Web application security
-
News
25 Apr 2024
Zero trust is a strategy, not a technology
Zero-trust security should be seen as a strategy to protect high-value assets and is not tied to a specific technology or product, says the model’s creator John Kindervag Continue Reading
-
News
24 Apr 2024
Mandatory MFA pays off for GitHub and OSS community
Mandating multifactor authentication for select developers has been a huge success for GitHub, the platform reports, and now it wants to go further Continue Reading
-
News
04 May 2017
Testing is key to IoT security, says researcher
Building an effective testing process across all elements associated with a product is key to securing the internet of things, according to a researcher in the field Continue Reading
-
News
11 Apr 2017
Security as a service on the rise in the UAE
Organisations in the United Arab Emirates are increasingly turning to security services Continue Reading
-
News
06 Apr 2017
Interview: F-Secure’s Mikko Hyppönen on the Nordics, Russia and the internet of insecure things
Computer Weekly sat down with Finnish cyber security expert Mikko Hyppönen to talk about security in the Nordics, Russia and the trouble with connected devices Continue Reading
-
News
28 Mar 2017
Threats grow in Saudi Arabia’s cyber sector
Saudi Arabia's wealth makes it an attractive target for cyber criminals, but what have been the recent trends in cyber crime? Continue Reading
-
E-Zine
16 Mar 2017
CW ASEAN: Raising national security standards
In this month’s CW ASEAN, we describe how Singapore is improving its cyber security defenses and preparations through a partnership with British security company BAE Systems. We also find out why the Thai military plans to recruit civilian cyber warriors and we take a look at evolving security approaches. Read the issue now. Continue Reading
-
E-Zine
09 Mar 2017
CW Europe: Technology poses new risks to jobs, economies and society
Rapid advances in technology could have destabilising effects on employment and economic growth, and could exacerbate social unrest, the World Economic Forum (WEF) warned. Society’s failure to keep pace with technology change was a key risk under discussion at Davos in January. Continue Reading
-
E-Zine
23 Feb 2017
CW Nordics: Top IT priorities for Nordic CIOs in 2017
In this first issue of CW Nordics in 2017 we take a look what CIOs in the region are expecting in the year ahead. We asked a select group of CIOs and analysts in Denmark, Finland, Norway and Sweden what IT projects are at the top their priority lists. Also read about the Nordic region as a hotspot for IT startups, with Sweden punching above its weight in financial technology. And find out how board executives at healthcare company Elekta are analysing workforce data to make better strategic decisions. Continue Reading
-
News
12 Jan 2017
Flawed GoDaddy security certificates show need for control
Vulnerabilities in digital security certificates highlight the need for organisations to be able to exercise more control over those certificates Continue Reading
-
News
04 Jan 2017
Flight booking systems easy to hack, researchers warn
Malicious actors could infiltrate systems to alter passenger information and even cancel bookings, Chaos Communications Congress told Continue Reading
-
News
21 Dec 2016
Top 10 IT security stories of 2016
Here are Computer Weekly’s top 10 IT security stories of 2016: Continue Reading
-
News
05 Dec 2016
Top 10 ANZ enterprise IT stories of 2016
Here is a rundown of Computer Weekly’s most popular ANZ enterprise IT articles for 2016 Continue Reading
-
News
28 Nov 2016
IBM blamed for Australian census website crash
Computer giant reportedly pays $30m to Australian government as reports are released from two inquiries into DDoS attacks on census website Continue Reading
-
News
22 Nov 2016
Alleged hacker Lauri Love’s ‘life will be destroyed’ under Trump regime
Supporters fear for activist Lauri Love if his extradition to face hacking charges to the US goes ahead Continue Reading
-
E-Zine
15 Nov 2016
Counting the cost of financial cyber crime
In this week’s Computer Weekly, the cyber security of banks is under scrutiny after an attack on Tesco Bank leads to millions lost in fraudulent transactions. Our latest buyer’s guide, on server operating systems, looks at the new features in Windows Server 2016. And Coca-Cola explains how a move to the cloud is helping motivate staff. Read the issue now. Continue Reading
-
News
15 Nov 2016
Amber Rudd orders Lauri Love extradition to US to face hacking charges
Engineering student Lauri Love faces trials in three US states and a possible 99-year jail sentence for allegedly hacking into US government computer systems as part of a political protest, despite concerns over his health Continue Reading
-
E-Zine
03 Nov 2016
CW ASEAN: SMEs present security weakness
In this month's CW ASEAN, we look at how the cyber security defences at small and medium-sized enterprises in Southeast Asia may have some vulnerabilities, resulting in cyber security attacks on the large corporations they work with. We also consider the need to educate users of smartphones and tablets across the region as card fraud rates rise, with high use of mobile devices considered a contributing factor. Read the issue now. Continue Reading
-
E-Zine
03 Nov 2016
CW ANZ: Using gamification to build cyber security skills
In this month's CW ANZ, we look at how PwC is using an online game to give its customers first-hand experience of what it means to face a cyber attack. We also look at how identity is gaining greater prominence in the security debate in Australia as the DTO takes the wraps off plans for a national identity system. Read the issue now. Continue Reading
-
News
18 Oct 2016
Saving Lauri Love: activists plan their next move
An eclectic bunch of activists, charity workers and reformed hackers spent a rainy Sunday afternoon plotting their next move in a campaign to save Lauri Love from extradition to the US on hacking charges Continue Reading
-
Opinion
12 Oct 2016
Gary McKinnon: Why Lauri Love should be spared the nightmare of extradition
Computer activist Lauri Love should be spared a life sentence in a US jail, says former hacker Gary McKinnon Continue Reading
-
Feature
16 Sep 2016
Lauri Love: the student accused of hacking the US
How did a brilliant but fragile computer science student from a rural English town end up facing life imprisonment in the US? Computer Weekly speaks to Lauri Love Continue Reading
-
News
12 Jul 2016
IBM sets up security centre in Canberra
IBM leads the charge as large private businesses invest heavily in security resources across Australia in an attempt to close the security gap Continue Reading
-
E-Zine
07 Jul 2016
CW ASEAN: July 2016
Lessons from the Philippine government hack: In this issue we ask why a hack on the Philippine Commission on the Elections (Comelec) was allowed to happen and what organisations in Southeast Asia can learn from this breach of security. Retailers in the region are concerned – read how the theft of customer data is their biggest worry. Continue Reading
-
E-Zine
07 Jul 2016
CW ANZ: July 2016
Australia knows it has a cyber security problem, but not the scale. In this month’s CW ANZ we describe how Australia's $230m security strategy serves as a wake-up call to enterprises. We also reveal the techniques and technologies being used to protect one Australian school, as well as a more general look at the main cyber threats to orgainsations in Australia. Read the issue now. Continue Reading
-
News
03 May 2016
Gov.uk Verify misses April go-live target
The Government Digital Service didn’t meet its target of taking identity assurance service Verify out of beta by the end of April, but is “nearly there”, according to programme director Janet Hughes Continue Reading
-
News
26 Apr 2016
Business failing to learn lessons of past cyber attacks, report shows
Organisations are still failing to address basic security issues and well-known attack methods, Verizon’s latest Data Breach Investigations Report reveals Continue Reading
-
News
15 Apr 2016
Israeli volunteers ready their cyber defences as Anonymous affiliates attack
Every April, Israel braces itself for an onslaught from pro-Palestinian hackers, but the occupants of a small conference room in Tel Aviv stand in their way Continue Reading
-
News
11 Apr 2016
Activist Lauri Love faces order to disclose encryption keys
The UK’s National Crime Agency takes an unusual legal step to force a former university student accused of hacking to disclose encryption keys Continue Reading
-
Opinion
07 Mar 2016
The problem with passwords: how to make it easier for employees to stay secure
An organisation’s IT security can be compromised if staff do not follow a strict policy of using strong passwords to access internal systems Continue Reading
-
News
29 Jan 2016
HSBC online services hit by DDoS attack
HSBC was hit by a distributed denial of service (DDoS) attack, which targeted its online personal banking services. Continue Reading
-
Feature
05 Jan 2016
Interview: James Bamford on surveillance, Snowden and technology companies
Investigative journalist and documentary maker James Bamford was among the first to uncover the secrets of the US National Security Agency and its global surveillance Continue Reading
-
News
24 Dec 2015
Top 10 IT security stories of 2015
Computer Weekly looks back at the most significant stories on IT security in the past 12 months Continue Reading
-
News
03 Dec 2015
Veracode finds most web apps fail Owasp security check list
The findings of a report on critical vulnerabilities in most web applications is raising concerns over potential security vulnerabilities in millions of websites Continue Reading
-
News
03 Dec 2015
Workday ringfences support in Europe after Safe Harbour ruled unsafe
US cloud HR and financial services provider reponds to Safe Harbour failure by ringfencing European data Continue Reading
-
Feature
15 Oct 2015
The true cost of a cyber security breach in Australia
The costs of cyber security breaches can quickly add up with fines, reputational damage and overhauls to network security all hitting the coffers. The case of one Australian firm shows why paying a ransom to a hacker might be tempting. Continue Reading
-
Feature
06 Oct 2015
Max Schrems: The man who broke Safe Harbour
Schrems has persuaded a high court judge to confirm that Edward Snowden’s evidence is acceptable in court and that the US is engaged in mass surveillance of European citizens Continue Reading
-
News
06 Oct 2015
Researchers find credential-stealing webmail server APT attack
Security researchers have discovered a new and unique advanced persistent threat (APT) technique that involves a malicious module loaded onto a webmail server Continue Reading
-
News
09 Sep 2015
Security vulnerability management more than patching, warns Secunia
Keeping track of what makes an IT environment vulnerable is an ongoing and complex task, according to Secunia Continue Reading
-
Opinion
25 Aug 2015
Life’s a breach: How to handle the press after a hacking attack
Emily Dent, specialist in crisis PR, offers some advice to organisations that unexpectedly find themselves in the headlines Continue Reading
-
E-Zine
04 Aug 2015
Cyber risks hit the road
In this week's Computer Weekly, after hackers took remote control of a Jeep Cherokee, we assess the security concerns for internet-connected cars. With the growth of digital banking, is there a need for high-street branches anymore? And we examine whether email overload is hindering the UK's economic productivity. Read the issue now. Continue Reading
-
News
30 Apr 2015
IoT benefits and privacy not mutually exclusive, says industry expert
It is possible to mitigate the privacy and security risks of the internet of things (IoT) without losing its benefits, according to an industry expert Continue Reading
-
Feature
25 Apr 2015
Bill Binney, the ‘original’ NSA whistleblower, on Snowden, 9/11 and illegal surveillance
Always a patriot: Computer Weekly talks to Bill Binney, the senior NSA official who blew the whistle before Edward Snowden Continue Reading
-
News
22 Apr 2015
HSBC website mistake guides customers to porn
HSBC’s Hong Kong website accidentally featured an out-of-date link that directed people to a porn site Continue Reading
-
News
25 Mar 2015
UK government adds five authentication providers to Gov.uk Verify identity management system
The Government Digital Service (GDS) adds five authentication providers to the Gov.uk Verify identity and access management scheme Continue Reading
-
News
27 Feb 2015
Case study: Norwegian insurer invests in Darktrace machine-learning cyber defence
Shipping insurance company DNK hopes to inspire the rest of the shipping industry to adopt Darktrace’s cyber defence system Continue Reading
-
E-Zine
05 Jan 2015
CW Europe – January 2015 Edition
As we start another new year we look back at what technology has been playing a vital role in keeping Europe safe. Headlines are regularly filled with threats about cyber wars and attacks which, although are important to bring to light, can sometimes overshadow the role technology plays in keeping us safe. Continue Reading
-
News
17 Dec 2014
Cabinet Office begins procurement for next stage of Gov.uk Verify
The Cabinet Office has submitted a tender notice for a £150m three-year framework for the provision of identity assurance services Continue Reading
-
Feature
11 Dec 2014
The state of mobile back end as a service
Common mobile application services are increasingly being hosted on central back-end servers – but what does that mean for the enterprise? Continue Reading
-
News
28 Nov 2014
CGI secures communications between pilots and air traffic control
Satellite communications firm Inmarsat has outsourced the provision of security IT and services to CGI Continue Reading
-
News
09 Oct 2014
WordPress most attacked application
Websites that run the WordPress content management system are attacked 24% more often than those using other systems Continue Reading
-
News
08 Oct 2014
Malware being used to steal cash from ATMs
Criminals are using malware to steal cash from ATMs without debit and credit cards Continue Reading
-
E-Zine
03 Oct 2014
CW Europe - October 2014 Edition
BYOD policies: What’s allowed and what’s banned? As IT departments still try to come to terms with the notion of BYOD, CW Europe takes a look at what policies are being implemented to keep security under control. Continue Reading
-
News
16 Sep 2014
GDS unveils 'Gov.UK Verify' public services identity assurance scheme
The Government Digital Service (GDS) debuts a system to prove users’ identities when using public services online, branded as 'Gov.UK Verify' Continue Reading
-
News
27 Aug 2014
Security experts identify top 10 software design flaws
The IEEE Center for Secure Design has published a report on how to avoid the top 10 software security design flaws Continue Reading
-
News
11 Aug 2014
USB-connected devices present cyber vulnerabilities
Connecting devices to computers using a USB port could lead to security breaches, say Berlin-based researchers Continue Reading
-
News
22 Jul 2014
Hackers abuse Bitly API in novel attack, reports Websense
A cyber attack targeting MSNBC highlights cybercriminals’ abuse of the public’s trust in news sites, says Websense Security Labs Continue Reading
-
News
04 Jul 2014
Barclays passes government’s ‘internet-born threat’ test
Barclays Bank has been awarded the government’s cyber security certificate for digital banking services after independent tests of services such as Pingit Continue Reading
-
E-Zine
22 Apr 2014
Adapting to life after Heartbleed
In this week’s Computer Weekly, we investigate the most significant flaw in recent history to impact the internet. The Heartbleed bug in OpenSSL leaves millions of internet servers vulnerable to attack. Hackers have already exploited Heartbleed to steal passwords from the Mumsnet parenting site. What can websites do to foil future attacks? Continue Reading
-
Feature
14 Mar 2014
Hacktivism: good or evil?
IT lawyer Dai Davis looks at the rise of hacktivism and its impact on business and international politics Continue Reading
-
News
05 Feb 2014
Bank of England publishes Waking Shark II cyber security exercise results
Bank of England publishes the results of its Waking Shark II security exercise, which tested financial institutions' contingency plans for cyber attack Continue Reading
-
News
04 Feb 2014
NHS site malicious redirects are a warning to developers
A coding error that redirected NHS website visitors to malicious content should be a warning to developers, say security experts Continue Reading
-
News
23 Jan 2014
New Snapchat security measure easily by-passed, says researcher
A new Snapchat security measure to verify users are human is easily by-passed, says researcher Continue Reading
-
News
23 Jan 2014
US startup aims to turn tables on hackers
US startup Shape Security is turning the tables against hackers by using one of their own techniques against them Continue Reading
-
News
10 Jan 2014
Security considerations for UK enterprises
This Research Snapshot from Vanson Bourne looks at IT security spending trends, awareness of cyber-threats, and the factors perceived as the biggest security risks for organisations. Continue Reading
-
Feature
25 Nov 2013
Optimising performance and security of web-based software
On-demand applications are often talked about in terms of how suppliers should be adapting the way their software is provisioned to customers. Continue Reading
-
News
12 Nov 2013
Global profiles of the fraudster
Computers, rather than conmen, are set to be the future face of fraud, as criminals turn to robotics in an effort to avoid detection, this report from KPMG reveals. Continue Reading
-
News
16 Oct 2013
Neustar to host first DDoS awareness day
Communications firm Neustar is to host the first international awareness day on distributed denial of service (DDoS) attacks Continue Reading
-
News
09 Sep 2013
Most websites could be targeted through PHP, warns Imperva
Hackers are focusing on vulnerabilities in PHP web application development platform, threatening most websites, warns Imperva Continue Reading
-
News
06 Sep 2013
NSA and GCHQ unlock online privacy encryption
UK and US intelligence agencies have unlocked the technology used to encrypt online services, including email, online banking and medical records. Continue Reading
-
News
05 Sep 2013
Windows 2012 Server Network Security
This book chapter offers an introduction to Windows 8 and Windows Server 2012 network security and IPv6. It includes a 30% discount code for Computer Weekly readers. Continue Reading
-
News
05 Sep 2013
Windows Server 2012 Security from End to Edge and Beyond
This extract from the book Windows Server 2012 Security from End to Edge and Beyond shows you how to plan your platform security requirements and gives you the critical questions to ask. Continue Reading
-
News
05 Sep 2013
Printing: a false sense of security?
Louella Fernandes and Bob Tarzey show how secure printing technology can provide authentication, authorisation and accounting capabilities, helping businesses improve document security and meet compliance regulations. Continue Reading
-
News
20 Aug 2013
Targeted attacks and how to defend against them
Analysts Bob Tarzey and Louella Fernandes assess the scale and real impact of targeted attacks the measures being taken to defend against them. Continue Reading
-
Opinion
13 Aug 2013
The dangers of internet cafés
Businesses need clear computer use policies and need to ensure staff are properly trained in data protection, writes Garry Mackay Continue Reading
-
News
05 Aug 2013
Websites hacked to show child abuse images
More than 25 business websites worldwide have been hacked to show illegal images of child sex abuse Continue Reading
-
Feature
30 Jul 2013
Big data journalism exposes offshore tax dodgers
How journalists harnessed big data to challenge offshore financial secrecy Continue Reading
-
News
19 Jul 2013
IT security case studies
Four critical IT security case-studies selected from the winners of Computer Weekly's European User Awards for security Continue Reading
-
News
18 Jul 2013
Needle in a Datastack: The rise of big security data
This research from McAfee investigates how well organisations are positioned to address the challenges of managing security in a world of ever increasing amounts and types of data. Continue Reading
-
News
17 Jul 2013
2013 Cost of Data Breach Study: UK
The cost of data breaches has risen for UK organisations over the past year, the Ponemon Institute reveals. Continue Reading
-
News
17 Jul 2013
Security Think Tank Download: Bring your own device
Downloadable guide. How to make your company secure when you introduce BYOD. Continue Reading
-
News
17 Jul 2013
IT Security Case Studies
Warwick Ashford presents 4 essential IT security case-studies selected from the winners of Computer Weekly's European User Awards. Continue Reading
-
News
16 Jul 2013
More than one-fifth of UK firms hit by DDoS attacks in 2012
More than a fifth of UK firms experienced a disruptive distributed denial of service (DDoS) attack in 2012 Continue Reading
-
News
24 Jun 2013
Identity management key to browser-based IT strategy
A cloud-based identity management system is key to enabling a browser-based IT strategy at online recruitment firm Reed.co.uk Continue Reading
-
News
29 May 2013
Syrian hackers deface Sky Android apps
Syrian hackers have defaced several of Sky’s Android apps, forcing the broadcaster to remove them temporarily from the Google Play store Continue Reading
-
News
13 May 2013
Cyber criminals hack Washington court system
Hackers gain access to the personal data of 160,000 US citizens after compromising Washington State court service servers Continue Reading
-
News
01 May 2013
CW buyer's guide: context-aware security
This 11-page Computer Weekly buyer's guide looks at how organisations should approach context-aware security technologies and what business benefits they can deliver. Continue Reading
-
News
01 May 2013
CW Special Report on CSC
This 16-page report from Computer Weekly analyses the challenges facing CSC, its financial performance, the services it offers, its place in the IT market and its future strategy. Continue Reading
-
News
22 Apr 2013
US jails LulzSec hacker Cody Kretsinger
The US has jailed a member of hacktivist group LulzSec for a year for his role in breaching computer systems at Sony Pictures Entertainment in 2011 Continue Reading
-
News
19 Apr 2013
Conficker makes way for web-based attacks, says Microsoft
Web attacks emerge as top threat as businesses finally begin to win the battle against Conficker and other worms, says Microsoft Continue Reading
-
News
11 Apr 2013
Bots and web apps among top threats to data security, says Check Point
Bots, viruses, breaches and attacks are a constant and real threat to the information security of organisations Continue Reading
-
Opinion
25 Mar 2013
Securing the hypervisor: expert tips
There are many potential security issues with the various components of a virtualised infrastructure, and nowhere is this more of a concern than with the hypervisor platforms that host virtual systems and application instances Continue Reading
-
News
05 Mar 2013
Enterprise Security Architecture – an outsourcer's view
Alan Jenkins, chief security officer of outsourcing specialist, T Systems, explains the company's approach to enterprise security architecture. Continue Reading
-
News
05 Mar 2013
Enterprise Security Architecture
Mark Brown, Director for Advisory Risk & Information Security at Ernst & Young offers advice to security leaders on developing a robust Enterprise Security Architecture. Continue Reading
-
News
26 Feb 2013
Virtualization Security: Protecting Virtualized Environments
This extract from the book Virtualization Security, includes a 30% discount for Computer Weekly readers. Continue Reading
-
News
24 Jan 2013
ICO hits Sony with £250,000 data breach penalty
The Information Commissioner’s office (ICO) has fined Sony Computer Entertainment Europe £250,000 for breaching the Data Protection Act Continue Reading
-
News
18 Jan 2013
Security visualisation
This article is guideline of how to generate a visual representation of a given dataset and use in the evaluation of known security vulnerabilities Continue Reading
-
News
14 Jan 2013
Oracle rushes out patches for Java zero days
Oracle has released two out-of-band security updates for the latest zero day vulnerabilities in Java Continue Reading
-
News
12 Dec 2012
Ghost Shell hacktivists publish over a million credentials
The Ghost Shell group, an offshoot of the Anonymous hacking collective has published the log-in details from 1.6 million accounts Continue Reading
-
News
07 Dec 2012
UK government jobs website exploited by hackers
Hackers have been able to exploit security flaws in a new government jobs website to steal personal information about job applicants Continue Reading
-
News
06 Dec 2012
2012 Cost of Cyber Crime Study: UK
The 2012 Cost of Cyber Crime Study: United Kingdom is independently conducted by Ponemon Institute. The benchmark study, sponsored by HP Enterprise Security is based on a representative sample of 38 organisations in various industry sectors. Continue Reading
-
News
03 Dec 2012
IT Security Purchasing Intentions 2013
This in-depth research from Computer Weekly and TechTarget reveals the IT security spending priorities of businesses in the UK and Europe. Continue Reading