Web application security
-
News
11 Jul 2024
Dutch research firm TNO pictures the SOC of the future
In only a few years, security operations centres will have a different design and layout, and far fewer will remain Continue Reading
-
E-Zine
07 Sep 2023
CW EMEA: The value of valuing people
In this month’s CW EMEA ezine, we look at HR software and strategies that can help combat staff attrition, find out how Finland’s and Sweden’s plans to join NATO have initiated activity in the Nordic cyber security sector already, consider the data privacy challenges associated with generative AI, and find out why it is important for companies to implement new cryptography standards now in preparation for quantum-safe communication. Read the issue now. Continue Reading
-
News
08 Oct 2014
Malware being used to steal cash from ATMs
Criminals are using malware to steal cash from ATMs without debit and credit cards Continue Reading
By- Karl Flinders, Chief reporter and senior editor EMEA
-
E-Zine
03 Oct 2014
CW Europe - October 2014 Edition
BYOD policies: What’s allowed and what’s banned? As IT departments still try to come to terms with the notion of BYOD, CW Europe takes a look at what policies are being implemented to keep security under control. Continue Reading
-
News
16 Sep 2014
GDS unveils 'Gov.UK Verify' public services identity assurance scheme
The Government Digital Service (GDS) debuts a system to prove users’ identities when using public services online, branded as 'Gov.UK Verify' Continue Reading
By- Bryan Glick, Editor in chief
-
News
27 Aug 2014
Security experts identify top 10 software design flaws
The IEEE Center for Secure Design has published a report on how to avoid the top 10 software security design flaws Continue Reading
By- Warwick Ashford, Senior analyst
-
News
11 Aug 2014
USB-connected devices present cyber vulnerabilities
Connecting devices to computers using a USB port could lead to security breaches, say Berlin-based researchers Continue Reading
By- Caroline Baldwin, Freelance editor and journalist
-
News
22 Jul 2014
Hackers abuse Bitly API in novel attack, reports Websense
A cyber attack targeting MSNBC highlights cybercriminals’ abuse of the public’s trust in news sites, says Websense Security Labs Continue Reading
By- Warwick Ashford, Senior analyst
-
News
04 Jul 2014
Barclays passes government’s ‘internet-born threat’ test
Barclays Bank has been awarded the government’s cyber security certificate for digital banking services after independent tests of services such as Pingit Continue Reading
-
E-Zine
22 Apr 2014
Adapting to life after Heartbleed
In this week’s Computer Weekly, we investigate the most significant flaw in recent history to impact the internet. The Heartbleed bug in OpenSSL leaves millions of internet servers vulnerable to attack. Hackers have already exploited Heartbleed to steal passwords from the Mumsnet parenting site. What can websites do to foil future attacks? Continue Reading
-
Feature
14 Mar 2014
Hacktivism: good or evil?
IT lawyer Dai Davis looks at the rise of hacktivism and its impact on business and international politics Continue Reading
By- Dai Davis, Percy Crow Davis & Co
-
News
05 Feb 2014
Bank of England publishes Waking Shark II cyber security exercise results
Bank of England publishes the results of its Waking Shark II security exercise, which tested financial institutions' contingency plans for cyber attack Continue Reading
By- Caroline Baldwin, Freelance editor and journalist
-
News
04 Feb 2014
NHS site malicious redirects are a warning to developers
A coding error that redirected NHS website visitors to malicious content should be a warning to developers, say security experts Continue Reading
By- Warwick Ashford, Senior analyst
-
News
23 Jan 2014
New Snapchat security measure easily by-passed, says researcher
A new Snapchat security measure to verify users are human is easily by-passed, says researcher Continue Reading
By- Warwick Ashford, Senior analyst
-
News
23 Jan 2014
US startup aims to turn tables on hackers
US startup Shape Security is turning the tables against hackers by using one of their own techniques against them Continue Reading
By- Warwick Ashford, Senior analyst
-
News
10 Jan 2014
Security considerations for UK enterprises
This Research Snapshot from Vanson Bourne looks at IT security spending trends, awareness of cyber-threats, and the factors perceived as the biggest security risks for organisations. Continue Reading
-
Feature
25 Nov 2013
Optimising performance and security of web-based software
On-demand applications are often talked about in terms of how suppliers should be adapting the way their software is provisioned to customers. Continue Reading
By -
News
12 Nov 2013
Global profiles of the fraudster
Computers, rather than conmen, are set to be the future face of fraud, as criminals turn to robotics in an effort to avoid detection, this report from KPMG reveals. Continue Reading
-
News
16 Oct 2013
Neustar to host first DDoS awareness day
Communications firm Neustar is to host the first international awareness day on distributed denial of service (DDoS) attacks Continue Reading
By- Warwick Ashford, Senior analyst
-
News
09 Sep 2013
Most websites could be targeted through PHP, warns Imperva
Hackers are focusing on vulnerabilities in PHP web application development platform, threatening most websites, warns Imperva Continue Reading
By- Warwick Ashford, Senior analyst
-
News
06 Sep 2013
NSA and GCHQ unlock online privacy encryption
UK and US intelligence agencies have unlocked the technology used to encrypt online services, including email, online banking and medical records. Continue Reading
By- Caroline Baldwin, Freelance editor and journalist
-
News
05 Sep 2013
Windows 2012 Server Network Security
This book chapter offers an introduction to Windows 8 and Windows Server 2012 network security and IPv6. It includes a 30% discount code for Computer Weekly readers. Continue Reading
-
News
05 Sep 2013
Windows Server 2012 Security from End to Edge and Beyond
This extract from the book Windows Server 2012 Security from End to Edge and Beyond shows you how to plan your platform security requirements and gives you the critical questions to ask. Continue Reading
-
News
05 Sep 2013
Printing: a false sense of security?
Louella Fernandes and Bob Tarzey show how secure printing technology can provide authentication, authorisation and accounting capabilities, helping businesses improve document security and meet compliance regulations. Continue Reading
-
News
20 Aug 2013
Targeted attacks and how to defend against them
Analysts Bob Tarzey and Louella Fernandes assess the scale and real impact of targeted attacks the measures being taken to defend against them. Continue Reading
-
Opinion
13 Aug 2013
The dangers of internet cafés
Businesses need clear computer use policies and need to ensure staff are properly trained in data protection, writes Garry Mackay Continue Reading
By- Garry Mackay
-
News
05 Aug 2013
Websites hacked to show child abuse images
More than 25 business websites worldwide have been hacked to show illegal images of child sex abuse Continue Reading
By- Caroline Baldwin, Freelance editor and journalist
-
Feature
30 Jul 2013
Big data journalism exposes offshore tax dodgers
How journalists harnessed big data to challenge offshore financial secrecy Continue Reading
By- Duncan Campbell and Craig Shaw
-
News
19 Jul 2013
IT security case studies
Four critical IT security case-studies selected from the winners of Computer Weekly's European User Awards for security Continue Reading
-
News
18 Jul 2013
Needle in a Datastack: The rise of big security data
This research from McAfee investigates how well organisations are positioned to address the challenges of managing security in a world of ever increasing amounts and types of data. Continue Reading
-
News
17 Jul 2013
2013 Cost of Data Breach Study: UK
The cost of data breaches has risen for UK organisations over the past year, the Ponemon Institute reveals. Continue Reading
-
News
17 Jul 2013
Security Think Tank Download: Bring your own device
Downloadable guide. How to make your company secure when you introduce BYOD. Continue Reading
-
News
17 Jul 2013
IT Security Case Studies
Warwick Ashford presents 4 essential IT security case-studies selected from the winners of Computer Weekly's European User Awards. Continue Reading
-
News
16 Jul 2013
More than one-fifth of UK firms hit by DDoS attacks in 2012
More than a fifth of UK firms experienced a disruptive distributed denial of service (DDoS) attack in 2012 Continue Reading
By- Warwick Ashford, Senior analyst
-
News
24 Jun 2013
Identity management key to browser-based IT strategy
A cloud-based identity management system is key to enabling a browser-based IT strategy at online recruitment firm Reed.co.uk Continue Reading
By- Warwick Ashford, Senior analyst
-
News
29 May 2013
Syrian hackers deface Sky Android apps
Syrian hackers have defaced several of Sky’s Android apps, forcing the broadcaster to remove them temporarily from the Google Play store Continue Reading
By- Warwick Ashford, Senior analyst
-
News
13 May 2013
Cyber criminals hack Washington court system
Hackers gain access to the personal data of 160,000 US citizens after compromising Washington State court service servers Continue Reading
By- Karl Flinders, Chief reporter and senior editor EMEA
-
News
01 May 2013
CW buyer's guide: context-aware security
This 11-page Computer Weekly buyer's guide looks at how organisations should approach context-aware security technologies and what business benefits they can deliver. Continue Reading
-
News
01 May 2013
CW Special Report on CSC
This 16-page report from Computer Weekly analyses the challenges facing CSC, its financial performance, the services it offers, its place in the IT market and its future strategy. Continue Reading
-
News
22 Apr 2013
US jails LulzSec hacker Cody Kretsinger
The US has jailed a member of hacktivist group LulzSec for a year for his role in breaching computer systems at Sony Pictures Entertainment in 2011 Continue Reading
By- Warwick Ashford, Senior analyst
-
News
19 Apr 2013
Conficker makes way for web-based attacks, says Microsoft
Web attacks emerge as top threat as businesses finally begin to win the battle against Conficker and other worms, says Microsoft Continue Reading
By- Warwick Ashford, Senior analyst
-
News
11 Apr 2013
Bots and web apps among top threats to data security, says Check Point
Bots, viruses, breaches and attacks are a constant and real threat to the information security of organisations Continue Reading
By- Warwick Ashford, Senior analyst
-
Opinion
25 Mar 2013
Securing the hypervisor: expert tips
There are many potential security issues with the various components of a virtualised infrastructure, and nowhere is this more of a concern than with the hypervisor platforms that host virtual systems and application instances Continue Reading
By- Dave Shackleford, Voodoo Security
-
News
05 Mar 2013
Enterprise Security Architecture – an outsourcer's view
Alan Jenkins, chief security officer of outsourcing specialist, T Systems, explains the company's approach to enterprise security architecture. Continue Reading
-
News
05 Mar 2013
Enterprise Security Architecture
Mark Brown, Director for Advisory Risk & Information Security at Ernst & Young offers advice to security leaders on developing a robust Enterprise Security Architecture. Continue Reading
-
News
26 Feb 2013
Virtualization Security: Protecting Virtualized Environments
This extract from the book Virtualization Security, includes a 30% discount for Computer Weekly readers. Continue Reading
-
News
24 Jan 2013
ICO hits Sony with £250,000 data breach penalty
The Information Commissioner’s office (ICO) has fined Sony Computer Entertainment Europe £250,000 for breaching the Data Protection Act Continue Reading
-
News
18 Jan 2013
Security visualisation
This article is guideline of how to generate a visual representation of a given dataset and use in the evaluation of known security vulnerabilities Continue Reading
-
News
14 Jan 2013
Oracle rushes out patches for Java zero days
Oracle has released two out-of-band security updates for the latest zero day vulnerabilities in Java Continue Reading
By- Warwick Ashford, Senior analyst
-
News
12 Dec 2012
Ghost Shell hacktivists publish over a million credentials
The Ghost Shell group, an offshoot of the Anonymous hacking collective has published the log-in details from 1.6 million accounts Continue Reading
By- Warwick Ashford, Senior analyst
-
News
07 Dec 2012
UK government jobs website exploited by hackers
Hackers have been able to exploit security flaws in a new government jobs website to steal personal information about job applicants Continue Reading
By- Warwick Ashford, Senior analyst
-
News
06 Dec 2012
2012 Cost of Cyber Crime Study: UK
The 2012 Cost of Cyber Crime Study: United Kingdom is independently conducted by Ponemon Institute. The benchmark study, sponsored by HP Enterprise Security is based on a representative sample of 38 organisations in various industry sectors. Continue Reading
-
News
03 Dec 2012
IT Security Purchasing Intentions 2013
This in-depth research from Computer Weekly and TechTarget reveals the IT security spending priorities of businesses in the UK and Europe. Continue Reading
-
News
27 Nov 2012
Zero-day exploit for Yahoo Mail goes on sale
Hacker sells $700 zero-day exploit for Yahoo Mail that allows attacker to use cross-site scripting vulnerability to steal cookies and hijack accounts Continue Reading
By- Warwick Ashford, Senior analyst
-
News
13 Nov 2012
The Global State of Information Security Survey 2013: Key Findings
This global study examines the state of cyber-security and the impact of cyber crime and offers advice to businesses on reducing the risks. Continue Reading
-
News
30 Oct 2012
IT security budgets mismatched to hacker targets, study shows
IT security budgets are not being used to provide defence technologies in some areas most likely to be targeted by hackers, a study shows Continue Reading
By- Warwick Ashford, Senior analyst
-
News
10 Oct 2012
RSA Europe: Cloud key to future information security, says Qualys
Cloud computing is an opportunity information security professionals should not miss, says Philippe Courtot, CEO of security firm Qualys Continue Reading
By- Warwick Ashford, Senior analyst
-
News
05 Oct 2012
Security firm warns against Samsung Galaxy Tab for enterprise use
Security specialist Context Information Security says vulnerabilities in the Samsung Galaxy Tab make it unsuitable for use in the enterprise Continue Reading
By- Caroline Baldwin, Freelance editor and journalist
-
News
02 Oct 2012
Hackers target White House military network
Hackers using computers in China have infiltrated an “unclassified” network in the US White House, believed to be used for issuing nuclear commands. Continue Reading
By- Cliff Saran, Managing Editor
-
News
25 Sep 2012
Security concerns hold back mobile banking adoption
More than two-thirds of smartphone owners have not yet adopted mobile banking apps because of security concerns, a survey has revealed Continue Reading
By- Warwick Ashford, Senior analyst
-
News
18 Sep 2012
Microsoft investigates IE zero-day flaw
Microsoft says it is investigating reports of a vulnerability in Internet Explorer 6, 7, 8, and 9 Continue Reading
By- Warwick Ashford, Senior analyst
-
News
17 Sep 2012
Android devices vulnerable to security breaches
More than 50% of devices running Google's Android OS have unpatched vulnerabilities, opening them up to malicious apps and other attacks Continue Reading
By- Caroline Baldwin, Freelance editor and journalist
-
Tip
14 Aug 2012
Mobile application security issues and threat vectors in enterprises
As mobile application security threats take on serious proportions, we explore the issues and risks involved for users and enterprises. Continue Reading
By- Ram Venkatraman
-
News
10 Jul 2012
Microsoft repairs dangerous XML Core Services zero-day flaw
The Microsoft XML Core Services vulnerability is being actively targeted by cybercriminals. In addition, Microsoft issued a critical update to Internet Explorer 9. Continue Reading
By- Robert Westervelt, TechTarget
-
Answer
18 May 2012
File upload security best practices: Block a malicious file upload
Do your Web app users upload files to your servers? Find out the dangers of malicious file uploads and learn six steps to stop file-upload attacks. Continue Reading
By -
Tutorial
09 May 2012
Burp Suite Tutorial PDF compendium: WebApp tester’s ready reference
Our Burp Suite tutorial PDF compendium is a collection of our Burp Suite guides in PDF format made available to you for free offline reference. Continue Reading
By- SearchSecurity.in Staff
-
News
19 Mar 2012
Study: Shnakule, four other malnets caused most 2011 attacks
Huge global malnets, such as Shnakule, were responsible for most attacks in 2011, and Blue Coat predicts they will trigger 66% of all attacks in 2012. Continue Reading
By -
Answer
05 Mar 2012
Session fixation protection: How to stop session fixation attacks
Session fixation attacks rely on poorly managed Web application cookies. Rob Shapland answers a reader’s question on session fixation protection. Continue Reading
By -
News
24 Feb 2012
Windows security case study: Controlling Windows 7 user privileges
After migrating from Windows XP to Windows 7, Oxford University Press used Avecto’s Privilege Guard to control Windows 7 user privileges. Continue Reading
By -
News
03 Feb 2012
Microsoft spurs Browsium to rewrite tool for running IE6 on Windows 7
Microsoft has spurred Browsium to rewrite its tool for running IE6 on Windows 7, limiting the security threat posed by continued use of IE6. Continue Reading
By -
News
29 Dec 2011
Emerging 2012 security trends demand information security policy changes
2012 security trends involving cookies, fines, devices and threats will demand more skills -- and a little finesse -- from security professionals. Continue Reading
By -
Tip
14 Dec 2011
CSRF attack: How hackers use trusted users for their exploits
A CSRF attack is a serious Web security threat that, combined with XSS, can be lethal. Learn about the CSRF attack’s anatomy, along with mitigation methods. Continue Reading
By- Karthik Poojary, Amazon
-
News
07 Mar 2011
Malvertising, pop-up ad virus problems demand more user protection
A recent pop-up ad infection on the London Stock Exchange's website highlights the growing scourge of malicious advertising, or malvertising. Continue Reading
By -
Tip
18 Jan 2011
Top seven social media threats
Discover the top seven social media threats in the first of a two-part series on social media related security threats and preventive measures. Continue Reading
By- Shantanu Ghosh
-
News
10 Mar 2008
Web 2.0 presents no new security challenges, is just marketing hype: Secure Computing
Secure Computing's Scott Montgomery says Web 2.0 security is marketing hype, application flaws come from overworked programmers and Australia is doing better at cyber-security than the USA and Europe. Continue Reading
By- Simon Sharwood