Security policy and user awareness
-
News
24 Apr 2025
M&S systems remain offline days after cyber incident
M&S is still unable to provide contactless payment or click-and-collect services amid a cyber attack that it says has forced it to move a number of processes offline to safeguard its customers, staff and business Continue Reading
-
Opinion
24 Apr 2025
Challenges persist as UK’s Cyber Security and Resilience Bill moves forward
Elements of the Cyber Security and Resilience Bill are welcome but questions remain about how best to act in the face of persistent challenges like geopolitical chaos, threats to critical infrastructure, and technological advances Continue Reading
-
News
03 Sep 2020
Phishing scam targets Lloyds Bank customers
Bank customers warned of emails and SMS messages that direct them to a fraudulent site and then request account log-in details Continue Reading
-
Opinion
03 Sep 2020
Security Think Tank: Datacentre security is a business imperative
That datacentre security is a complex subject is not in doubt and, given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure as the traditional centralised model? Continue Reading
-
News
03 Sep 2020
How Certis is digitising security operations
Certis has developed more than 50 applications in a year to help employees do their jobs better and has set up an AI centre to tap the potential of robotics and video analytics in security Continue Reading
-
News
02 Sep 2020
Northumbria University suffers major disruption after cyber attack
Some exams cancelled as university appoints external specialists to investigate incident Continue Reading
-
Opinion
02 Sep 2020
Security Think Tank: Seven steps to edge security
That datacentre security is a complex subject is not in doubt and, given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure as the traditional centralised model? Continue Reading
-
News
01 Sep 2020
Norway’s corporates want government to support ‘herd immunity’ to cyber attack
Leading business organisations in Norway call on government to play a more active role in improving and coordinating the country’s cyber defences Continue Reading
-
News
01 Sep 2020
Vint Cerf: Why everyone has a role in internet safety
The Covid-19 pandemic has demonstrated the power of internet connectivity. Vint Cerf talks to Computer Weekly about the challenges the internet now faces Continue Reading
-
Opinion
01 Sep 2020
Security Think Tank: Security at the distributed edge
That datacentre security is a complex subject is not in doubt, and given the trend to move beyond centralised datacentres to distributed environments, this is not going to change. How can security professionals ensure such setups are just as secure as the traditional centralised model? Continue Reading
-
News
28 Aug 2020
Machine learning wards off threats at TV studio Bunim Murray
TV studio behind reality hits including The Real World and Keeping Up With The Kardashians turned to Darktrace’s Antigena email protection service to keep its people safe from Covid-19 threats Continue Reading
-
News
28 Aug 2020
Benefit fraud: Underground trade in stolen identities revealed
A roaring underground trade in stolen identities is undermining the Universal Credit system and could potentially defraud it out of millions of pounds Continue Reading
-
Feature
27 Aug 2020
Double extortion ransomware attacks and how to stop them
As ransomware attacks increase, hackers are diversifying their tactics to get victims to hand over larger sums of money. We investigate the rise of double extortion attacks Continue Reading
-
News
27 Aug 2020
NHS whistleblowers’ anonymity at mercy of inadequate trust IT policies and processes
They were clapped in the streets for their bravery at the height of the Covid-19 pandemic, but some NHS staff who raise workplace concerns are suffering abuse as a result Continue Reading
-
News
27 Aug 2020
TikTok CEO clocks off
TikTok CEO Kevin Mayer has resigned from the firm after just three months Continue Reading
-
News
26 Aug 2020
Avaddon ransomware operators having a go at double extortion
The operators of the Avaddon ransomware seem to be tooling up to leak the data of their victims in addition to holding it to ransom, Cofense researchers confirm Continue Reading
-
Opinion
26 Aug 2020
What are the latest GDPR security breach enforcement trends?
A cyber breach specialist from Fieldfisher runs the rule over the latest trends in cyber security, data protection and GDPR Continue Reading
-
News
25 Aug 2020
North Korea’s Lazarus targets cryptocurrency vertical
APT group behind the infamous WannaCry incident is targeting cryptocurrency operators, according to new research Continue Reading
-
News
25 Aug 2020
TikTok takes Trump to court
Under-fire video app TikTok files a formal complaint in the federal courts challenging the Trump administration’s attempt to ban it in the US Continue Reading
-
E-Zine
25 Aug 2020
When algorithms don’t play fair
In this week’s Computer Weekly, we report on the auditing of algorithms to countervail bias. We examine what CISOs can learn from Covid-19. And in our buyer’s guide to modern software development, we assess how competent artificial intelligence is at building applications that deliver the best possible customer experience. Read the issue now. Continue Reading
-
Feature
24 Aug 2020
Getting physical with datacentre security
Whether it is natural disasters, terrorism or break-ins, datacentres will be vulnerable to a range of risks unless they are physically secured. Here’s how you can improve the physical security of your datacentre Continue Reading
-
News
21 Aug 2020
TikTok’s GDPR compliance probed amid accusations of data misuse
Dutch privacy organisation SOMI claims TikTok falls short in protecting young users, and that it is likely violating GDPR Continue Reading
-
News
21 Aug 2020
MPs accuse ICO of failing to do its job on contact-tracing data
Cross-party group of MPs say the ICO has failed to enforce data protection standards or hold the government to account over the unlawful Test and Trace programme Continue Reading
-
News
21 Aug 2020
Australian regulator sues RI Advice for cyber security lapses
The Australian Securities and Investments Commission is suing RI Advice for cyber security breaches at the financial firm’s authorised representatives Continue Reading
-
News
20 Aug 2020
UKAS rejects ISO certification concerns
UK’s certification body says refreshed guidance is in place to cover the possibility of lapsed ISO certifications Continue Reading
-
News
20 Aug 2020
Social media data leak highlights murky world of data scraping
A data brokerage left its database of 235 million Instagram, TikTok and YouTube profiles exposed to anybody who cared to access it Continue Reading
-
News
19 Aug 2020
HMRC investigates over 10,000 Covid-19 phishing reports
HM Revenue & Customs received thousands of reports of coronavirus phishing scams exploiting its name during April, May and June Continue Reading
-
News
19 Aug 2020
Coronavirus: Thousands of ISO certifications set to lapse
Delays and postponements in the auditing process are putting hard-earned security and data protection certifications at risk of lapsing Continue Reading
-
News
18 Aug 2020
Carnival cruise lines hit by ransomware, customer data stolen
Cruise ship operator is likely to be the victim of a major data breach after customer information is apparently stolen in a ransomware attack Continue Reading
-
News
17 Aug 2020
Comms startup Element helps support secure communications during pandemic
With the huge increase in remote working, Element is using an open, decentralised network to give organisations more control over their communications Continue Reading
-
News
17 Aug 2020
The Security Interviews: How Crest is remaking the future of consultancy
Crest president Ian Glover taught himself cyber security while working on government computing systems in the 1970s and 1980s. Now he is on a decade-spanning mission to change security consultancy models Continue Reading
-
News
14 Aug 2020
ICO acknowledges GDPR concerns over A-level results scandal
Information Commissioner’s Office says it has engaged with exams regulator Ofqual after its use of an algorithm to calculate A-level grades backfired Continue Reading
-
News
14 Aug 2020
Russia’s Fancy Bear targets Linux environments with Drovorub malware
The Russian intelligence-linked Fancy Bear group is deploying a new malware called Drovorub against Linux environments as part of a cyber espionage operation, according to US warnings Continue Reading
-
News
13 Aug 2020
Ed Sheeran is not promoting investment opportunities, says NCSC
The National Cyber Security Centre has issued a new warning after uncovering a series of online scams promoting fraudulent celebrity-endorsed investment opportunities Continue Reading
-
Opinion
13 Aug 2020
How to tackle the IAM challenges of multinational companies
The rapidly changing business, regulatory and IT environment makes identity and access management a tough nut to crack for large multinationals Continue Reading
-
News
13 Aug 2020
APAC consumers do not feel responsible for data security
Just one in four consumers believe they should protect their own data, underscoring the tightrope between security and convenience that organisations have been walking on Continue Reading
-
News
12 Aug 2020
How Dharma ransomware became an effective services business
New research looks under the bonnet of a Dharma ransomware attack, with the ransomware's ease of use being particularly dangerous for small to medium-sized enterprises Continue Reading
-
News
12 Aug 2020
Microsoft patches two zero-days with active exploits
Microsoft drops another major Patch Tuesday update, including fixes for two zero-day exploits that are already being exploited by cyber criminals Continue Reading
-
News
12 Aug 2020
Security training body Sans Institute hit by data breach
Around 28,000 items of personally identifiable data were lost in a phishing attack on Sans, proving that even the professionals can be caught out Continue Reading
-
News
11 Aug 2020
NHS hit by thousands of malicious emails at height of pandemic
The NHS received nearly 30,000 malicious emails at the height of the Covid-19 pandemic in March and April Continue Reading
-
News
11 Aug 2020
Coronavirus: Phishing lures pivot to exploit vaccine hopes
Phishing emails are increasingly luring in victims with subject lines relating to the development of a vaccine for Covid-19 Continue Reading
-
News
11 Aug 2020
Hospitality sector is failing on contact-tracing obligations
Cyber security experts urge the government to do more to help small hospitality businesses improve their contact-tracing data-handling practices Continue Reading
-
News
10 Aug 2020
Retailer Monsoon allegedly exposing data via Pulse Connect server
A researcher has found a critically insecure Pulse Connect Secure VPN version belonging to UK retailer Monsoon Accessorize, but claims the firm is ignoring his disclosures Continue Reading
-
News
10 Aug 2020
Security teams struggle to keep pace with cloud threats
Security professionals face challenges in keeping pace with cloud deployments and migrations, and the additional security threats they open up Continue Reading
-
News
07 Aug 2020
Virgin Media customers targeted in Twitter phish
Customers seeking help from the ISP are being targeted by a scam Twitter account Continue Reading
-
News
07 Aug 2020
TikTok to be banned in US in 45 days
Trump says his Executive Orders against Chinese mobile apps are in the interests of dealing with a national emergency Continue Reading
-
News
06 Aug 2020
Australia updates cyber security strategy but offers little new
The nation’s latest cyber security strategy includes centralised management of networks and a voluntary code of practice for deploying internet-connected devices, among other areas Continue Reading
-
News
06 Aug 2020
Qualcomm chip vulnerability puts millions of phones at risk
Qualcomm has patched multiple vulnerabilities in its chip hardware that left hundreds of millions of smartphones open to compromise by malicious actors Continue Reading
-
News
06 Aug 2020
Canon said to be latest Maze ransomware victim
Canon may have had up to 10TB of its data exfiltrated by the Maze ransomware gang Continue Reading
-
News
06 Aug 2020
GCHQ seeks researchers to tackle deep fakes and misinformation
A GCHQ research fellowship based at its Manchester office will explore various national security priorities such as deep fakes, fake news and the impact of AI Continue Reading
-
News
05 Aug 2020
Seven questions you need to ask when buying security insurance
Find out what you need to ask to make an informed decision on cyber security insurance with new help from the UK’s NCSC Continue Reading
-
Opinion
05 Aug 2020
The countdown is on for TikTok after Schrems II
Given the US’ threatened actions against TikTok and the outcome of Schrems II, it is clear that the spotlight is now firmly on international data transfers Continue Reading
-
News
05 Aug 2020
Second wave of Covid-19 cyber attacks locked in
More cyber attacks exploiting the pandemic seem likely, says Interpol Continue Reading
-
News
04 Aug 2020
Liam Fox hack raises questions over government security
The hack of a former cabinet minister’s emails casts doubt over the effectiveness of safeguards and security training processes at the highest levels of the British government Continue Reading
-
News
04 Aug 2020
New foundation to bolster security of open source software
The Open Source Security Foundation will bring together key open source security initiatives across the industry to improve and support the security of open source software Continue Reading
-
News
03 Aug 2020
Estonian police and border services need better IT to block criminals from becoming e-residents
Police and Border Guard Board of Estonia needs to improve its IT systems to stop criminals from becoming e-residents, says report Continue Reading
-
News
03 Aug 2020
Microsoft offers way out of TikTok impasse
Microsoft offers to buy TikTok from its Chinese parent to ease security fears in the US Continue Reading
-
News
02 Aug 2020
More data breaches from ransomware attacks in Australia
The number of data breaches caused by ransomware rose to 33 in the first half of 2020 from 13 in the previous six-month period, according to the latest report from the Office of the Australian Information Commissioner Continue Reading
-
News
31 Jul 2020
Labour Party is latest victim of Blackbaud ransomware attack
Widening Blackbaud data breach ensnares the Labour Party as the cloud software firm continues to duck questions about its behaviour Continue Reading
-
News
31 Jul 2020
Twitter confirms it was hit by targeted spearphishing attack
Investigation into 15 July 2020 hack of a number of high-profile accounts by cryptocurrency scammers has found evidence of a targeted spearphishing incident Continue Reading
-
News
31 Jul 2020
EU sanctions China and Russia over cyber attacks
The EU is applying restrictive measure to six individuals and three entities accused of conducting disruptive cyber attacks in Europe, including the Russian GRU Continue Reading
-
News
30 Jul 2020
List of Blackbaud breach victims tops 120
More than 120 education and third-sector organisations may have had their data compromised through the breach of Blackbaud’s cloud platform Continue Reading
-
News
29 Jul 2020
Serious BootHole vulnerability puts millions of systems at risk
BootHole is a GRUB2 bootloader vulnerability and puts millions of PCs, servers and other devices at risk of compromise Continue Reading
-
News
29 Jul 2020
Majority of organisations at risk of cloud data exposure
Report casts doubt on the effectiveness of the shared responsibility model of cloud security Continue Reading
-
News
28 Jul 2020
De Montfort, KCL, Newcastle universities join list of Blackbaud victims
Embattled cloud services provider now has big questions to answer over its handling of data belonging to UK universities and charities Continue Reading
-
News
28 Jul 2020
Garmin may have paid hackers ransom, reports suggest
Garmin’s services are coming back online, but the company remains tight-lipped about what exactly happened to it Continue Reading
-
News
28 Jul 2020
NCSC names national security expert Lindy Cameron as new CEO
New National Cyber Security Centre head joins from the Northern Ireland Office and has spent 20 years in government at home and abroad Continue Reading
-
News
28 Jul 2020
Scotland’s security resilience centre concept goes national
Based on the success of the Scottish Business Resilience Centre, a series of regional Cyber Resilience Centres are now launching across the rest of the UK Continue Reading
-
News
26 Jul 2020
Australia issues new cloud computing guidelines
The new guidance, which comes after the expiry of the government’s cloud services certification programme, will help to bolster Australia’s cyber security resilience Continue Reading
-
News
24 Jul 2020
Investment in neurodiverse talent a win-win for security
Current careers guidance and recruitment processes for security jobs are not working for people with ADHD, autism, dyslexia and dyspraxia, but the problem is fixable with a little attention to detail Continue Reading
-
News
24 Jul 2020
A question of trust: University and supplier on the hook for data breach
Data on students at the University of York was stolen in a ransomware attack on a supplier two months ago, and the response of both parties raises serious questions Continue Reading
-
News
22 Jul 2020
NCSC reveals scale of cyber attacks on UK sports industry
The UK’s sports industry is under near constant cyber attack, according to new statistics from the National Cyber Security Centre Continue Reading
-
News
22 Jul 2020
No let-up in cyber attacks as lockdown eases
Cyber attacks are up by one-third as the coalescence of cyber activity and nation state-linked threats around the pandemic bears fruit for bad actors Continue Reading
-
News
22 Jul 2020
US charges Chinese nationals with Covid-19 research hacking
The two hackers allegedly worked with the Chinese Ministry of State Security, targeting intellectual property and confidential business information Continue Reading
-
News
21 Jul 2020
Coronavirus: Government drags its feet on online misinformation
Online misinformation about Covid-19 continues to spread unchecked, according to a DCMS committee report which has accused the government of dragging its feet over online harms Continue Reading
-
News
21 Jul 2020
Russia Report reveals long-running cyber warfare campaign against UK
Russia has been hacking the UK for years and the British government has also known about it for years, according to the Intelligence and Security Committee’s report Continue Reading
-
News
21 Jul 2020
Australian industry panel calls for ‘clear consequences’ of cyber attacks
A government-appointed panel recommends strong deterrence and other measures to be implemented in Australia’s next cyber security strategy Continue Reading
-
News
20 Jul 2020
ICO hails transformative year as average fine trebles
Information Commissioner’s Office annual report reflects on a busy period, during which it levied two of the largest fines so far seen under the GDPR Continue Reading
-
News
20 Jul 2020
Businesses underestimate negative impact of bot traffic
Research from Netacea finds that although awareness of malicious bot activity is high, many are underestimating its true impact Continue Reading
-
News
20 Jul 2020
Test and Trace programme unlawful, admits government
The Department of Health and Social Care failed in its legal obligation to complete a mandatory Data Protection Impact Assessment Continue Reading
-
News
17 Jul 2020
Enterprises need to rethink how end-of-life equipment is dealt with
Electronic waste is a massive and growing problem, but many companies are not recycling or reusing IT equipment, instead opting for physical destruction of the assets Continue Reading
-
News
17 Jul 2020
Twitter hack fallout: Investigators on trail of cyber criminals
Investigators are hunting the cyber criminals who broke into Twitter’s systems to hijack prominent accounts, amid concerns that more attacks may come Continue Reading
-
E-Zine
17 Jul 2020
CW APAC: Trend Watch – security
It wasn’t that long ago when DevSecOps was little more than a mispronunciation of DevOps. Fast forward to today, the notion of embedding security into the development process is not only accepted, but increasingly championed. In this handbook, Computer Weekly looks at what organisations in the Asia-Pacific region are doing to secure their systems, from adopting a DevSecOps approach, to preparing for cyber attacks and ensuring the privacy of Covid-19 contact-tracing app users. Continue Reading
-
E-Zine
17 Jul 2020
CW ANZ: Expert advice on security
Supply chain risks are invisible to many organisations, which means they are often not prioritised from an IT security perspective, partly because supply chain risk management is often seen as a procurement issue. In this handbook, Computer Weekly looks at how organisations in Australia and New Zealand can better protect themselves against supply chain attacks and other evolving cyber threats. Continue Reading
-
News
16 Jul 2020
Russian state hackers attacking Covid-19 researchers
Kremlin-linked APT29 group, also known as Cozy Bear, is conducting a campaign against Covid-19 researchers around the world Continue Reading
-
News
16 Jul 2020
Bazar malware may be new tool in Trickbot arsenal
Cybereason’s Nocturnus research team uncovers new Bazar malware, which shares some similarities with other varieties Continue Reading
-
News
16 Jul 2020
Cryptocurrency scammers attack Twitter in insider breach
Apparent insider breach at Twitter saw so-called “blue tick” accounts of business people, politicians and celebrities hijacked to promote a Bitcoin scam Continue Reading
-
News
16 Jul 2020
Coronavirus shines spotlight on cyber security
Programme committee chair of this year's RSA Conference Asia-Pacific and Japan talks up the challenges that IT security professionals in APAC are facing to mitigate security risks amid the Covid-19 pandemic Continue Reading
-
News
15 Jul 2020
Government proposes IoT security enforcement body
The government is today publishing new proposals concerning planned legislation that will protect users of smart IoT devices from cyber criminals Continue Reading
-
News
15 Jul 2020
Patch Tuesday: Microsoft fixes 123 bugs in July 2020 update
The bugs start coming and they don’t stop coming; Microsoft has issued yet another bumper Patch Tuesday update Continue Reading
-
News
14 Jul 2020
Check Point unearths critical SigRed bug in Windows DNS
SigRed vulnerability is highly dangerous, but is being fixed as part of the July 2020 Patch Tuesday update Continue Reading
-
News
14 Jul 2020
CISOs undervalued, overworked, burning out, warns CIISec
The vast majority of security professionals say they are under immense pressure, according to a report Continue Reading
-
Opinion
14 Jul 2020
Security Think Tank: AI in cyber needs complex cost/benefit analysis
AI and machine learning techniques are said to hold great promise in security, enabling organisations to operate a IT predictive security stance and automate reactive measures when needed. Is this perception accurate, or is the importance of automation being gravely overestimated? Continue Reading
-
News
14 Jul 2020
‘Name-and-shame’ ransomware attacks increasing in prevalence
Since emerging at the tail-end of 2019, double extortion, or exfiltration and encryption, ransomware attacks have become highly popular, and now account for a significant number of incidents, according to Emsisoft research Continue Reading
-
News
14 Jul 2020
Australian enterprises facing more cyber attacks
The volume of cyber attacks in Australia jumped from 90% in October 2019 and 81% in February 2019, underscoring the worsening threat landscape in the country Continue Reading
-
News
13 Jul 2020
NCSC launches pen testing service for remote workers
An expansion to the successful Exercise in a Box toolkit will enable SMEs to probe the cyber security defences of remote workers Continue Reading
-
News
13 Jul 2020
Zoom zero-day a reminder to stop using Windows 7
Researchers have disclosed a newly discovered zero-day vulnerability to videoconferencing service Zoom, which only affects users of Windows 7 systems Continue Reading
-
News
09 Jul 2020
HSBC customers targeted in new smishing scam
SMS phishing scam is targeting HSBC customers in the UK to trick them into handing over their bank account details Continue Reading
-
News
09 Jul 2020
Majority of security pros fed up with alert fatigue
A vast majority of security professionals say they experience alert fatigue, and 88% are facing challenges with their current SIEM setup, according to a report Continue Reading
-
News
09 Jul 2020
Clearview AI faces ICO investigation over facial recognition
Controversial company that scraped data from the public internet to build its facial recognition algorithm faces a joint UK-Australian investigation into its practices Continue Reading
-
News
09 Jul 2020
Most finance firms are multicloud, but many are unprepared for public cloud cyber attacks
Financial services firms are moving to the cloud at pace, but many are uncertain whether they could cope with an attack on an application based in the public cloud Continue Reading
-
News
09 Jul 2020
Pubs and restaurants failing on cyber fraud protection
Virtually all of the UK’s most popular restaurant and pub brands are failing to proactively block fraudulent emails from reaching their targets Continue Reading