Web application security
-
News
08 May 2025
UK government websites to replace passwords with secure passkeys
Government websites are to replace difficult-to-remember passwords with highly secure passkeys that will protect against phishing and cyber attackers Continue Reading
-
News
07 May 2025
Meta awarded $167m in court battle with spyware mercenaries
WhatsApp owner Meta is awarded millions of dollars in damages and compensation after its service was exploited by users of mercenary spyware developer NSO’s infamous Pegasus mobile malware Continue Reading
-
News
03 Oct 2019
LogRhythm touts unlimited data plan for SIEM systems
SIEM supplier introduces three-year, term-based pricing plan that lets enterprises ingest as much data as they want without breaking the bank Continue Reading
-
News
26 Sep 2019
Attackers breached supplier systems to steal Airbus secrets
Airbus has been the subject of at least four major cyber attacks in the past 12 months, with contractors and suppliers targeted through their VPNs Continue Reading
-
News
26 Sep 2019
Overinvestment breeds overconfidence among security pros
CISOs have made an abundance of security investments in multiple suppliers, but this might not be the right approach Continue Reading
-
News
24 Sep 2019
Google pushes back on scale of YouTube phishing threat
Millions of YouTubers may be at risk after some high-profile influencers reported their accounts were compromised in an apparent phishing attack, but the platform’s owner, Google, is not so sure Continue Reading
-
News
12 Sep 2019
UN agency Unicef praised for response to accidental data leak
The UN’s children’s agency has disclosed an inadvertent leak of personal data belonging to users of its online learning platform Agora Continue Reading
-
News
05 Sep 2019
Singapore’s SecureAge eyes US market
The Singapore-based supplier of encryption and anti-malware tools has set up a new office in Greater Washington, DC as the next logical step in its global expansion plan Continue Reading
-
Feature
30 Aug 2019
How to mitigate IoT security risks to tap business benefits
Security concerns are preventing many businesses from adopting IoT-based technologies, but with a bit of planning, the business benefits can be realised by mitigating the risk Continue Reading
-
News
26 Aug 2019
VMware’s latest acquisitions point to emerging platform war
VMware’s buyout of Carbon Black and Pivotal is a sign of an emerging platform war following the IBM-Red Hat deal Continue Reading
-
News
23 Aug 2019
Kaspersky eyes enterprise business, opens APAC transparency hub
The security firm wants to engage with enterprises and use its newly launched Malaysian Transparency Centre to burnish its credentials Continue Reading
-
Blog Post
22 Aug 2019
Top four considerations when securing the multi-cloud environment
This is a guest post by Stephen Dane, managing director for cyber security at Cisco Asia-Pacific, Japan and Greater China We live in a multi-cloud world. A world where a multitude of offerings from ... Continue Reading
-
News
21 Aug 2019
Silence APT group eyes APAC banks
Russian-speaking advanced persistent threat group has set its sights on banks in the region, customising its arsenal for targeted attacks Continue Reading
-
News
20 Aug 2019
Even fintech startups battling to meet cyber security challenges
A study shows that most fintech startups, like most banks, are failing to address vulnerabilities in the web and mobile applications, underlining the scale of the challenge Continue Reading
-
News
19 Aug 2019
How EDR is moving beyond the endpoint
An emerging breed of detection and response offerings is going beyond endpoints to collect and decipher telemetry data from across the enterprise Continue Reading
-
News
15 Aug 2019
Formjacking dominates web-related data breaches
Formjacking has become one of the most popular data stealing methods, say researchers, who urge commercial websites to review all third-party coding practices without delay Continue Reading
-
News
14 Aug 2019
DCMS funding aims to increase diversity in cyber sector
A funding round has been announced as part of the Cyber Skills Immediate Impact Fund (CSIIF) with aims of encouraging more diverse talent into the UK’s cyber security sector Continue Reading
-
News
14 Aug 2019
Digital domain identified as major security threat by Norway’s intelligence service
Norway's intelligence services has revealed the extent of the threat posed to the country by cyber attacks Continue Reading
-
News
14 Aug 2019
British Airways e-ticketing system could expose passenger details
British Airways has not addressed a potential leak of passenger details despite warnings from security researchers, but says it is aware of the issue and is taking action Continue Reading
-
News
13 Aug 2019
BACnet IoT building automation devices vulnerable to attack
A security researcher has revealed that internet-connected building automating devices using the BACnet communication protocol are vulnerable to cyber attack Continue Reading
-
News
09 Aug 2019
F-Secure warns of F5 Big IP-related security issue
F-Secure has discovered security issues relating to an F5 device that it says could potentially turn hundreds of thousands of load balancers into beachheads for cyber attacks Continue Reading
-
News
09 Aug 2019
NCC Group warns of security risks of leading printers
Researchers uncover more than 35 vulnerabilities in six leading enterprise printers, many of which could allow access to corporate networks, underlining the need to counter security risks of embedded systems Continue Reading
-
News
31 Jul 2019
Financial services top cyber attack target
Financial services are among the most attractive targets for cyber attackers, security researchers reveal, with phishing and credential stuffing among the top threats Continue Reading
-
News
24 Jul 2019
Global malware down but ransomware up, with UK hard hit
Despite a global decrease in the volume of malware in the past year, ransomware is surging once again, and the UK is one of the worst-hit countries, a report reveals Continue Reading
-
E-Zine
18 Jul 2019
CW ASEAN: Trend Watch – Security
Artificial intelligence tools are becoming a vital part of the security arsenal for organizations and cyber criminals alike. In this handbook, Computer Weekly looks at how ASEAN firms are using AI to combat cyber threats and experts discuss the latest smart cyber security tools. Continue Reading
-
E-Zine
18 Jul 2019
CW ANZ: Trend Watch – Security
With regulations pushing data protection up the business agenda, we look at how Australia’s Notifiable Data Breaches scheme has been received and consider why a survey that found Australian firms are experiencing fewer cyber breach incidents appears to conflict with anecdotal evidence that suggests the opposite. Continue Reading
-
Feature
11 Jul 2019
Securing your mobile estate – best practice for CIOs
The prevalence of mobile devices in every part of daily life is shaping how enterprises make choices about software and network infrastructure, but how do businesses go about securing these vast new endpoint estates? Continue Reading
-
Podcast
02 Jul 2019
Podcast: The Computer Weekly Downtime Upload – Episode 22
In this week’s episode of the Computer Weekly Downtime Upload podcast, Brian McKenna, Caroline Donnelly and Clare McDonald talk about digital transformation in the NHS, Sky’s efforts to get more women working in tech and how big businesses could be risking extinction by ignoring IT Continue Reading
-
News
25 Jun 2019
APT attack on telcos highlights need for comprehensive defence
A global cyber attack against multiple telecommunications firms underlines need for comprehensive approach to cyber defence, say researchers and industry commentators Continue Reading
-
News
17 Jun 2019
DevSecOps is key to uniting opposing forces
Unifying DevOps and security teams with the aid of automation will bring harmony and added business benefits, says systems engineer Continue Reading
-
News
17 Jun 2019
Inside F5’s cyber security playbook
F5 Networks' CISO talks up measures that the application delivery and security specialist is employing to fend off cyber attackers that come knocking on its doors Continue Reading
-
E-Zine
14 Jun 2019
CW Europe: Why are Dutch companies slow to take advantage of the IoT?
Many organisations in the Netherlands are missing out on the benefits of the internet of things because they lack awareness of its potential. Also read why construction of Apple's first non-US datacentre has halted in Denmark, and why some scientists have raised questions about the effects of 5G mobile phone radiation on public health. Continue Reading
-
News
04 Jun 2019
Beware of security blind spots in encrypted traffic
The growth of encrypted traffic has put the spotlight on intrusion prevention systems that help to surface cyber attacks conducted under the cloak of network encryption Continue Reading
-
News
23 May 2019
Lapse in LinkedIn security certificate update
A lapse in the update of LinkedIn’s security certificate has once again underlined the importance of keeping track to avoid disruptions and phishing attacks, and how even big players are failing to get it right Continue Reading
-
News
01 Apr 2019
Black Hat Asia 2019: Get ready for the cyber arms race
The arms race is now squarely in the cyber realm as defence teams and threat actors arm themselves with AI tools Continue Reading
-
News
29 Mar 2019
Magento e-commerce sites urged to apply security update
Security experts are urging companies using the Magento e-commerce site to apply security updates without delay to avoid a disastrous hacking campaign Continue Reading
-
News
26 Mar 2019
Firms urged to gear up for new malware and tactics as threats proliferate
The volume of malware attacks reached a record level in 2018, with UK and India bucking global trend of increased ransomware attacks, a study shows Continue Reading
-
Blog Post
21 Mar 2019
Remainers accidentally DDoS the British government
With eight days until the UK's scheduled exit from the European Union, a prime minister who has lost control, a paralysed political system, and Britain reduced to a laughing stock on the world ... Continue Reading
-
News
18 Mar 2019
CyLon announces latest cyber security accelerator cohort
Swiss and Israeli cyber security startups join teams from the UK for CyLon’s ninth London accelerator cohort Continue Reading
-
News
01 Mar 2019
Facebook facing 10 GDPR investigations in Ireland
Ireland’s Data Protection Commission has revealed it has 10 active probes into Facebook, Instagram and WhatsApp, as well as Apple, LinkedIn and Twitter, on its books Continue Reading
-
Feature
01 Mar 2019
What are the CDN options for enterprises?
We look at how content delivery networks can give your organisation’s web presence a literal edge Continue Reading
-
News
22 Feb 2019
Facebook planned to spy on Android phone users, internal emails reveal
Facebook planned to use its Android app to track the location of its customers and to allow advertisers to send political advertising and invites to dating sites to ‘single’ people, confidential documents show Continue Reading
-
Blog Post
12 Feb 2019
Scoop! Symantec Acquisition Makes Sense Of Software Defined Perimeter Security...
OK - so that's probably not the perfect headline to be announced by anyone who whistles through their teeth... Been having some interesting conversations recently around the idea of zero trust ... Continue Reading
-
News
12 Feb 2019
Telegram bot gets users hooked
Popular social media service provides a rich set of features for cyber criminals, RSA warns Continue Reading
-
News
11 Feb 2019
Lauri Love takes legal action against NCA for return of seized computers
Lauri Love, a former engineering student who won a battle with the US Department of Justice against extradition to the US to face hacking charges, is suing the UK's intelligence agency, the NCA, for the return of his seized computers Continue Reading
-
Feature
08 Feb 2019
A guide to choosing cloud-based security services
Cloud-based security services can help organisations with a growing cloud footprint to reduce cost and address the manpower crunch in cyber security Continue Reading
-
News
30 Jan 2019
How traffic scrubbing can guard against DDoS attacks
Although most scrubbing services can help fend off distributed denial of service attacks, a more comprehensive mitigation strategy is required to remain unscathed Continue Reading
-
Feature
15 Jan 2019
The rise of DevSecOps
The increasing complexity of security threats facing enterprises is leading to DevSecOps approaches, which combine operations and development with security, so that all business units are involved in security operations Continue Reading
-
News
10 Jan 2019
UK firms say £6.6bn annual security testing cost too high
Avord launches platform to reduce the multibillion-pound annual cyber security testing cost that most UK firms say is too high Continue Reading
-
Opinion
31 Dec 2018
Can we live without passwords?
Can you imagine a future in which we can be secure online without having to remember an unwieldly list of passwords? Solutions are emerging that could make passwords redundant, but there will be other security problems to resolve Continue Reading
-
News
23 Dec 2018
'Serious' Twitter flaw allows hackers to post on other people's accounts
A vulnerability in Twitter allows hackers to send tweets, private messages, post images or videos, and turn off security features, says British security researcher Continue Reading
-
News
18 Dec 2018
APAC cyber security landscape to be more tumultuous in 2019
Amid growing cyber threats, the Asia-Pacific cyber security landscape will not get any rosier in 2019 unless organisations start shoring up their cyber hygiene Continue Reading
-
Blog Post
13 Dec 2018
Shock Headline: IT Saves $$$$ (again)!
Two and a bit years ago – I should remember, it was on my birthday! – I was presenting a panel debate on the latest Cybersecurity deterrents. With four vendors and two consultants on the panel, it ... Continue Reading
-
News
11 Dec 2018
Mac malware makes debut in top 10 list
Mac malware appears in the WatchGuard top 10 malware list for first time, and 6.8% of major websites still use an insecure SSL protocol, according to the firm’s latest internet security report Continue Reading
-
News
04 Dec 2018
‘Open-minded’ DVSA cuts cost of MOT testing
Government agency harnesses customised open source platform to ensure data security while cutting costs and plans to extend its MOT testing capability to do the same for drivers’ theory tests Continue Reading
-
News
30 Nov 2018
Marriott data breach highlights basic failings
A breach of a guest reservation database of the Starwood division of the Marriott International hotel group highlights basic personal data protection failures Continue Reading
-
Blog Post
22 Nov 2018
Black Friday On My Mind
Ah – tomorrow – the dreaded Black Friday, yet another unwanted import from Trumpland. But, JASK – already previously subjected here to the blogging treatment – has some security advice to offer as ... Continue Reading
-
Tip
08 Nov 2018
Why entropy sources should be added to mobile application vetting
NIST's 'Vetting the Security of Mobile Applications' draft discusses four key areas of general requirements. Learn how further improvements to the vetting process could be made. Continue Reading
-
News
06 Nov 2018
APAC firms warm up to SD-WAN to solve networking woes
A third of enterprises in the APAC region have already deployed SD-WAN at most of their sites, while 55% are in the process of doing so, a study shows Continue Reading
-
Tip
06 Nov 2018
How testing perspectives helps find application security flaws
Application security testing requires users to test from all the right perspectives. Discover testing techniques that help find application security flaws with expert Kevin Beaver. Continue Reading
-
Opinion
31 Oct 2018
Think Tank: Application layer attack mitigation needs to start with risk analysis
What should organisations be doing to address application layer attacks and reduce the likelihood of a breach through this type of attack? Continue Reading
-
Opinion
26 Oct 2018
Security Think Tank: Focus on security before app deployment
What should organisations be doing to address application layer attacks and reduce the likelihood of a breach through this type of attack? Continue Reading
-
News
11 Oct 2018
Optus to acquire Hivint in cyber security deal
The deal is expected to bolster the telco’s security pedigree in a market that is grappling with more data breaches and cyber incidents Continue Reading
-
Tip
04 Oct 2018
How is Android Accessibility Service affected by a banking Trojan?
ThreatFabric researchers uncovered MysteryBot, Android malware that uses overlay attacks to avoid detection. Learn how this malware affects Google's Android Accessibility Service. Continue Reading
-
Opinion
02 Oct 2018
Everyone, everywhere is responsible for IIoT cyber security
Cyber security in the industrial internet of things is not limited to a single company, industry or region – it is an international threat to public safety, and can only be addressed through collaboration that extends beyond borders and competitive interests Continue Reading
-
News
12 Sep 2018
Two-thirds of emails not clean, says research
Two-thirds of emails don't make it to the inbox because security systems consider them unsafe, according to research Continue Reading
-
News
11 Sep 2018
British Airways data breach: Security researchers name suspects and query attack timeline
Security researchers claim to have pinpointed the cause and perpetrators of the British Airways data breach, and also claim the attackers may have had access to its customer data for far longer than previously thought Continue Reading
-
News
11 Sep 2018
Public cloud use surges among DDoS attackers, research shows
According to data accrued by DDoS mitigation firm, Link11, the number of attackers that rely on public cloud services soared during the 12 months to June 2018 Continue Reading
-
News
10 Sep 2018
Cyber criminals outspend businesses in cyber security battle
Cybercriminals are flexing their financial might and UK organisations are facing more attacks as a result Continue Reading
-
News
23 Aug 2018
Apache Struts users urged to update due to new security flaw
Another security flaw has been discovered in the Apache Struts, which was at the heart of the massive Equifax data breach in 2017 Continue Reading
-
News
08 Aug 2018
Check Point warns of WhatsApp vulnerabilities
Researchers are warning of vulnerabilities in WhatsApp that allow threat actors to intercept and manipulate messages sent in a group chat Continue Reading
-
News
06 Aug 2018
Mobile banking Trojans reach all-time high
Mobile banking Trojans topped the list of cyber threats in the second quarter of the year, according to research by Kaspersky Lab Continue Reading
-
News
26 Jul 2018
Software development remains insecure
The prevalence of common and well-known web-based vulnerabilities underlines the need for better education around secure software development Continue Reading
-
News
24 Jul 2018
Most firms have software security vulnerability
Most firms have a software vulnerability that can be exploited by cyber attackers, a study has revealed Continue Reading
-
News
17 Jul 2018
A third of organisations do not have a security expert, survey shows
Around a third of organisations are vulnerable to cyber attacks due to a lack of dedicated in-house cyber security experts, finds Gartner survey Continue Reading
-
News
12 Jul 2018
Cyber attackers cashing in on ‘hidden’ attack surface
Cyber attackers are cashing in on organisations’ lack of visibility into all online interactions that can involve multiple third parties, a report reveals Continue Reading
-
News
11 Jul 2018
White-hat hackers find record number of vulnerabilities
White-hat hackers are finding more vulnerabilities than ever before, with crowdsourced security testing continuing to gain popularity, a report reveals Continue Reading
-
News
09 Jul 2018
Inside one of the world’s largest bug bounty programmes
Trend Micro’s Zero Day Initiative may be the top external supplier of software bug reporting for Microsoft and Adobe, but that does not mean it purchases every type of bug Continue Reading
-
News
29 Jun 2018
UK government cyber security standard welcomed
The information security community has welcomed the publication of the government’s minimum cyber security standard, which could be used by any organisation to improve its cyber defences Continue Reading
-
News
19 Jun 2018
Singapore remains hotbed for cyber threats
Singapore was a victim of advanced persistent threats, phishing and website defacements in 2017, according to the latest threat landscape report by the Cyber Security Agency Continue Reading
-
Feature
05 Jun 2018
Application security more important than ever
Applications have an increasingly crucial role in our lives, yet they are also a real security threat, with hackers always finding new ways to bypass security defences. Computer Weekly looks at how organisations are responding to the challenge Continue Reading
-
News
21 May 2018
Pen testers find weaknesses in banks’ cyber security
Humans are the biggest weakness in banks’ cyber defences, but there are several others that also need attention, penetration testers have revealed Continue Reading
-
News
17 May 2018
European cyber attacks up nearly a third in first quarter 2018
The volume of cyber attacks hitting digital transactions in Europe was up by almost a third in the first quarter of 2018 compared with same period a year ago, a report reveals Continue Reading
-
News
18 Apr 2018
APAC is becoming a hotspot for DDoS attacks
The region’s largest and most-connected economies are most vulnerable to distributed denial-of-service attacks, according to CenturyLink Continue Reading
-
News
11 Apr 2018
Government to set up £13.5m cyber security centre
Located at the 2012 Olympic Park, the London Cyber Innovation Centre could create up to 2,000 jobs in cyber security Continue Reading
-
News
28 Mar 2018
Facebook announces more privacy control updates
Social media giant updates privacy settings and tools in response to the unfolding controversy over Cambridge Analytica’s use of Facebook data for political campaigns Continue Reading
-
News
26 Mar 2018
Dutch SMEs’ cyber security is insufficient
Nowhere in the Netherlands is digitisation as big as it is in small and medium-sized enterprises, but the sector still has a lot to do in terms of cyber security Continue Reading
-
E-Zine
15 Mar 2018
CW ASEAN: Time to boost cyber defences
With a relatively young and tech-savvy population, ASEAN has been at the forefront of technology adoption. Yet, this has exposed its people and businesses to more cyber threats, including the massive data leak in Malaysia in 2017. In this month’s issue of CW ASEAN, we take a closer look at ASEAN’s patchy cyber security landscape, including varying levels of cyber resilience across the region, cyber security strategies adopted by different countries, as well as efforts to improve cyber capabilities and foster greater collaboration in the common fight against cyber threats. Download the issue now. Continue Reading
-
News
09 Mar 2018
Cryptojacking cyber criminals up their game
Cyber criminals hijacking computing resources to mine for cryptocurrencies are raising their efforts to bypass enterprise security controls, researchers have found Continue Reading
-
News
08 Mar 2018
Mac malware more than doubled in 2017
Malware targeting Apple Mac computers more than doubled from 2016 to 2017, according to security firm Malwarebytes Continue Reading
-
News
16 Feb 2018
Tech industry signs cyber security charter
Nine technology organisations have signed a cyber security charter aimed at raising the level of cyber security internationally Continue Reading
-
News
14 Feb 2018
Telegram zero-day exploit is a warning
The discovery of an exploit of a zero-day vulnerability in the Telegram messaging app demonstrates that not all “secure” apps are automatically safe, security experts have warned Continue Reading
-
E-Zine
13 Feb 2018
CW ANZ: Prepare for EU data law
Faced with the double whammy of complying with Australia’s upcoming data breach notification requirement and Europe’s new data protection regime, Australian firms are behind where they need to be in their compliance efforts. In this month’s edition of CW ANZ, find out how Australian organisations are getting ready for the GDPR, the challenges they are facing in meeting two new laws at the same time, as well as what they need to do to achieve their compliance goals. Read the issue now. Continue Reading
-
News
12 Feb 2018
FS-ISAC enables safer financial data sharing with API
The global financial industry's body for cyber and physical threat intelligence analysis and sharing has published an API to facilitate safer sharing of consumer financial information Continue Reading
-
News
12 Feb 2018
Criminals hijack government sites to mine cryptocurrency used to hide wealth
Europol says criminals are hiding billions in cryptocurrencies, as thousands of government and other websites have reportedly been used to hijack computers to mine more Continue Reading
-
News
12 Feb 2018
PyeongChang Winter Games hit by cyber attack
Although critical operations were not affected by the incident, event organisers at the PyeongChang Winter Olympics had to shut down servers and the official games website to prevent further damage Continue Reading
-
News
05 Feb 2018
Lauri Love plans to use ‘internet as a force for good’
Engineering student Lauri Love says he plans to help businesses fight cyber crime, after the court of appeal ruled that he can be tried in the UK for allegedly hacking US computer systems, rather than face extradition to the US Continue Reading
-
Opinion
05 Feb 2018
Safer Internet Day: Building online safety practices with young people
Many organisations around the UK are contributing to the important work on making the internet a safer place for everyone Continue Reading
-
News
05 Feb 2018
Researchers discover malicious Chrome extensions
Security researchers have discovered a new botnet delivered via malicious Chrome extensions designed to hijack computers to mine cryptocurrency and record victims’ every move Continue Reading
-
News
02 Feb 2018
ASEAN nations among worst hit by cryptocurrency-mining operation
Thailand, Vietnam and Indonesia recorded high download numbers for the XMRig software that was surreptitiously slipped into user devices to mine Monero Continue Reading
-
Opinion
01 Feb 2018
Security Think Tank: Automating basic security tasks
How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments? Continue Reading
-
News
31 Jan 2018
Many businesses still using outdated security, says Troy Hunt
Too many businesses are using out-of-date approaches to security, a world-renowned cyber security author and trainer warns Continue Reading