Network security management
-
News
15 Jul 2024
How Snowflake is tackling AI challenges
Snowflake’s regional leader Sanjay Deshmukh outlines how the company is helping customers to tackle the security, skills and cost challenges of AI implementations Continue Reading
-
News
28 Jun 2024
How Recorded Future is operationalising threat intelligence
Recorded Future is investing in APIs to enable automated security workflows, among other measures, to help organisations overcome the hurdles of operationalising threat intelligence Continue Reading
-
News
20 May 2021
HP taps micro virtual machines in endpoint security
HP’s Wolf Security technology stack uses an endpoint security controller to run computing tasks in micro virtual machines so that any potential malware can be isolated and contained Continue Reading
-
News
18 May 2021
Cisco acquires Kenna Security amid security expansion
Cisco announces a new acquisition alongside service enhancements around XDR and SASE in support of its security customers Continue Reading
-
E-Zine
18 May 2021
The real-life consequences of ransomware attacks
In this week’s Computer Weekly, after a ransomware attack shut a major US oil pipeline, we examine the real-life consequences for organisations facing similar threats. We ask the experts for their top tips in reducing datacentre running costs. And we hear how data science skills are helping government make better decisions. Read the issue now. Continue Reading
-
News
17 May 2021
Conti ransomware syndicate behind attack on Irish health service
More details continue to emerge of the significant ransomware attack on Ireland’s HSE Continue Reading
-
News
14 May 2021
Colonial Pipeline paid $5m ransom, reports say
Colonial Pipeline may have paid a significant ransom within hours of being attacked, it has emerged, but it’s unlikely the story ends here Continue Reading
-
News
13 May 2021
Publishing exploit code does more harm than good, says report
Disclosing exploit code before patches are available gives malicious actors a ‘massive’ head-start, says Kenna Security Continue Reading
-
News
13 May 2021
Biden beefs up public-private security cooperation
Joe Biden has signed a new Executive Order to harden US cyber security and government networks, with an emphasis on information sharing Continue Reading
-
News
13 May 2021
Verizon DBIR underscores year of unprecedented cyber challenge
Verizon 2021 Data Breach Investigations Report draws predictable conclusions as the impact of the Covid-19 pandemic continues to be felt Continue Reading
-
News
12 May 2021
Inside DarkSide: Researchers share intel on break-out cyber gang
Security researchers swap information on the newly famous DarkSide ransomware gang, the group that doesn’t appear to understand what ‘being a criminal’ actually means Continue Reading
-
News
12 May 2021
UK to fund national cyber teams in Global South
Government will commit millions of pounds to supporting vulnerable countries in establishing cyber capacity Continue Reading
-
News
12 May 2021
Microsoft fixes four critical bugs on lighter Patch Tuesday
Four critical RCE vulnerabilities put users of various Microsoft products at risk, and should be patched right away Continue Reading
-
News
12 May 2021
The Security Interviews: Why helpful bots could hurt vaccine roll-outs
Earlier this year, spikes in traffic to websites containing information about Covid-19 vaccines were attributed by Imperva to automated bots scraping data. Why is that a problem? Continue Reading
-
News
11 May 2021
Collaboration key to success of UK’s Cyber Security Council
The founders of the UK’s Cyber Security Council have been setting out their plans to professionalise the cyber sector at the NCSC’s CyberUK 2021 event Continue Reading
-
News
11 May 2021
SolarWinds CEO calls for collective action against state attacks
SolarWinds CEO tells NCSC’s CyberUK conference he is exploring the possibility of collaborating with other companies on collective cyber action against attacks backed by nation states Continue Reading
-
News
11 May 2021
Colonial Pipeline ransomware attack has grave consequences
The ramifications of a major ransomware attack against a US fuel pipeline operator could spread far and wide Continue Reading
-
News
10 May 2021
NCSC Active Cyber Defence blocks surge of pandemic scams
The NCSC responded to a surge in online scams last year as it moved to protect both the general public and critical national services during the pandemic Continue Reading
-
Feature
07 May 2021
Despite confusion, zero-trust journey underway for many
Zero trust is a catchy phrase with seemingly lofty goals. Uncover the reality behind one of infosec's hottest buzzphrases, and learn why it's within reach for many companies today. Continue Reading
-
Feature
07 May 2021
How do I get my users to pay attention to security training?
As cyber security risks grow daily, businesses must educate staff about these through cyber awareness training. But how can they ensure this is taken seriously by employees? Continue Reading
-
News
07 May 2021
NCSC, CISA publish new information on Russia’s Cozy Bear
New intelligence from UK and US cyber agencies suggests that APT29, or Cozy Bear, has been switching up its tactics Continue Reading
-
News
07 May 2021
NCSC publishes smart city security guidelines
Guidance for local authorities, IT and cyber professionals aims to ensure the security of connected, smart city projects Continue Reading
-
News
07 May 2021
Ransomware, supply chain attacks show no sign of abating
Security experts at Black Hat Asia 2021 discuss the state of ransomware and supply chain attacks, two of the most common attack vectors that offer high returns for threat actors Continue Reading
-
News
05 May 2021
Dysfunctional cyber, network teams disrupt digital transformation
Despite shared goals, combative and dysfunctional relationships within specialist tech teams are putting digital transformation projects at risk, according to a report Continue Reading
-
News
04 May 2021
Half of organisations breached via a third party in 12 months
New report highlights the risks of outsourcing key business processes without paying due care and attention to your service provider’s security Continue Reading
-
News
03 May 2021
New standard to simplify IoT device onboarding
Fido Alliance’s device onboarding protocol will automate the process of connecting internet-of-things devices to device management platforms while improving security Continue Reading
-
News
30 Apr 2021
EncroChat: Top lawyer warned CPS of risk that phone hacking warrants could be unlawful
Lord David Anderson QC warned prosecutors that there were formidable arguments against the lawfulness of a police operation to infiltrate the encrypted phone network, EncroChat Continue Reading
-
News
28 Apr 2021
Covid-19 security challenges leave bank customers at risk
Challenges arising from the pandemic have left gaping holes in banking security, putting consumers at risk of fraud Continue Reading
-
News
28 Apr 2021
Recruiters can’t afford to hold out for cyber ‘unicorns’
The perfect security candidate is hard to find, so hiring policy needs to be more pragmatic Continue Reading
-
News
28 Apr 2021
Office 365 compromise likely led to Merseyrail ransomware attack
Compromise of Merseyrail employee data seems to have begun after a key email account was hacked Continue Reading
-
Opinion
27 Apr 2021
Why we need to reset the debate on end-to-end encryption to protect children
Private messaging is the front line of abuse, yet E2EE in its current form risks engineering away the ability of firms to detect and disrupt it where it is most prevalent Continue Reading
-
News
27 Apr 2021
North London school wins NCSC girls’ cyber challenge
Highgate School in North London is the winner of this year’s CyberFirst Girls security competition Continue Reading
-
News
27 Apr 2021
UnitingCare Queensland hit by cyber attack
Healthcare service provider UnitingCare Queensland was reportedly hit by a ransomware attack that crippled several IT systems Continue Reading
-
News
26 Apr 2021
How Toffs is seizing Asia’s CDN market
Toffs Technologies is eyeing second- and third-tier cities in Asia as it bolsters its infrastructure and experiments with the use of home networks as content delivery networks Continue Reading
-
News
22 Apr 2021
GCHQ: Cyber investment a guarantor of UK’s global status
GCHQ director Jeremy Fleming sets out a vision for the UK’s cyber security future Continue Reading
-
News
22 Apr 2021
Researchers shed more light on APT29 activity during SolarWinds attack
RiskIQ’s Atlas threat intel team uncovers new patterns and threat infrastructure used in the SolarWind’s attacks Continue Reading
-
News
22 Apr 2021
Automation, zero-trust, API-based security priorities for EMEA CISOs
Report by FireMon sheds light on buyer behaviour across the EMEA region Continue Reading
-
News
21 Apr 2021
NCSC offers teachers free cyber security training
The NCSC’s latest security training offer builds on a package of measures designed to protect schools from cyber attack Continue Reading
-
Definition
21 Apr 2021
IPsec (Internet Protocol Security)
IPsec (Internet Protocol Security) is a suite of protocols and algorithms for securing data transmitted over the internet or any public network. Continue Reading
-
News
21 Apr 2021
SonicWall Email Security zero-days need urgent patch
Users of SonicWall Email Security are advised to patch immediately, but the supplier is being criticised for the pace of its response Continue Reading
-
News
21 Apr 2021
Time is running out to probe networks for Emotet
Security teams will lose an unprecedented opportunity to gain valuable intelligence to enhance their defences when Emotet is finally ‘executed’ in a few days’ time Continue Reading
-
News
20 Apr 2021
Chinese APT exploits critical CVE in Pulse Secure VPN
A newly disclosed vulnerability in Pulse Secure’s VPN is being exploited by a Chinese advanced persistent threat group – assume compromise and mitigate today Continue Reading
-
News
20 Apr 2021
Codecov supply chain attack has echoes of SolarWinds
Supply chain attack on code auditing service may have compromised the likes of HPE and IBM Continue Reading
-
News
20 Apr 2021
Singapore’s ViewQwest debuts security service
ViewQwest’s SecureNet service uses Palo Alto Networks’ next-generation firewall with deep packet inspection capabilities to guard against cyber threats Continue Reading
-
Opinion
16 Apr 2021
The Secret IR Insider’s Diary – from Sunburst to DarkSide
From dealing with SolarWinds fallout to ransomware attacks, it’s been a busy few weeks for the Secret IR Insider, but they've picked up some new tricks along the way Continue Reading
-
Definition
16 Apr 2021
denial-of-service attack
A denial-of-service (DoS) attack is a security event that occurs when an attacker makes it impossible for legitimate users to access computer systems, devices, services or other IT resources. Continue Reading
-
News
16 Apr 2021
Finnish government strengthens country’s IT network security
Finland’s government has created a new national organisation to help public and private bodies improve network security Continue Reading
-
News
15 Apr 2021
Dutch accuse UK of ‘damaging confidence’ by disclosing details of EncroChat police collaboration
The Dutch Public Prosecution Service claims Britain has damaged confidence by disclosing details of an international investigation into the EncroChat encrypted phone network to the courts Continue Reading
-
News
15 Apr 2021
University of Hertfordshire is latest academic cyber attack victim
Multiple systems are offline at the University of Hertfordshire following a cyber attack Continue Reading
-
News
14 Apr 2021
FBI accesses ProxyLogon target servers to disrupt cyber criminals
US Justice Department reveals successful court-authorised effort to clamp down on ProxyLogon exploitation Continue Reading
-
News
14 Apr 2021
NSA unearths more MS Exchange vulnerabilities
Microsoft patches more critical vulnerabilities in Exchange Server a month after the ProxyLogon incident, after being warned by the US National Security Agency Continue Reading
-
Opinion
14 Apr 2021
Security Think Tank: Vaccine passports cannot be taken lightly
What are the security issues and challenges presented by vaccine passports, and how should they be designed and used with ethics and privacy in mind? Continue Reading
-
News
13 Apr 2021
Millions of devices at risk from NAME:WRECK DNS bugs
Newly disclosed set of nine DNS vulnerabilities puts over 100 million consumer, enterprise and industrial IoT devices at risk Continue Reading
-
Definition
12 Apr 2021
endpoint detection and response (EDR)
Endpoint detection and response (EDR) is a system to gather and analyze security threat-related information from computer workstations and other endpoints, with the goal of finding security breaches as they happen and facilitating a quick response to discovered or potential threats. Continue Reading
-
News
09 Apr 2021
Cring ransomware hits ICS through two-year-old bug
A long-disclosed vulnerability in Fortinet’s Fortigate VPN servers is being exploited to distribute Cring ransomware Continue Reading
-
News
08 Apr 2021
Nation-state cyber attacks double in three years
Cyber attacks backed by nation states are becoming more frequent and varied, moving the world closer to a point of ‘advanced cyber-conflict’, according to a University of Surrey research project Continue Reading
-
News
01 Apr 2021
EncroChat hearings delayed as lawyers seek disclosure on police hacking
Court hearings precipitated by police cracking the EncroChat secure mobile phone network have been delayed after defence lawyers request further disclosures on police decryption capabilities Continue Reading
-
News
31 Mar 2021
NHS is apparently closing security skills gap
By the end of 2020, there were more than twice as many in-house security professionals at NHS trusts as there were two years before Continue Reading
-
Opinion
31 Mar 2021
Security Think Tank: Evolving threats, tech, leaves CNI exposed
In light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
News
31 Mar 2021
Cyber Security Council to champion UK security pros
A new cyber security professional body has launched with the aim of developing and promoting UK cyber security excellence globally and growing the skills base Continue Reading
-
News
30 Mar 2021
Ransomware attack on London schools highlights warnings
Ransomware attack on Harris Federation comes just days after a fresh NCSC alert for the education sector Continue Reading
-
News
30 Mar 2021
The Security Interviews: How to secure an F1 team in a pandemic
A multi-year digital transformation programme paid off for F1 team Williams Racing when the 2020 season was abruptly postponed thanks to Covid-19. Learn how the team’s CIO has been supporting remote working and protecting data Continue Reading
-
News
29 Mar 2021
UK courts face evidence ‘black hole’ over police EncroChat mass hacking
French investigators have refused to disclose how they downloaded millions of messages from a supposedly secure cryptophone network used by organised criminals – leaving UK courts to grapple with a forensic ‘black hole’ of evidence Continue Reading
-
News
29 Mar 2021
Cyber attack takes Channel Nine off-air
The Australian broadcaster was hit by an alleged ransomware attack that disrupted broadcasting operations in its Sydney studio Continue Reading
-
News
26 Mar 2021
Retailer FatFace pays $2m ransom to Conti cyber criminals
Retailer FatFace paid out a $2m ransom to restore its data following a January 2021 cyber attack by the Conti ransomware syndicate Continue Reading
-
News
26 Mar 2021
Remote working burn-out a factor in security risk
After a year of working from the kitchen table, stress and burn-out are increasing, giving rise to more security risks – and Millennials seem to be particularly affected Continue Reading
-
News
26 Mar 2021
‘Major’ security flaw detected in 5G core network slicing design
Mobile security specialist details potentially revenue-threatening vulnerabilities with key element of next-generation networks and reveals plans to work with industry to provide mitigation prior to widespread deployments Continue Reading
-
News
25 Mar 2021
Four in five UK businesses seek new security suppliers
Decision-makers are ready to buy new security technology, but suppliers must pay close attention to how they present themselves Continue Reading
-
News
24 Mar 2021
Oil giant Shell hit through Accellion FTA breach
Energy firm discloses cyber attack through Accellion File Transfer Appliance Continue Reading
-
News
23 Mar 2021
NCSC beefs up support for education sector after spate of attacks
Refreshed guidance from the NCSC recommends a defence-in-depth strategy as schools and universities face a renewed wave of cyber attacks Continue Reading
-
Opinion
23 Mar 2021
Security Think Tank: Attacks on CNI – an evolving frontier in warfare
In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
News
22 Mar 2021
$50m ransomware demand on Acer is highest ever
Record-breaking double-extortion cyber attack saw REvil gang exfiltrate financial data from Taiwan-based PC manufacturer Continue Reading
-
Opinion
22 Mar 2021
Security Think Tank: Back to square one – ground-up CNI protection
In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
Opinion
19 Mar 2021
Security Think Tank: Properly protecting CNI demands specificity
In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
Opinion
17 Mar 2021
Security Think Tank: Take a realistic perspective on CNI cyber attacks
In light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
Opinion
17 Mar 2021
Security Think Tank: CNI operators must focus on core issues
In the light of increasing cyber attacks on critical national infrastructure, what are the immediate risks to industrial control systems and other operational technology, and what steps can be taken to address them? Continue Reading
-
News
17 Mar 2021
Cyber sector welcomes PM’s defence review
Security commentators approve of measures to improve the UK’s cyber resilience, strengthen its R&D and skills base, lead on the development of new technology and promote a free, open, peaceful and secure global internet Continue Reading
-
News
16 Mar 2021
Unusual DearCry ransomware uses ‘rare’ approach to encryption
Hybrid approach to encryption used by DearCry bears similarities to WannaCry Continue Reading
-
News
16 Mar 2021
Microsoft releases one-click ProxyLogon mitigation tool
Microsoft’s mitigation tool is designed to help customers without dedicated security or IT teams navigate fixing their vulnerable Exchange servers Continue Reading
-
Tip
15 Mar 2021
Endpoint security vs. network security: Why both matter
As the security perimeter blurs, companies often debate the merits of endpoint security vs. network security. However, it shouldn't be an either-or decision. Continue Reading
-
News
15 Mar 2021
Microsoft Exchange ProxyLogon attacks spike 10 times in four days
Exploitations of the Microsoft Exchange ProxyLogon vulnerabilities have increased tenfold in just four days Continue Reading
-
News
15 Mar 2021
Judges refuse EncroChat defendants’ appeal to Supreme Court
Experts suggest Parliament and Investigatory Powers Tribunal need to consider the implications of a court decision on police use of data from the EncroChat phone network Continue Reading
-
News
14 Mar 2021
Arrest warrants issued for Canadians behind Sky ECC cryptophone network used by organised crime
The US has issued arrest warrants for the CEO of Sky Global and a former distributor for racketeering, aiding and abetting the distribution of illegal drugs by supplying encrypted phones to criminals Continue Reading
-
News
12 Mar 2021
NCSC issues emergency alert on Microsoft Exchange patch
UK’s national cyber agency calls on organisations affected by the ProxyLogon vulnerabilities to patch their Microsoft Exchange Servers immediately Continue Reading
-
News
12 Mar 2021
DearCry ransomware targets vulnerable Exchange servers
As predicted, ransomware gangs have started to target vulnerable instances of Microsoft Exchange Server, making patching an even greater priority Continue Reading
-
News
12 Mar 2021
Brewer Molson Coors targeted in cyber attack
Cyber criminals have disrupted beer production at Molson Coors, one of the world’s largest brewers Continue Reading
-
Opinion
12 Mar 2021
Security Think Tank: US security efforts may centre on collaboration
As US president Joe Biden sets out his agenda for the next four years, we consider the opportunities for renewed international collaboration on cyber security, what aspects of cyber Biden should focus on, and ask how the industry can make its voice heard Continue Reading
-
News
11 Mar 2021
Attack on surveillance cameras a warning over security, ethics
The attack on a video surveillance startup by a hacktivist group raises questions not just over cyber security, but the use and extent of surveillance technology Continue Reading
-
News
11 Mar 2021
Norwegian government falls victim to Microsoft attacks
Norway’s parliament, the Storting, suffers second major cyber incident in a year as threat groups capitalise on vulnerable Microsoft Exchange Servers Continue Reading
-
Feature
11 Mar 2021
Top five threats to compliance during the pandemic
We survey the top five pandemic compliance threats – remote working, Covid tracking, criminal exploits, compliance measures slipping, and heightened enforcement to come Continue Reading
-
News
10 Mar 2021
Police crack world’s largest cryptophone network as criminals swap EncroChat for Sky ECC
Belgian and Dutch police have breached the encryption of users of Sky ECC, the world’s largest cryptophone network. There are significant parallels with the international police operation against the EncroChat cryptophone network which led to hundreds of arrests Continue Reading
-
Opinion
09 Mar 2021
Why your business needs SOC as a service
Security in the digital era demands that businesses monitor their entire IT estate and resolve all alerts, but for many organisations the most effective way of doing that is SOCaaS Continue Reading
-
News
09 Mar 2021
Significant jump in number of hackers reporting vulnerabilities to companies
Since the onset of the Covid-19 pandemic, the number of hackers reporting security vulnerabilities and bugs to enterprises has increased by nearly two-thirds Continue Reading
-
News
09 Mar 2021
EBA restores services after Microsoft Exchange attack
European Banking Authority was breached through vulnerabilities in Microsoft Exchange Server, but is now back online Continue Reading
-
News
09 Mar 2021
Private equity house buys McAfee enterprise business
Deal to sell off enterprise unit will see McAfee become a pure-play consumer organisation Continue Reading
-
News
05 Mar 2021
Williams F1 car launch disrupted by data leak
Williams Formula One team forced to pull augmented reality app it had planned to use to launch its 2021 car at the last minute after an apparent cyber attack Continue Reading
-
News
05 Mar 2021
Mandiant: MS Exchange bugs first exploited in January
Analysis from technical teams at FireEye’s Mandiant tracked activity exploiting newly disclosed vulnerabilities in Microsoft Exchange Server more than a month ago Continue Reading
-
News
05 Mar 2021
Nottinghamshire schools suspend online learning following cyber attack
Cyber attack on central trust that manages secondary schools in Nottinghamshire leaves them unable to access IT systems and deliver remote lessons Continue Reading
-
News
04 Mar 2021
Qualys caught up in Accellion FTA breach
Security services supplier confirms that some of its data was stolen via vulnerabilities in Accellion’s file transfer product Continue Reading
-
Guide
01 Mar 2021
Essential guide to operation-centric security
To stay ahead of cyber attackers, IT security teams need to take an operation-centric approach, to offer a real-time picture of activity across their estate. Continue Reading
-
Feature
25 Feb 2021
Get started with network penetration testing for beginners
Authentication, patching and configuration are among the most common vulnerabilities found through network penetration testing. Learn more in this free chapter excerpt. Continue Reading
-
Feature
25 Feb 2021
Advice on how to learn network penetration testing skills
As beginners learn network penetration testing skills, they should remember these expert tips: Pay attention to what the client wants, and stick to offense, not defense. Continue Reading