

Network access controlled via biometrics

Fingerprint readers, a form of biometrics, have been used to protect data and endpoints, but now IT is using the security technology to control network access Continue Reading

Microsoft unveils unified communications devices

Microsoft unveils unified communications devices. Continue Reading

Unified communications translates to intelligent communications

Unified communications and its business benefits were the underlying themes of the keynote presentations yesterday at VoiceCon Spring 2007. Continue Reading

OSI: Securing the stack, Layer 2 -- Understanding the role of ARP

Part two of our series on securing the OSI stack looks at the perils of Address Resolution Protocol. Continue Reading

Network security threats and answers, by industry

Michael Gregg offers network pros in various industries security advice and step-by-step solutions to help lock down the network. Continue Reading

Network security -- Taking the layered approach

Network security is tricky business. In his new book Hack the Stack, author and security expert Michael Gregg outlines how to secure the network using the OSI model. Continue Reading

NAC implementation slows as networking budgets grow

Network Access Control (NAC) implementations will decrease, despite growth in networking budgets. Continue Reading

Intrusion detection systems -- introduction to IDS and IPCop

This article, excerpted from the book ""Configuring IPCop Firewalls: Closing Borders with Open Source,"" explores how intrusion detection systems (IDS) and intrusion prevention systems (IPS) including Snort and IPCop protect the network from malicious attacks. Continue Reading

Windows Vista security settings

Microsoft's Windows Vista is here. Here, Current Analysis senior analyst Andrew Braunberg discusses what network admins need to know about tightening up Vista security. Continue Reading

Spam -- stop it at the network edge

Spam has become much more than just a nuisance; it can slow or crash the network. F5 recently added a module to its Big IP platform to stop spam at the network edge. Continue Reading

What to do when your server goes down

When a server goes down at a particular time every night without the prompt of a virus, our expert, Puneet Mehta, can tell you what the problem is and what you can do to avoid it. Continue Reading

Apple fixes Mac Wi-Fi flaws

Updated: Attackers could exploit flaws in Apple's wireless technology to cause a denial of service or run malicious code, resulting in the full takeover of vulnerable Mac machines. Continue Reading

Secure network perimeter to result from Symantec-Juniper deal

Juniper and Symantec announced a deal to integrate Symantec's client security software with Juniper's security hardware. The result will allow endpoint compliance and access control platforms to secure the enterprise perimeter. Continue Reading

Cisco, Microsoft unveil NAC/NAP interoperability

Nearly two years into their partnership, Cisco and Microsoft yesterday announced a joint architecture combining their network access security solutions. Continue Reading

Cisco, Microsoft unveil NAC/NAP interoperability

Nearly two years into their partnership, Cisco and Microsoft yesterday announced a joint architecture combining their network access security solutions. Continue Reading

BackTrack: The gotta-have, free, network security tool you've never heard of

Get the power of Linux-based security tools on Windows with this free suite of open source security tools. Contributor and vulnerability assessment expert Kevin Beaver introduces BackTrack and explains its network security testing features. Continue Reading

Remote access, WAN optimization, and network analysis news

Briefs: Remote access from Positive Networks helps with disaster recovery plans; Ipanema Technologies provides WAN optimization; Lancope rolls out network behavior analysis and response system tools. Continue Reading