Security policy and user awareness
-
News
27 May 2025
US makes fresh indictments over DanaBot, Qakbot malwares
US charges the operators of two malwares, DanaBot and Qakbot, whose actions led to millions of dollars worth of cyber theft and fraud Continue Reading
-
News
27 May 2025
Armed forces charity steps in to address cyber mental health crisis
CIISec and military charity PTSD Resolution hope to address a gathering mental health crisis among frontline cyber professionals Continue Reading
-
News
21 Jul 2020
Coronavirus: Government drags its feet on online misinformation
Online misinformation about Covid-19 continues to spread unchecked, according to a DCMS committee report which has accused the government of dragging its feet over online harms Continue Reading
-
News
21 Jul 2020
Russia Report reveals long-running cyber warfare campaign against UK
Russia has been hacking the UK for years and the British government has also known about it for years, according to the Intelligence and Security Committee’s report Continue Reading
-
News
21 Jul 2020
Australian industry panel calls for ‘clear consequences’ of cyber attacks
A government-appointed panel recommends strong deterrence and other measures to be implemented in Australia’s next cyber security strategy Continue Reading
-
News
20 Jul 2020
ICO hails transformative year as average fine trebles
Information Commissioner’s Office annual report reflects on a busy period, during which it levied two of the largest fines so far seen under the GDPR Continue Reading
-
News
20 Jul 2020
Businesses underestimate negative impact of bot traffic
Research from Netacea finds that although awareness of malicious bot activity is high, many are underestimating its true impact Continue Reading
-
News
20 Jul 2020
Test and Trace programme unlawful, admits government
The Department of Health and Social Care failed in its legal obligation to complete a mandatory Data Protection Impact Assessment Continue Reading
-
News
17 Jul 2020
Enterprises need to rethink how end-of-life equipment is dealt with
Electronic waste is a massive and growing problem, but many companies are not recycling or reusing IT equipment, instead opting for physical destruction of the assets Continue Reading
-
News
17 Jul 2020
Twitter hack fallout: Investigators on trail of cyber criminals
Investigators are hunting the cyber criminals who broke into Twitter’s systems to hijack prominent accounts, amid concerns that more attacks may come Continue Reading
-
E-Zine
17 Jul 2020
CW APAC: Trend Watch – security
It wasn’t that long ago when DevSecOps was little more than a mispronunciation of DevOps. Fast forward to today, the notion of embedding security into the development process is not only accepted, but increasingly championed. In this handbook, Computer Weekly looks at what organisations in the Asia-Pacific region are doing to secure their systems, from adopting a DevSecOps approach, to preparing for cyber attacks and ensuring the privacy of Covid-19 contact-tracing app users. Continue Reading
-
E-Zine
17 Jul 2020
CW ANZ: Expert advice on security
Supply chain risks are invisible to many organisations, which means they are often not prioritised from an IT security perspective, partly because supply chain risk management is often seen as a procurement issue. In this handbook, Computer Weekly looks at how organisations in Australia and New Zealand can better protect themselves against supply chain attacks and other evolving cyber threats. Continue Reading
-
News
16 Jul 2020
Russian state hackers attacking Covid-19 researchers
Kremlin-linked APT29 group, also known as Cozy Bear, is conducting a campaign against Covid-19 researchers around the world Continue Reading
-
News
16 Jul 2020
Bazar malware may be new tool in Trickbot arsenal
Cybereason’s Nocturnus research team uncovers new Bazar malware, which shares some similarities with other varieties Continue Reading
-
News
16 Jul 2020
Cryptocurrency scammers attack Twitter in insider breach
Apparent insider breach at Twitter saw so-called “blue tick” accounts of business people, politicians and celebrities hijacked to promote a Bitcoin scam Continue Reading
-
News
16 Jul 2020
Coronavirus shines spotlight on cyber security
Programme committee chair of this year's RSA Conference Asia-Pacific and Japan talks up the challenges that IT security professionals in APAC are facing to mitigate security risks amid the Covid-19 pandemic Continue Reading
-
News
15 Jul 2020
Government proposes IoT security enforcement body
The government is today publishing new proposals concerning planned legislation that will protect users of smart IoT devices from cyber criminals Continue Reading
-
News
15 Jul 2020
Patch Tuesday: Microsoft fixes 123 bugs in July 2020 update
The bugs start coming and they don’t stop coming; Microsoft has issued yet another bumper Patch Tuesday update Continue Reading
-
News
14 Jul 2020
Check Point unearths critical SigRed bug in Windows DNS
SigRed vulnerability is highly dangerous, but is being fixed as part of the July 2020 Patch Tuesday update Continue Reading
-
News
14 Jul 2020
CISOs undervalued, overworked, burning out, warns CIISec
The vast majority of security professionals say they are under immense pressure, according to a report Continue Reading
-
Opinion
14 Jul 2020
Security Think Tank: AI in cyber needs complex cost/benefit analysis
AI and machine learning techniques are said to hold great promise in security, enabling organisations to operate a IT predictive security stance and automate reactive measures when needed. Is this perception accurate, or is the importance of automation being gravely overestimated? Continue Reading
-
News
14 Jul 2020
‘Name-and-shame’ ransomware attacks increasing in prevalence
Since emerging at the tail-end of 2019, double extortion, or exfiltration and encryption, ransomware attacks have become highly popular, and now account for a significant number of incidents, according to Emsisoft research Continue Reading
-
News
14 Jul 2020
Australian enterprises facing more cyber attacks
The volume of cyber attacks in Australia jumped from 90% in October 2019 and 81% in February 2019, underscoring the worsening threat landscape in the country Continue Reading
-
News
13 Jul 2020
NCSC launches pen testing service for remote workers
An expansion to the successful Exercise in a Box toolkit will enable SMEs to probe the cyber security defences of remote workers Continue Reading
-
News
13 Jul 2020
Zoom zero-day a reminder to stop using Windows 7
Researchers have disclosed a newly discovered zero-day vulnerability to videoconferencing service Zoom, which only affects users of Windows 7 systems Continue Reading
-
News
09 Jul 2020
HSBC customers targeted in new smishing scam
SMS phishing scam is targeting HSBC customers in the UK to trick them into handing over their bank account details Continue Reading
-
News
09 Jul 2020
Majority of security pros fed up with alert fatigue
A vast majority of security professionals say they experience alert fatigue, and 88% are facing challenges with their current SIEM setup, according to a report Continue Reading
-
News
09 Jul 2020
Clearview AI faces ICO investigation over facial recognition
Controversial company that scraped data from the public internet to build its facial recognition algorithm faces a joint UK-Australian investigation into its practices Continue Reading
-
News
09 Jul 2020
Most finance firms are multicloud, but many are unprepared for public cloud cyber attacks
Financial services firms are moving to the cloud at pace, but many are uncertain whether they could cope with an attack on an application based in the public cloud Continue Reading
-
News
09 Jul 2020
Pubs and restaurants failing on cyber fraud protection
Virtually all of the UK’s most popular restaurant and pub brands are failing to proactively block fraudulent emails from reaching their targets Continue Reading
-
News
08 Jul 2020
Political awareness needed to ethically handle migration data, panel claims
Understanding the political, social and economic relationships between different groups in society is needed to ensure location data is not used in ways that further endanger already vulnerable people on the move Continue Reading
-
News
08 Jul 2020
Use of spyware apps linked to domestic abuse soars in lockdown
The rise in domestic violence during the pandemic has been linked to increase use of stalkerware apps by abusers Continue Reading
-
News
08 Jul 2020
Cosmic Lynx cyber crime group takes BEC to new heights
Newly identified Russian threat group targets large organisations with increasingly dangerous business email compromise attacks Continue Reading
-
News
08 Jul 2020
Over 15 billion credentials for sale on dark web
Research by Digital Shadows reveals the scale of the security threat facing consumers as it uncovers 15 billion usernames and passwords stolen in more than 100,000 different data breaches Continue Reading
-
News
07 Jul 2020
Cyber4Summer scheme to divert young people from cyber crime
Cyber4Summer platform will offer 100 different tracks covering a range of security skills to divert them from falling into a life of cyber crime Continue Reading
-
Opinion
07 Jul 2020
Security Think Tank: Balancing human oversight with AI autonomy
Artificial intelligence and machine learning techniques are said to hold great promise in security, enabling organisations to operate an IT predictive security stance and automate reactive measures when needed. Is this perception accurate, or is the importance of automation gravely overestimated? Continue Reading
-
News
06 Jul 2020
CIO interview: David Allison, global head of IT, First Quantum Minerals
For his first global CIO role, the IT chief had to tackle unusual challenges such as reliable networking and IT use in inhospitable mining environments in developing countries Continue Reading
-
News
03 Jul 2020
Chinese law may require companies to disclose cyber-security preparations outside China
Companies with Chinese operations may have to disclose information about the security of their networks in other countries under China’s draft data security law Continue Reading
-
Opinion
03 Jul 2020
Security Think Tank: Artificial intelligence will be no silver bullet for security
AI and machine learning techniques are said to hold great promise in security, enabling organisations to operate an IT predictive security stance and automate reactive measures when needed. Is this perception accurate, or is the importance of automation gravely overestimated? Continue Reading
-
News
02 Jul 2020
Locked-down teens flock to NCSC CyberFirst training scheme
A record number of 14 to 17-year-olds have signed up to the National Cyber Security Centre’s CyberFirst summer school Continue Reading
-
Opinion
02 Jul 2020
Security Think Tank: AI cyber attacks will be a step-change for criminals
AI and machine learning techniques are said to hold great promise in security, enabling organisations to operate an IT predictive security stance and automate reactive measures when needed. Is this perception accurate, or is the importance of automation gravely overestimated? Continue Reading
-
News
01 Jul 2020
UK’s unsung cyber security heroes sought
Nominations have opened for the fifth annual Security Serious Unsung Heroes Awards Continue Reading
-
News
01 Jul 2020
Zoom making progress on cyber security and privacy, says CEO
Three months after being hit by a spate of security incidents, Zoom’s CEO, Eric Yuan, has been discussing progress towards a more secure product Continue Reading
-
News
01 Jul 2020
Remote workers more aware of security, but still flout the rules
Almost three-quarters of remote workers reckon they have gained in cyber security awareness during lockdown, but don’t seem to be especially bothered about keeping themselves safe Continue Reading
-
News
01 Jul 2020
Mysterious EvilQuest macOS ransomware spreads through torrents
A new strain of ransomware, dubbed EvilQuest, is threatening Apple Mac environments, and seems to behave quite oddly Continue Reading
-
Opinion
01 Jul 2020
Security Think Tank: Get your house in order before deploying AI
AI and machine learning techniques are said to hold great promise in security, enabling organisations to operate a IT predictive security stance and automate reactive measures when needed. Is this perception accurate, or is the importance of automation being gravely overestimated? Continue Reading
-
Opinion
01 Jul 2020
Time to rethink business continuity and cyber security
Business continuity and cyber security remain largely in separate silos, but changes in the IT and cyber threat landscapes mean there is an urgent need for organisations to alter their approach Continue Reading
-
News
01 Jul 2020
FakeSpy Android malware targets Royal Mail app users
The FakeSpy malware was first identified in October 2017 but is now significantly more powerful and dangerous Continue Reading
-
News
30 Jun 2020
Australia to invest a record A$1.35bn in cyber security
The Australian government is making its largest ever investment in cyber security over the next decade to identify cyber threats, disrupt foreign cyber criminals and build new capabilities Continue Reading
-
News
30 Jun 2020
ReversingLabs makes over 100 Yara rules publicly available
Threat intelligence specialist is making its IP available on GitHub to support malware hunters in their work Continue Reading
-
Opinion
30 Jun 2020
Security Think Tank: ‘Shift left’ to secure containers
Adopting containers promises great organisational efficiency advantages, but the fast-evolving technology can be problematic for security teams. What do CISOs need to know to safeguard containers? Continue Reading
-
News
30 Jun 2020
The Security Interviews: What CISOs can learn from Covid-19
Mike Lloyd, CTO at Redseal, holds 21 cyber security patents and a PhD in stochastic epidemic modelling from Heriot-Watt University in Edinburgh, so is probably the man to talk to when it comes to cyber security in the world of Covid-19 Continue Reading
-
News
30 Jun 2020
Complex security estates hinder incident response
The more disparate security tools in use in an organisation, the harder it becomes to mount an effective incident response Continue Reading
-
News
29 Jun 2020
Phishing back in vogue as ransomware vector
Researchers have observed an increase in phishing as a means to deliver ransomware payloads – and organisations don’t appear to be prepared Continue Reading
-
News
29 Jun 2020
Evil Corp’s latest ransomware project spreading fast
A new ransomware strain dubbed WastedLocker is spreading rapidly and targeting major corporations Continue Reading
-
News
29 Jun 2020
Out of date security laws leave UK plc at risk during pandemic
The CyberUp coalition has written to Boris Johnson to urge him to reform the UK’s 30 year-old cyber crime laws Continue Reading
-
News
26 Jun 2020
Coronavirus: Cyber crime landscape evolving as lockdown eases
As some countries begin to gradually ease Covid-19 lockdown measures, cyber criminals’ tactics are changing, but the pandemic remains a tempting lure Continue Reading
-
Opinion
26 Jun 2020
Australian government has failed on cyber security
The federal government’s current approach of allowing each agency to make its own cyber decisions is not working and more needs to be done to hunt down adversaries Continue Reading
-
News
25 Jun 2020
Pub ‘check-in’ apps provoke fresh privacy concerns
With pubs and restaurants required to collect customer data for contact tracing when they reopen, data privacy risks will be heightened Continue Reading
-
News
24 Jun 2020
NCSC catches a million phishes in its nets
The NCSC has racked up a million suspicious email reports from the public just two months after launching a reporting service, but the lucky sender won’t be receiving a grand prize Continue Reading
-
Opinion
24 Jun 2020
Security Think Tank: Securing containers needn’t be taxing
Adopting containers promises great organisational efficiency advantages, but the fast-evolving technology can be problematic for security teams. What do CISOs need to know to safeguard containers? Continue Reading
-
News
24 Jun 2020
EU judges GDPR an overall success, but changes still needed
Two years after its implementation, an EU report says that the GDPR is achieving what it set out to do, with a few reservations Continue Reading
-
News
24 Jun 2020
Brits will sell their personal data for pennies
Surprising findings from an Okta report on digital identity suggest Brits would be willing to part with valuable personal data for a surprisingly low amount Continue Reading
-
Feature
24 Jun 2020
APT groups’ mobile momentum finally faces resistance
State-backed APT groups are increasingly targeting mobile devices as Covid-19 puts the spotlight on remote working infrastructure security. We explore how the industry is fighting back Continue Reading
-
Feature
23 Jun 2020
How to apply zero-trust models to container security
Containers have become a common fixture in software development, but they have resulted in new concerns for security teams. Is zero-trust the answer to tackling them? Continue Reading
-
News
23 Jun 2020
Neurodiversity on the rise among career hackers
More diverse hackers enhance the ability of both traditional and cutting-edge cyber security solutions to find and fix vulnerabilities, according to a new report from Bugcrowd Continue Reading
-
News
23 Jun 2020
Flash-based MacOS malware hides in plain sight
By masquerading as a legitimate Adobe web application, the new malware strains can trick Mac users into bypassing their on-board defences Continue Reading
-
News
23 Jun 2020
Concern over digital risk falls dramatically during pandemic
Brits are understandably more worried about the NHS than personal cyber security Continue Reading
-
News
21 Jun 2020
APAC still hotbed for cyber attacks
Individuals and organisations in APAC are encountering malware more frequently than the rest of the world, study finds Continue Reading
-
E-Zine
18 Jun 2020
CW APAC: Trend Watch – data protection
Asia-Pacific organisations see the importance of having good data protection practices, even as they are still grappling with organisational and operational challenges. In this handbook, Computer Weekly looks at the different levels of preparedness across the region and what firms can do to plug any gaps. Continue Reading
-
News
18 Jun 2020
Cisco patches dangerous Webex vulnerability
CVE-2020-3347 bug enables cyber criminals to steal meeting records from within Cisco’s Webex service Continue Reading
-
News
18 Jun 2020
Check Point uncovers targeted Microsoft Office 365 phishing campaign
Organised criminal campaign exploited Adobe, Oxford University and Samsung web domains to trick users into giving up their passwords Continue Reading
-
News
18 Jun 2020
Zoom U-turns on end-to-end encryption
Embattled video-conferencing provider Zoom backtracks on previous refusals to provide end-to-end encryption to free users Continue Reading
-
Blog Post
17 Jun 2020
Help secure the top UK entry point for cyberfraud
“NHS” is the UK’s most trusted brand. Until recently it was one of the least protected/secure. There have been significant improvements but, as a result of Covid, impersonating the NHS now comes ... Continue Reading
-
News
17 Jun 2020
Coronavirus: 50% of security pros had no pandemic contingency plan
A survey of security professionals conducted on behalf of Bitdefender reveals the lack of forward planning for events such as the Covid-19 coronavirus pandemic Continue Reading
-
News
16 Jun 2020
UK-US data deal puts Brexit data adequacy pact at risk
European Data Protection Board writes to MEPs saying the UK is at risk of failing to strike a post-Brexit data adequacy accord if its data protection agreements with the US don’t strike the right note Continue Reading
-
News
16 Jun 2020
Activists call on Zoom to implement encryption for all
A coalition of tech organisations and nonprofits have urged Zoom CEO Eric Yuan to make end-to-end encryption available to all users Continue Reading
-
News
15 Jun 2020
Banking trojans roar back to prominence in May
Check Point sees an upswing in malicious activity around a number of classic banking trojan malware variants Continue Reading
-
News
15 Jun 2020
Accessories store Claire’s hit by Magecart credit card fraudsters
Attackers gained access to retailer’s website as long ago as March Continue Reading
-
News
12 Jun 2020
NHS email service users ensnared in phishing attack
More than 100 accounts on the NHSmail service were affected by attack, but health service says no patient data was accessed Continue Reading
-
News
12 Jun 2020
Fake contact-tracing apps delivering banking trojans
Spoof government coronavirus apps are popping up all over the world, says the Anomali Threat Research team Continue Reading
-
News
12 Jun 2020
100,000 cheap wireless cameras vulnerable to hacking
Active devices built by Chinese firm HiChip have been sold in the UK as webcams and connected baby monitors Continue Reading
-
News
11 Jun 2020
Coronavirus: Bungled British response leads to rise in security risks
Covid-19 cyber security threats are evolving over the course of the pandemic, becoming more targeted to virus hotspots such as the UK Continue Reading
-
Opinion
11 Jun 2020
Security Think Tank: Container security starts with good DevOps practice
Adopting containers promises great organisational efficiency advantages, but the fast-evolving technology can be problematic for security teams. What do CISOs need to know to safeguard containers? Continue Reading
-
News
10 Jun 2020
Decade-old vulnerability among 129 Patch Tuesday fixes
A 10 year-old bug in Windows Group Policies could easily enable attackers to gain highly privileged user status on target systems, opening the doors to a wave of cyber attacks Continue Reading
-
Opinion
10 Jun 2020
Security Think Tank: Container security is evolving, so must CISOs
Adopting containers promises great organisational efficiency advantages, but the fast-evolving technology can be problematic for security teams. What do CISOs need to know to safeguard containers? Continue Reading
-
Feature
10 Jun 2020
Coronavirus: How to go back to the office safely and securely
Security teams should be used to supporting remote workers effectively by now, but what’s going to happen when people start returning to their offices? We look at the risks and how to address them. Continue Reading
-
News
10 Jun 2020
Nasty surprises lurking in furloughed employees’ inboxes
Research conducted by KnowBe4 points to a looming email security problem as furloughed employees head back to work Continue Reading
-
News
10 Jun 2020
CaixaBank introduces facial recognition ATMs
Spanish bank broadens its use of facial recognition technology on cash machines Continue Reading
-
News
10 Jun 2020
How Australian firms can defend against supply chain attacks
Supply chain security risks can wreak havoc if measures are not taken to deter cyber attackers from exploiting a supplier’s security gaps to target another firm Continue Reading
-
News
09 Jun 2020
Cyber security needs more women role models, says report
A report compiled by security assurance organisation Crest highlights the progress made on gender diversity in cyber security, and offers pointers for next steps Continue Reading
-
News
09 Jun 2020
Poorly-secured AWS buckets used to launch Magecart attacks
Cyber criminals are exploiting misconfigured AWS S3 buckets to run credit card fraud and malvertising campaigns, according to new data Continue Reading
-
E-Zine
09 Jun 2020
How retailers are staying connected during their coronavirus shutdown
In this week’s Computer Weekly, we look at how the hard-hit retail sector has turned to technology to stay connected with staff during the coronavirus lockdown. Our latest buyer’s guide examines best practice in data quality and how to avoid “garbage in garbage out” syndrome. And we look at how remote working affects software development teams. Read the issue now. Continue Reading
-
Blog Post
07 Jun 2020
Tackling the Covid Cyberfraud Pandemic
The Covid-19 lockdown has led to an explosion of fraud and abuse, both on-line and in the "real" world. Before Test and Trace is fully operational it is already being spoofed . The problems are ... Continue Reading
-
News
05 Jun 2020
Police chiefs working with Public Health England on contact-tracing security
Police force representatives are in talks with Public Health England over operational security concerns arising from the NHS Test and Trace coronavirus contact-tracing scheme Continue Reading
-
News
04 Jun 2020
Small businesses failing on remote worker protection
Only one-third of people working for small businesses have received any guidance from their employers on how to secure their remote working set-up Continue Reading
-
News
04 Jun 2020
Black Lives Matter activists targeted by cyber attacks
Civil liberties organisations are being targeted by far-right trolls as protests over the murder of George Floyd spread worldwide Continue Reading
-
News
04 Jun 2020
Coronavirus: Cyber criminals target laid-off workers
Malicious actors are targeting workers laid-off or furloughed during the coronavirus pandemic Continue Reading
-
Opinion
04 Jun 2020
Security Think Tank: Four steps to container security best practice
Adopting containers promises great organisational efficiency advantages, but the fast-evolving technology can be problematic for security teams. What do CISOs need to know to safeguard containers? Continue Reading
-
Opinion
04 Jun 2020
Why trust is the new currency
Businesses need to engender trust with customers amid the complexity of digital transactions involving multiple third parties, even as consumers are not fully cognizant of the importance of data privacy Continue Reading
-
News
03 Jun 2020
Sodinokibi data auctions highlight changing criminal tactics
The operators of the Sodinokibi ransomware strain are auctioning off swathes of stolen data in an apparent bid to raise cash. What is motivating this new tactic? Continue Reading
-
News
03 Jun 2020
Security procurement framework goes live for NHS and public sector
Cyber Security Services Framework, developed by NHS Shared Business Services, has formally launched Continue Reading