Web application security
-
E-Zine
07 Oct 2025
Is the UK’s digital ID scheme doomed to fail?
In this week’s edition of Computer Weekly, we take a look at the government’s somewhat controversial plan to introduce a national, compulsory digital ID scheme. Ranil Boteju, chief data and analytics officer at Lloyds Banking Group, also runs us through how the financial services giant is planning to use agentic AI to improve the customer experience. In the third part of our buyer’s guide on cloud management and security, details about the plethora of security tools that exist for enterprises looking to manage their Amazon Web Services stacks gets the deep-dive treatment. And, in our final feature in the issue, we look at the evolution in mobile app technology within the retail space. Read the issue now. Continue Reading
-
News
06 Oct 2025
Oracle patches E-Business suite targeted by Cl0p ransomware
Oracle pushes a patch for a dangerous zero-day under active exploitation by one of the most notorious ransomware gangs around Continue Reading
-
News
05 Feb 2020
Web app ubiquity gives cyber criminals new opportunities
The popularity and ubiquity of web-based apps such as Office 365 and Salesforce is a temptation too good to miss for cyber criminals Continue Reading
-
News
05 Feb 2020
Check Point pledges end to security updates
Check Point’s Gil Shwed expands on a vision for the next 10 years of cyber security, which he calls Infinity Next Continue Reading
-
News
31 Jan 2020
Davos: The clock is ticking on climate change but cyber crime and emerging technologies add to risks
Climate change, natural disasters, extreme weather and loss of biodiversity are the greatest risks we face. With cyber conflicts, state-sponsored hacking and internet fragmentation, doing nothing is not an option, says the World Economic Forum Continue Reading
-
News
30 Jan 2020
NCSC launches study on cyber security diversity
The UK’s National Cyber Security Centre wants to improve the diversity of the cyber security sector Continue Reading
-
News
29 Jan 2020
UK cyber security sector worth more than £8bn
The UK’s cyber security industry employs 43,000 full-time workers, and contributed nearly £4bn to the UK economy in 2019, according to DCMS Continue Reading
-
News
27 Jan 2020
SANS Institute calls on Manchester security pros
Manchester will play host to a week-long cyber security training event during February Continue Reading
-
News
24 Jan 2020
Milan hosts Cisco’s first European security innovation unit
Cisco has cut the ribbon on its first Cyber Security Co-Innovation Centre in Europe, at Milan’s Leonardo da Vinci Science and Technology Museum Continue Reading
-
News
22 Jan 2020
Citrix releases IoC scanner for ADC and Gateway vulnerabilities
As patches for its compromised NetScaler ADC and Gateway products begin to roll out, Citrix enlists FireEye Mandiant to develop an indicator of compromise scanner for end-users Continue Reading
-
News
22 Jan 2020
Internal error left Microsoft customer service data exposed
Customer service and support records of nearly 250 million Microsoft customers left exposed after database misconfiguration Continue Reading
-
News
22 Jan 2020
ICO code sets out digital privacy standards for children
The Information Commissioner’s Office has published its Age Appropriate Design Code, a set of 15 standards that online platforms must meet to protect the privacy of younger users Continue Reading
-
News
21 Jan 2020
5G builders test vulnerabilities in Finnish hackathon
University hackathon puts 5G security to the test as new wireless technology’s roll-out nears Continue Reading
-
20 Jan 2020
Don’t become the next Travelex: Get ready for ransomware
With Travelex’s IT still in disarray and banks and travellers left without access to funds more than a week after it was hit by a ransomware attack, we ask what others can learn from the foreign exchange services company’s response to the incident. Continue Reading
-
News
20 Jan 2020
Exposed AWS buckets again implicated in multiple data leaks
A series of data leaks in the past week have once again implicated poorly secured Amazon S3 buckets, which are supposed to be private by default Continue Reading
-
News
16 Jan 2020
A quarter of users will fall for basic phishing attacks
Phishing emails that appear to be security alerts are the most effective method of compromise, says KnowBe4 Continue Reading
-
News
15 Jan 2020
Lorca announces new cohort of 20 security scaleups
20 scaleups will focus their attention on automation, zero trust and supply chain security Continue Reading
-
News
15 Jan 2020
LGBTQ+ social app Grindr accused of breaching GDPR
Norwegian Consumer Council files complaints about LGBTQ+ social networking app, alleging it is in breach of the General Data Protection Regulation Continue Reading
-
News
15 Jan 2020
NSA Windows 10 security disclosure raises questions
In an unprecedented move, the NSA has got out in front of a critical cryptographic flaw in Windows 10, but in doing so has raised multiple questions Continue Reading
-
News
15 Jan 2020
Threat landscape grew in complexity in 2019, no respite in sight
Check Point’s annual state of security report shares some 2019 trends and looks ahead to 2020 Continue Reading
-
News
14 Jan 2020
Two-thirds of UK healthcare organisations breached last year
The majority of healthcare organisations in the UK experienced a cyber security incident during 2019, with almost half the result of viruses and malware introduced on third party devices Continue Reading
-
News
14 Jan 2020
Turn the end of Windows 7 support into a security advantage
CISOs can take advantage of the end of support for Microsoft Windows 7 by making the case for more investment in cyber security Continue Reading
-
News
10 Jan 2020
National Lottery hacker jailed for nine months
Small-time cyber criminal jailed for his role in a cyber attack on lottery operator Camelot that netted him just £5 Continue Reading
-
News
08 Jan 2020
TikTok video-sharing app left user data exposed
Check Point uncovered serious vulnerabilities in the TikTok video-sharing app that left users exposed Continue Reading
-
News
24 Dec 2019
Top 10 cyber crime stories of 2019
Here are Computer Weekly’s top 10 cyber crime stories of 2019 Continue Reading
-
News
23 Dec 2019
Top 10 cyber security stories of 2019
Here are Computer Weekly’s top 10 cyber security stories of 2019 Continue Reading
-
News
20 Dec 2019
Finnish government supports local authorities in cyber security initiative
The Finnish government has committed resources to a cyber security project aimed at local authorities Continue Reading
-
News
13 Dec 2019
Alarm bells ring, the IoT is listening
With Christmas bearing down on us, a series of vulnerability disclosures has drawn attention to the parlous state of IoT security, and serves as a timely warning to people planning to buy smart devices as gifts Continue Reading
-
News
09 Dec 2019
Jailed hacker ordered to pay back £270k
An Essex man jailed in April over malware offences dating back years has been ordered to pay back the profits of his crime spree, and sell valuable assets Continue Reading
-
News
06 Dec 2019
Great Cannon DDoS operation fires on Hong Kong protesters
AT&T’s security unit has evidence that China is pressing its Great Cannon DDoS tool into service once again, specifically to target pro-democracy protests in Hong Kong Continue Reading
-
News
05 Dec 2019
Two Russians indicted over Dridex and Zeus malware
The US Department of Justice has indicted two Russian citizens over their alleged role in the distribution of the virulent Bugat, or Dridex, and Zeus banking trojans Continue Reading
-
News
05 Dec 2019
Black Hat Europe: Mental health websites are leaking user data
At Black Hat Europe in London, researchers reveal the extent to which confidential data is being leaked to third parties by online mental health websites Continue Reading
-
News
05 Dec 2019
Aviatrix VPN vulnerability left user endpoints wide open
Immersive Labs has disclosed a serious vulnerability in VPN supplier Aviatrix’s enterprise client that could have granted hackers elevated user privileges across enterprise targets Continue Reading
-
Opinion
03 Dec 2019
Security Think Tank: In-depth protection is a matter of basic hygiene
The belief that effective perimeter security is the best way to protect data is a fallacy that is being repeatedly exposed. We must recognise the need for a data-centric security model to protect data from both internal and external threats, but what does this mean for security professionals? Continue Reading
-
News
02 Dec 2019
Top Android apps at risk from StrandHogg vulnerability
Researchers at Promon say all of the 500 most-downloaded Android apps are at risk from a newly discovered vulnerability Continue Reading
-
News
29 Nov 2019
Hack Friday: This Christmas, fight back against cyber criminals
It’s nearly Christmas, and cyber attacks and fraud attempts in the retail sector are ramping up. Is it time to panic? And is there anything we can do beyond hammering home the message around basic cyber security hygiene? Continue Reading
-
News
25 Nov 2019
Uber app exploit posed safety risk to passengers
A flaw in Uber’s system meant thousands of trips in London were taken with unauthorised drivers at the wheel Continue Reading
-
News
25 Nov 2019
Tim Berners-Lee launches nine principles for the web
Inventor of the worldwide web sets out Contract for the Web to protect its freedom, data privacy and access for all Continue Reading
-
News
19 Nov 2019
Macy’s Magecart breach presages Christmas fraud spike
US retailer Macy’s admits some customer data was accessed by unknown actors during a week-long Magecart attack Continue Reading
-
News
15 Nov 2019
Notorious hackers claim responsibility for Labour DDoS
Hackers claiming to represent Lizard Squad say they were behind a distributed denial of service attack on the UK’s Labour Party Continue Reading
-
News
14 Nov 2019
Home Office Brexit app contains multiple security flaws
The Home Office’s Brexit app may be putting EU citizens’ personal data at risk Continue Reading
-
News
14 Nov 2019
Cyber criminals tool up for Christmas fraud season
Organised criminals are trying to cash in on the festive retail boom with both brand new and tried-and-tested techniques Continue Reading
-
E-Zine
14 Nov 2019
CW APAC: Expert advice on container security
For all the promises of containers, changes in architecture and practices associated with the technology bring new challenges and opportunities. In this handbook, Computer Weekly looks at the security challenges associated with container technology. Continue Reading
-
News
13 Nov 2019
Attack on Labour shows need for DDoS defence but should alarm few
After being hit by two DDoS attacks in the space of 24 hours, many commentators are convinced the UK’s Labour Party is the victim of foreign interference in the General Election campaign. It probably isn’t Continue Reading
-
News
12 Nov 2019
Nordic SMEs lack the money needed for cyber security
Businesses and governments in Denmark and Norway are working together to address a cyber security shortfall for SMEs in each country Continue Reading
-
News
12 Nov 2019
‘Robust’ security foils cyber attack on Labour Party
Labour claims to have been the victim of a cyber attack, but says it is confident no data leaked Continue Reading
-
News
12 Nov 2019
Shared responsibility model key to solving 5G security problem
Both buyers and sellers need to cooperate to solve the thorny issues around 5G security Continue Reading
-
News
07 Nov 2019
Saudis recruited Twitter employees to spy on critics
Court documents reveal how the Saudi Arabian government targeted Twitter employees as part of a coordinated effort to gather information on known dissidents Continue Reading
-
News
06 Nov 2019
Global security workforce must more than double to meet demand
There are about 2.8 million cyber security professionals working today, and the world needs four million more Continue Reading
-
News
05 Nov 2019
Ransomware authors seeking new ways to avoid being spotted
Sector analysis from Sophos has revealed some insight into how malware authors are adapting to thwart cyber security controls Continue Reading
-
News
04 Nov 2019
EU patches 20-year-old open source vulnerability
Ethical hackers taking part in a bug bounty programme on behalf of the European Union have uncovered a 20-year-old vulnerability Continue Reading
-
News
01 Nov 2019
Banks let customers down with mixed approaches to security
Treasury Committee report recommends new measures to tackle financial fraud Continue Reading
-
News
23 Oct 2019
Take responsibility for cyber security basics, urges NCSC CEO
At the launch of its third annual review, NCSC head Ciaran Martin appealed for individuals and businesses to address the fundamentals of cyber security hygiene to help lighten the load Continue Reading
-
News
22 Oct 2019
NordVPN blames datacentre provider for server breach
VPN provider insists no user data was compromised in a March 2018 server breach, and says its datacentre provider failed to inform it of the issue Continue Reading
-
News
22 Oct 2019
Attacker hit VPN firm Avast through its VPN
Avast has published details of how attackers attempted to gain access to its network over a five month period Continue Reading
-
News
22 Oct 2019
Over-30s tend to do better at cyber security than younger colleagues
Attitudes to workplace cyber security differ by age group, but not in the way one might imagine, according to a new study by NTT Security Continue Reading
-
News
21 Oct 2019
Sodinokibi emerging as a diverse, multi-vector threat to businesses
McAfee shares insight into the Sodinokibi ransomware campaign gleaned from its network of honeypots Continue Reading
-
News
08 Oct 2019
IBM, McAfee among founders of open source security alliance
A group of cyber security suppliers have come together to form the Open Cybersecurity Alliance Continue Reading
-
News
04 Oct 2019
UK and US call on Facebook to walk back encryption plans
The US, Australian and UK governments have asked Facebook to ditch plans to deploy end-to-end encryption across Facebook Messenger, Instagram and WhatsApp Continue Reading
-
News
03 Oct 2019
LogRhythm touts unlimited data plan for SIEM systems
SIEM supplier introduces three-year, term-based pricing plan that lets enterprises ingest as much data as they want without breaking the bank Continue Reading
-
News
26 Sep 2019
Attackers breached supplier systems to steal Airbus secrets
Airbus has been the subject of at least four major cyber attacks in the past 12 months, with contractors and suppliers targeted through their VPNs Continue Reading
-
News
26 Sep 2019
Overinvestment breeds overconfidence among security pros
CISOs have made an abundance of security investments in multiple suppliers, but this might not be the right approach Continue Reading
-
News
24 Sep 2019
Google pushes back on scale of YouTube phishing threat
Millions of YouTubers may be at risk after some high-profile influencers reported their accounts were compromised in an apparent phishing attack, but the platform’s owner, Google, is not so sure Continue Reading
-
News
12 Sep 2019
UN agency Unicef praised for response to accidental data leak
The UN’s children’s agency has disclosed an inadvertent leak of personal data belonging to users of its online learning platform Agora Continue Reading
-
News
05 Sep 2019
Singapore’s SecureAge eyes US market
The Singapore-based supplier of encryption and anti-malware tools has set up a new office in Greater Washington, DC as the next logical step in its global expansion plan Continue Reading
-
Feature
30 Aug 2019
How to mitigate IoT security risks to tap business benefits
Security concerns are preventing many businesses from adopting IoT-based technologies, but with a bit of planning, the business benefits can be realised by mitigating the risk Continue Reading
-
News
26 Aug 2019
VMware’s latest acquisitions point to emerging platform war
VMware’s buyout of Carbon Black and Pivotal is a sign of an emerging platform war following the IBM-Red Hat deal Continue Reading
-
News
23 Aug 2019
Kaspersky eyes enterprise business, opens APAC transparency hub
The security firm wants to engage with enterprises and use its newly launched Malaysian Transparency Centre to burnish its credentials Continue Reading
-
Blog Post
22 Aug 2019
Top four considerations when securing the multi-cloud environment
This is a guest post by Stephen Dane, managing director for cyber security at Cisco Asia-Pacific, Japan and Greater China We live in a multi-cloud world. A world where a multitude of offerings from ... Continue Reading
-
News
21 Aug 2019
Silence APT group eyes APAC banks
Russian-speaking advanced persistent threat group has set its sights on banks in the region, customising its arsenal for targeted attacks Continue Reading
-
News
20 Aug 2019
Even fintech startups battling to meet cyber security challenges
A study shows that most fintech startups, like most banks, are failing to address vulnerabilities in the web and mobile applications, underlining the scale of the challenge Continue Reading
-
News
19 Aug 2019
How EDR is moving beyond the endpoint
An emerging breed of detection and response offerings is going beyond endpoints to collect and decipher telemetry data from across the enterprise Continue Reading
-
News
15 Aug 2019
Formjacking dominates web-related data breaches
Formjacking has become one of the most popular data stealing methods, say researchers, who urge commercial websites to review all third-party coding practices without delay Continue Reading
-
News
14 Aug 2019
DCMS funding aims to increase diversity in cyber sector
A funding round has been announced as part of the Cyber Skills Immediate Impact Fund (CSIIF) with aims of encouraging more diverse talent into the UK’s cyber security sector Continue Reading
-
News
14 Aug 2019
Digital domain identified as major security threat by Norway’s intelligence service
Norway's intelligence services has revealed the extent of the threat posed to the country by cyber attacks Continue Reading
-
News
14 Aug 2019
British Airways e-ticketing system could expose passenger details
British Airways has not addressed a potential leak of passenger details despite warnings from security researchers, but says it is aware of the issue and is taking action Continue Reading
-
News
13 Aug 2019
BACnet IoT building automation devices vulnerable to attack
A security researcher has revealed that internet-connected building automating devices using the BACnet communication protocol are vulnerable to cyber attack Continue Reading
-
News
09 Aug 2019
F-Secure warns of F5 Big IP-related security issue
F-Secure has discovered security issues relating to an F5 device that it says could potentially turn hundreds of thousands of load balancers into beachheads for cyber attacks Continue Reading
-
News
09 Aug 2019
NCC Group warns of security risks of leading printers
Researchers uncover more than 35 vulnerabilities in six leading enterprise printers, many of which could allow access to corporate networks, underlining the need to counter security risks of embedded systems Continue Reading
-
News
31 Jul 2019
Financial services top cyber attack target
Financial services are among the most attractive targets for cyber attackers, security researchers reveal, with phishing and credential stuffing among the top threats Continue Reading
-
News
24 Jul 2019
Global malware down but ransomware up, with UK hard hit
Despite a global decrease in the volume of malware in the past year, ransomware is surging once again, and the UK is one of the worst-hit countries, a report reveals Continue Reading
-
E-Zine
18 Jul 2019
CW ASEAN: Trend Watch – Security
Artificial intelligence tools are becoming a vital part of the security arsenal for organizations and cyber criminals alike. In this handbook, Computer Weekly looks at how ASEAN firms are using AI to combat cyber threats and experts discuss the latest smart cyber security tools. Continue Reading
-
E-Zine
18 Jul 2019
CW ANZ: Trend Watch – Security
With regulations pushing data protection up the business agenda, we look at how Australia’s Notifiable Data Breaches scheme has been received and consider why a survey that found Australian firms are experiencing fewer cyber breach incidents appears to conflict with anecdotal evidence that suggests the opposite. Continue Reading
-
Feature
11 Jul 2019
Securing your mobile estate – best practice for CIOs
The prevalence of mobile devices in every part of daily life is shaping how enterprises make choices about software and network infrastructure, but how do businesses go about securing these vast new endpoint estates? Continue Reading
-
Podcast
02 Jul 2019
Podcast: The Computer Weekly Downtime Upload – Episode 22
In this week’s episode of the Computer Weekly Downtime Upload podcast, Brian McKenna, Caroline Donnelly and Clare McDonald talk about digital transformation in the NHS, Sky’s efforts to get more women working in tech and how big businesses could be risking extinction by ignoring IT Continue Reading
-
News
25 Jun 2019
APT attack on telcos highlights need for comprehensive defence
A global cyber attack against multiple telecommunications firms underlines need for comprehensive approach to cyber defence, say researchers and industry commentators Continue Reading
-
News
17 Jun 2019
DevSecOps is key to uniting opposing forces
Unifying DevOps and security teams with the aid of automation will bring harmony and added business benefits, says systems engineer Continue Reading
-
News
17 Jun 2019
Inside F5’s cyber security playbook
F5 Networks' CISO talks up measures that the application delivery and security specialist is employing to fend off cyber attackers that come knocking on its doors Continue Reading
-
E-Zine
14 Jun 2019
CW Europe: Why are Dutch companies slow to take advantage of the IoT?
Many organisations in the Netherlands are missing out on the benefits of the internet of things because they lack awareness of its potential. Also read why construction of Apple's first non-US datacentre has halted in Denmark, and why some scientists have raised questions about the effects of 5G mobile phone radiation on public health. Continue Reading
-
News
04 Jun 2019
Beware of security blind spots in encrypted traffic
The growth of encrypted traffic has put the spotlight on intrusion prevention systems that help to surface cyber attacks conducted under the cloak of network encryption Continue Reading
-
News
23 May 2019
Lapse in LinkedIn security certificate update
A lapse in the update of LinkedIn’s security certificate has once again underlined the importance of keeping track to avoid disruptions and phishing attacks, and how even big players are failing to get it right Continue Reading
-
News
01 Apr 2019
Black Hat Asia 2019: Get ready for the cyber arms race
The arms race is now squarely in the cyber realm as defence teams and threat actors arm themselves with AI tools Continue Reading
-
News
29 Mar 2019
Magento e-commerce sites urged to apply security update
Security experts are urging companies using the Magento e-commerce site to apply security updates without delay to avoid a disastrous hacking campaign Continue Reading
-
News
26 Mar 2019
Firms urged to gear up for new malware and tactics as threats proliferate
The volume of malware attacks reached a record level in 2018, with UK and India bucking global trend of increased ransomware attacks, a study shows Continue Reading
-
Blog Post
21 Mar 2019
Remainers accidentally DDoS the British government
With eight days until the UK's scheduled exit from the European Union, a prime minister who has lost control, a paralysed political system, and Britain reduced to a laughing stock on the world ... Continue Reading
-
News
18 Mar 2019
CyLon announces latest cyber security accelerator cohort
Swiss and Israeli cyber security startups join teams from the UK for CyLon’s ninth London accelerator cohort Continue Reading
-
News
01 Mar 2019
Facebook facing 10 GDPR investigations in Ireland
Ireland’s Data Protection Commission has revealed it has 10 active probes into Facebook, Instagram and WhatsApp, as well as Apple, LinkedIn and Twitter, on its books Continue Reading
-
Feature
01 Mar 2019
What are the CDN options for enterprises?
We look at how content delivery networks can give your organisation’s web presence a literal edge Continue Reading
-
News
22 Feb 2019
Facebook planned to spy on Android phone users, internal emails reveal
Facebook planned to use its Android app to track the location of its customers and to allow advertisers to send political advertising and invites to dating sites to ‘single’ people, confidential documents show Continue Reading
-
Blog Post
12 Feb 2019
Scoop! Symantec Acquisition Makes Sense Of Software Defined Perimeter Security...
OK - so that's probably not the perfect headline to be announced by anyone who whistles through their teeth... Been having some interesting conversations recently around the idea of zero trust ... Continue Reading
-
News
12 Feb 2019
Telegram bot gets users hooked
Popular social media service provides a rich set of features for cyber criminals, RSA warns Continue Reading
-
News
11 Feb 2019
Lauri Love takes legal action against NCA for return of seized computers
Lauri Love, a former engineering student who won a battle with the US Department of Justice against extradition to the US to face hacking charges, is suing the UK's intelligence agency, the NCA, for the return of his seized computers Continue Reading