Web application security news, help and research

News : Web application security

January 19, 2022 19 Jan'22
Investigators find Beijing 2022 app riddled with security flaws

Security flaws in Olympic app may put personal health data at risk of compromise in a man-in-the-middle attack
January 17, 2022 17 Jan'22
Top three questions about the Log4j vulnerability

Singapore’s Ensign Infosecurity answers the top three questions about the impact of the Log4j vulnerability
January 14, 2022 14 Jan'22
Nato offers tech support after 'massive cyber attack' hits Ukraine

Speculation mounts that Russia is behind a cyber attack which defaced Ukrainian government websites amid growing international tension
January 14, 2022 14 Jan'22
Umbrella company Brookson self-refers to NCSC following cyber attack on its network

Contractor payroll, accounting and compliance firm confirms its networks have been targeted by an ‘extremely aggressive’ cyber attack that has resulted in some of its systems being proactively taken offline

When is SIEM the right choice over SOAR?

Better instrumentation leads to better IT security but monitoring can quickly overload IT teams. Automation can help, but it may not always be needed Continue Reading
Five ways to ensure remote working security and compliance

A mix of on-site and remote working has become a fact of life for many organisations. We look at five key things you should consider to ensure compliance and security Continue Reading
Tips to minimise vulnerabilities in web and mobile apps

Agile software development can sometimes be at odds with secure by design principles. We look at how organisations are balancing security with coding Continue Reading

2022: Time to take algorithm-enhanced online abuse seriously

The algorithms used by dominant social media companies have compounded the risks to unsupervised children in their bedrooms by automating the processes predators use to find and groom potential ... Continue Reading
Marriages Are Back On The Agenda – Even In IT

Ah – the return of “normality” in the UK – i.e., people are still getting ill but the government admits it doesn’t care any longer, other than by increasing taxes… But enough of the ... Continue Reading
The DDoS Battle

In the many years I’ve been testing and analysing the security side of IT, one evident point is that the classic forms of attack: identifying common vulnerabilities and Distributed Denial of ... Continue Reading

Enabling secure remote working is once again a top priority

The pandemic has bought many new security risks, particularly around remote working. As the UK government once again urges people to work from home under its Plan B restrictions, these risks must be tackled as a priority Continue Reading
Security Think Tank: Attackers leveraging the supply chain

Security learning is a career-long process, so as 2021 draws to a close, participants in the Computer Weekly Security Think Tank sum up the most important cyber lessons they have taken away from the past 12 months Continue Reading
Security Think Tank: In the cloud, anti-human approaches set us up to fail

Security learning is a career-long process, so as 2021 draws to a close, participants in the Computer Weekly Security Think Tank sum up the most important cyber lessons they’ve taken away from the past 12 months Continue Reading

Lauri Love: how reformed hackers halted the WannaCry virus

Lauri Love presents a compelling story of the WannaCry malware that nearly brought down the NHS, and the behind the scenes work of former hackers, and security researchers that helped to prevent lives being lost. Love is facing extradition to the US after allegedly taking part in a hacking protest over the death of internet pioneer Aaron Swartz, who faced jail for using a hidden computer to downloading academic journals at MIT.