Security policy and user awareness
-
News
27 May 2025
US makes fresh indictments over DanaBot, Qakbot malwares
US charges the operators of two malwares, DanaBot and Qakbot, whose actions led to millions of dollars worth of cyber theft and fraud Continue Reading
-
News
27 May 2025
Armed forces charity steps in to address cyber mental health crisis
CIISec and military charity PTSD Resolution hope to address a gathering mental health crisis among frontline cyber professionals Continue Reading
-
News
05 Feb 2021
Financial regulatory body bombarded with malicious emails
New disclosures reveal the FCA’s systems bounced almost a quarter of a million malicious emails in a three-month period Continue Reading
-
News
05 Feb 2021
Security firm Stormshield loses source code in cyber attack
Source code from two products developed by French cyber security firm was compromised in a December 2020 incident Continue Reading
-
News
04 Feb 2021
SolarWinds chases multiple leads in breach investigation
Investigators at SolarWinds are exploring multiple theories as to how the company’s systems were compromised Continue Reading
-
News
04 Feb 2021
Fraud and cyber crime still vastly under-reported
The scale of digitally enabled crime in the UK is dramatically under-reported, new statistics indicate Continue Reading
-
Tip
03 Feb 2021
Design a human firewall training program in 5 steps
Follow these five steps to develop human firewall training that's not only effective at preventing social engineering attacks, but also relevant and accessible to employees. Continue Reading
-
News
03 Feb 2021
Crypto malware targets Kubernetes clusters, say researchers
Newly identified Hildegaard malware targets Kubernetes clusters and seems to herald a new campaign from the TeamTNT gang Continue Reading
-
News
03 Feb 2021
‘Classic’ Cerber ransomware targets health sector in high volumes
Cerber ransomware-as-a-service seems to have re-emerged as one of the most critical cyber threats facing healthcare organisations, reports VMware Carbon Black Continue Reading
-
News
03 Feb 2021
SolarWinds patches two critical CVEs in Orion platform
New vulnerabilities disclosed as SolarWinds reels from December 2020 Solorigate/Sunburst attack – but do not appear to have been exploited yet Continue Reading
-
News
02 Feb 2021
Agent Tesla trojan finds new ways to sneak past defences
Updated versions of Agent Tesla Rat include new techniques that fiddle with code to disable endpoint protection tools on target systems Continue Reading
-
News
01 Feb 2021
Serco confirms Babuk ransomware attack
Outsourcing firm was hit by the ransomware last week but insists most of its operations are running as normal Continue Reading
-
News
01 Feb 2021
CISOs invisible to their organisations, says BT report
Ignorance of cyber issues is leading to misplaced confidence in security in many organisations, as CISOs struggle to make themselves seen and heard Continue Reading
-
News
29 Jan 2021
Biometrics ethics group addresses public-private use of facial recognition
Home Office’s Biometrics and Forensics Ethics Group releases briefing note on the use of live facial recognition in public–private collaborations following a year-long investigation Continue Reading
-
News
29 Jan 2021
Revealed: Brits who fuelled ‘vicious’ conspiracy theory by Trump supporters
Trump supporters have apologised and paid millions in damages to the family of murdered Democratic Party staffer Seth Rich for promoting false allegations that Rich – not Russian agents – stole emails from the Democratic National Committee Continue Reading
-
News
29 Jan 2021
Human factor dominates Australia’s latest data breach numbers
The number of data breaches resulting from human error increased by 18% in the second half of 2020, according to Australian government’s latest notifiable data breaches report Continue Reading
-
News
28 Jan 2021
Apprenticeships may be a solution to cyber skills shortage, say insiders
Cyber security professionals are open to new approaches to finding sorely needed talent, according to a poll Continue Reading
-
News
28 Jan 2021
End of Emotet: A blow to cyber crime, but don’t drop your guard
The takedown of Emotet is a huge event with repercussions that will reverberate across the cyber criminal world, but unfortunately that’s not to say there will be much of a long-term impact Continue Reading
-
News
27 Jan 2021
Pandemic response has improved privacy posture, says Cisco
Data privacy seems to be ‘coming of age’ to some extent and organisational responses to Covid-19 may be partly responsible, according to a report Continue Reading
-
News
27 Jan 2021
Emotet botnet goes offline as cops seize servers
The Emotet botnet has been disrupted and knocked offline after a major international effort by law enforcement Continue Reading
-
News
27 Jan 2021
Grindr complaint results in €9.6m GDPR fine
Norway’s data protection authority plans to apply a fine totalling 10% of LGBTQ+ dating app Grindr’s revenues over its data sharing practices Continue Reading
-
News
27 Jan 2021
Emergency Apple updates patch exploited zero-days
Three vulnerabilities could give attackers full control of their target Apple devices, and must be patched immediately Continue Reading
-
Opinion
26 Jan 2021
The ransomware routine: pages from the Secret IR Insider’s diary
The Secret Incident Response Insider shares behind-the-scenes stories of what really happens after organisations are hit by cyber attacks – and shows how they could have been avoided Continue Reading
-
News
26 Jan 2021
Conservatives broke data law to racially profile millions
The Conservative Party acted illegally in collecting data that inferred voters’ ethnicity and religious background, a Select Committee has heard Continue Reading
-
News
26 Jan 2021
North Korean state attacks legitimate security researchers
Threat researchers specialising in vulnerability research and development appear to be being targeted by a North Korean state-backed group Continue Reading
-
News
26 Jan 2021
ICO extends commissioner Denham’s term of office
Extension of Elizabeth Denham’s tenure as information commissioner will give the government more time to appoint her successor Continue Reading
-
News
26 Jan 2021
Cyber fraud a national security issue, says Rusi report
A report from the Rusi think tank calls for fresh approaches to how we think about fighting fraud Continue Reading
-
Opinion
26 Jan 2021
Security Think Tank: Are security teams the unsung heroes of 2020?
After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hotcakes? Continue Reading
-
Opinion
25 Jan 2021
Security Think Tank: Time to rethink stopgap solutions
After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hot cakes? Continue Reading
-
News
22 Jan 2021
ICO resumes adtech investigation
The UK Information Commissioner’s Office was criticised for ending its investigation into alleged malpractice in advertising technology, but has now resumed its probe Continue Reading
-
News
22 Jan 2021
Sepa data leaks as agency resists ransom demands
The Scottish Environment Protection Agency is resisting extortion demands from a ransomware gang, but has suffered a data leak in retaliation Continue Reading
-
News
21 Jan 2021
Hackney Council tenders for cyber security upgrade
Suppliers are being invited to tender for enhanced cyber security capabilities at ransomware victim Hackney Council Continue Reading
-
News
21 Jan 2021
Gamarue malware found on government-issued school laptops
Devices handed out by the government to support vulnerable children contain malware that appears to be contacting C2 infrastructure in Russia Continue Reading
-
Feature
21 Jan 2021
How can healthcare organisations fight increased cyber crime in 2021?
As the Covid-19 pandemic enters what may be its most dangerous phase, we explore how healthcare organisations can ward off cyber threats while preserving their ability to deliver critical care Continue Reading
-
News
21 Jan 2021
Two-thirds of CISOs say they’ll be cyber attack victims this year
Security professionals are ever alert to the threats they face, but some still seem to think it is unlikely they will be attacked Continue Reading
-
News
21 Jan 2021
Incompetent cyber criminals leak data in opsec failure
Even cyber criminals need to pay attention to their information security posture, as this cautionary tale uncovered by Check Point reveals Continue Reading
-
News
20 Jan 2021
Should I be worried about MFA-bypassing pass-the-cookie attacks?
Malicious actors bypassed multi-factor authentication using so-called pass-the-cookie attacks, but how worrying is this and what is the risk to organisations? Continue Reading
-
News
20 Jan 2021
Malwarebytes also hit by SolarWinds attackers
The nation state group that attacked SolarWinds in December got inside Malwarebytes by exploiting privileged access to its Microsoft Office 365 tenant, the firm reveals Continue Reading
-
Opinion
20 Jan 2021
Security Think Tank: It’s time to secure the collaboration revolution
After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hotcakes? Continue Reading
-
News
19 Jan 2021
UK fraud agency deploys ArcGIS dashboard for data sharing
The National Fraud Intelligence Bureau says it has achieved improved transparency with the public, as well as saving 3,500 staff hours and £100,000 Continue Reading
-
News
19 Jan 2021
Click fraud levels reach new heights in pandemic
Small companies risk losing £10,000 a year, and enterprises as much as £520,000, to cyber criminals as click fraud volumes spike Continue Reading
-
News
19 Jan 2021
Criminals fiddled stolen Covid-19 vaccine data to damage trust
Malicious actors manipulated stolen Covid-19 data in a way clearly intended to damage public trust in vaccines, says the EMA Continue Reading
-
Opinion
19 Jan 2021
Security Think Tank: In 2021, enable, empower and entrust your users
After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hot cakes? Continue Reading
-
News
18 Jan 2021
MoD reports 18% rise in data loss incidents
The Ministry of Defence reported more than five hundred data security incidents in 2019-20, with seven serious enough to warrant disclosure to the ICO Continue Reading
-
News
18 Jan 2021
Australians lost A$176m to scams in 2020
Investment scams topped the list of scams, which grew by 23.1% in 2020 as criminals exploited human psychology using social engineering Continue Reading
-
News
17 Jan 2021
NCSC CyberFirst Girls 2021 contest kicks off
UK’s national cyber agency says it has already had hundreds of entrants in spite of the challenges presented by the pandemic Continue Reading
-
News
15 Jan 2021
US cyber security agencies get $9bn in Biden plan
New funding proposals come as US government reels from the impact of the December 2020 SolarWinds attack Continue Reading
-
News
14 Jan 2021
Unforeseen consequences of new technologies put UK at risk
Lords committee told that the risks associated with various emerging digital technologies must be assessed together, with input from UK citizens, if the government is to avoid ‘siloisation’ of fundamentally interconnected problems Continue Reading
-
News
14 Jan 2021
APAC firms grapple with cyber security amid pandemic
Some aspects of cyber security have taken a backseat as companies across the Asia-Pacific region rush to shore up their infrastructure to cope with the demands of remote work Continue Reading
-
Opinion
14 Jan 2021
Security Think Tank: Plan for hybrid working to become normal
After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hot cakes? Continue Reading
-
News
13 Jan 2021
World’s largest dark web market disrupted in major police operation
Coordinated international operation including Europol and the UK’s National Crime Agency has successfully taken DarkMarket offline Continue Reading
-
News
13 Jan 2021
Critical zero-day features in first Patch Tuesday of 2021
Microsoft releases fixes for 84 bugs on the first Patch Tuesday of 2021, including a critical zero-day vulnerability in Microsoft Defender Continue Reading
-
News
12 Jan 2021
Parler collapse opens door to phishing attacks
The shutdown of controversial social media site Parler, and the publication of huge amounts of user data scraped by ethical hackers, is giving cyber crime experts cause for concern Continue Reading
-
Opinion
12 Jan 2021
Security Think Tank: Time for security teams to learn from Covid
After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hot cakes? Continue Reading
-
News
11 Jan 2021
New SolarWinds CEO sets out rescue plan
Customers can expect to see more regular and thorough checks on SolarWinds products, alongside greater engagement with the security community Continue Reading
-
Opinion
11 Jan 2021
Security Think Tank: Don’t bet on a new normal just yet
After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hot cakes? Continue Reading
-
News
08 Jan 2021
Government use of 'general warrants' to authorise computer and phone hacking is unlawful
A court has ruled that the security and intelligence services can no longer rely on ‘general warrants’ to authorise the hacking of large numbers of computers and phones belonging to UK citizens Continue Reading
-
Feature
08 Jan 2021
Picking the right IAM tools is based on more than today’s needs
With remote working now normal, it is important to take proactive steps in managing credentials across platforms that can be subject to multiple data protection regulations. IAM services can streamline this process, but care must be taken to ensure the correct one is chosen Continue Reading
-
Feature
08 Jan 2021
The nation state threat to business
The SolarWinds hack shows the widespread damage possible from a nation state cyber attack. What is the threat to business and how can it be mitigated? Continue Reading
-
Tip
06 Jan 2021
The human firewall's role in a cybersecurity strategy
The human firewall is a crucial element of a long-term, holistic security initiative. Explore how human firewalls can protect your enterprise against attacks. Continue Reading
-
Opinion
05 Jan 2021
Security Think Tank: Cyber effectiveness, efficiency key in 2021
After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hot cakes? Continue Reading
-
News
04 Jan 2021
WikiLeaks founder Julian Assange cannot be extradited to face charges in US, court rules
Court rules it would be oppressive to send Julian Assange to the US to face trial after finding he is at high risk of suicide. US government says it will appeal Continue Reading
-
Opinion
04 Jan 2021
Security Think Tank: The year of the work-from-home hangover
After a year of unprecedented disruption thanks to Covid-19, it looks like remote working is set to remain with us for now, which means security strategies will change in 2021. What will this change look like, and what tools and services will be selling like hot cakes? Continue Reading
-
Blog Post
24 Dec 2020
NPCC brings the Christmas present of partnership to UK Cyber Policing
The combination of the Cyber Resilience Centres, Police Cyber Alarm and The Cyber Helpline provides a major advance towards joining up the UK approach to policing the on-line world, Continue Reading
-
Feature
24 Dec 2020
Security Long Reads: Cyber insiders reveal what’s to come in 2021
In this long read, we gather together the thoughts of cyber security insiders from across the industry to get their take on what will happen in 2021 Continue Reading
-
News
24 Dec 2020
Top 10 cyber crime stories of 2020
Here are Computer Weekly’s top 10 cyber crime stories of 2020 Continue Reading
-
News
23 Dec 2020
Top 10 cyber security stories of 2020
Here are Computer Weekly’s 10 top cyber security stories of 2020 Continue Reading
-
Opinion
23 Dec 2020
It’s time to accept that disinformation is a cyber security issue
Tackling the manipulation of truth and facts is no easy task, and it’s time for the cyber security sector to take up the challenge Continue Reading
-
Feature
23 Dec 2020
Patching: Balancing technical requirements with business considerations
With an increasing reliance on subscription models alongside the regular patching of software, updates have become an essential part of modern business practices. However, care needs to be taken to ensure the optimum patching process is implemented Continue Reading
-
News
22 Dec 2020
Ministry of Justice in the dock for catalogue of serious data breaches
Annual report reveals major incidents of personal data loss affecting 121,355 people and including misplaced, unencrypted USB stick containing documents from a trial, accidental disclosure of identities, and staff files made visible to unauthenticated users Continue Reading
-
News
18 Dec 2020
Utility supplier People’s Energy has entire customer list stolen
All 270,000 customers of People’s Energy, a renewable energy startup, have had their details compromised in a major data breach incident Continue Reading
-
News
17 Dec 2020
Dodgy browser extensions put social media users at risk
More than three million users of third-party browser extensions for Instagram, Facebook, Vimeo and others have been infected with malware, according to Avast Continue Reading
-
News
17 Dec 2020
EU security strategy a ‘step up’ on cyber leadership, says Brussels
The EU’s new cyber security strategy forms a key component of Shaping Europe’s Digital Future, the Recovery Plan for Europe, and the EU Security Union Strategy Continue Reading
-
News
15 Dec 2020
SolarWinds cyber attack: How worried should I be, and what do I do now?
Security teams across the world are on high alert as more details emerge of the widespread SolarWinds ‘Sunburst’ attack. What do defenders need to do next? Continue Reading
-
E-Zine
15 Dec 2020
How security will be different after Covid-19
In this week’s Computer Weekly, the world of cyber security will probably never return to its pre-pandemic state – we look ahead. The combination of remote working and streaming video is putting extra strain on networks. And we look at how digital transformation is changing the way contact centres are run. Read the issue now. Continue Reading
-
Blog Post
14 Dec 2020
Confidence in print security drops and data breach costs rise
As cyberattacks continue to increase, capitalising on the new vulnerabilities of remote working, securing the print infrastructure – across the office and home environments – must be a strategic ... Continue Reading
-
News
13 Dec 2020
Singapore trials beacons to bolster police operations
Police beacons equipped with video cameras, sirens, floodlights and speakers are being deployed at two parks to improve public safety in a year-long trial Continue Reading
-
News
11 Dec 2020
The week in ransomware: Foxconn and Randstad are high-profile victims
Foxconn and Randstad are laid low by cyber criminals, while Sophos spills on Egregor, and prognosticators turn to their crystal balls to divine how ransomware will develop in the next 12 months Continue Reading
-
News
11 Dec 2020
Disputed PostgreSQL bug exploited in cryptomining botnet
PGMiner cryptomining botnet remained unnoticed by exploiting a disputed CVE in PostgreSQL Continue Reading
-
News
11 Dec 2020
Surge in Covid-19 vaccine phishing scams reported
Check Point and KnowBe4 share details of a growing number of phishing campaigns using the prospect of a Covid-19 vaccine as a lure Continue Reading
-
Opinion
11 Dec 2020
Security Think Tank: Integration between SIEM/SOAR is critical
SIEM and SOAR share much in common but there are key differences between the two that may influence the best fit for your organisation. What should security pros consider when making a choice? Continue Reading
-
Feature
11 Dec 2020
Post-pandemic approaches to IAM for cloud security
Cloud technology may have saved businesses from catastrophe during the pandemic, but it has also introduced additional challenges around identity and access management. Here’s why IAM policies are crucial in the new normal Continue Reading
-
News
10 Dec 2020
French regulators fine Google and Amazon over cookie policies
Google and Amazon rapped over their use of advertising cookies by the French data protection authorities Continue Reading
-
News
10 Dec 2020
Cyber Helpline awarded lottery funding to support victims
The Cyber Helpline, a UK charity that provides emergency support to victims of cyber crime and online stalking, is to receive funding from the National Lottery Continue Reading
-
Opinion
09 Dec 2020
Security Think Tank: SOAR to the next level with automation
SIEM and SOAR have much in common, but there are key differences between the two that may influence the best fit for your organisation. What should security pros consider when making a choice? Continue Reading
-
News
09 Dec 2020
Amnesia:33 IoT flaws dangerous and patches unlikely, say experts
The disclosure of multiple flaws by Forescout has raised big questions for the developers of connected products, and for their users Continue Reading
-
News
09 Dec 2020
Patch Tuesday: Microsoft presents just 58 CVEs for Christmas
The final Patch Tuesday of 2020 contains 58 fixes, a minnow compared to some recent drops, but many are still of high importance Continue Reading
-
News
09 Dec 2020
FireEye’s ethical hacking tools stolen in state-backed attack
Hacking tools used to conduct red team penetration testing were stolen in the state-backed attack on security firm FireEye Continue Reading
-
News
08 Dec 2020
Multiple D-Link routers found vulnerable to attack
Digital Defense discloses a remotely exploitable root command injection flaw in a number of D-Link wireless router devices Continue Reading
-
News
07 Dec 2020
A trillion dollars lost to cyber crime every year
Data collated by McAfee and the Centre for Strategic and International Studies highlights the growing impact of cyber crime Continue Reading
-
News
04 Dec 2020
Opportunistic Egregor ransomware is an emerging and active threat
Researchers at Recorded Future’s Insikt Group highlight links between the emerging Egregor ransomware and other strains, and offer guidance on defending against it Continue Reading
-
News
03 Dec 2020
Cyber Aware campaign to help safeguard Christmas shoppers
New government campaign sets out to raise awareness of online shopping fraud in the run-up to Christmas Continue Reading
-
News
03 Dec 2020
Covid-19 vaccine supply chain attacked by unknown nation state
An unknown nation state actor is attempting to disrupt the supply of coronavirus vaccines Continue Reading
-
News
03 Dec 2020
Dangerous Trickbot evolves to target UEFI/BIOS firmware
Dubbed Trickboot by researchers, Trickbot’s new features enable malicious actors to read, write or even erase UEFI/BIOS firmware Continue Reading
-
News
02 Dec 2020
Covid-19: Cyber criminals will target vaccine programmes
Interpol issues a global alert to law enforcement as the UK becomes one of the first countries to approve the Pfizer/BioNTech Covid-19 vaccine for use Continue Reading
-
Opinion
02 Dec 2020
Security Think Tank: SIEM and SOAR are far from mutually exclusive
SIEM and SOAR have much in common, but there are key differences between the two that may influence the best fit for your organisation. What should security pros consider when making a choice? Continue Reading
-
News
02 Dec 2020
Singapore government remains ‘juicy target’ for cyber attackers
The government is baking security into the design and implementation of its IT systems and looking to increase bug bounties to fend off cyber threats Continue Reading
-
News
01 Dec 2020
DHL, Amazon and FedEx are most phished delivery services
DHL has emerged as the most imitated delivery brand in Europe, accounting for 77% of the total volume of phishing emails received in November 2020 Continue Reading
-
News
01 Dec 2020
22,000 malicious .uk domains suspended in past year
Nominet has suspended just over 22,000 domains in the 12 months to 31 October 2020, continuing a downward trend, and with less impact from Covid-19 than might be expected Continue Reading
-
Opinion
01 Dec 2020
Security Think Tank: Alerts are great, it’s what you do with them that counts
SIEM and SOAR have much in common, but there are key differences between the two that may influence the best fit for your organisation. What should security pros consider when making a choice? Continue Reading
-
Opinion
27 Nov 2020
How to modernise identity governance and administration
Modernising identity governance and administration (IGA) capabilities is essential for organisations to manage identities effectively to ensure they remain competitive, compliant and secure Continue Reading
-
News
27 Nov 2020
How Grab is using technology to improve trust and safety
Southeast Asian unicorn Grab is tapping artificial intelligence and other technologies to keep its users safe and cyber criminals at bay Continue Reading