Web application security
-
News
21 Apr 2025
CW Innovation Awards: Transforming cyber security with AI
Facing rising cyber threats and a shortage of experts, Citic Telecom International CPC developed an AI-powered penetration testing tool to automate security audits and reduce costs Continue Reading
By -
News
16 Apr 2025
CISA extends Mitre CVE contract at last moment
The US Cybersecurity and Infrastructure Security Agency has ridden to the rescue of the under-threat Mitre CVE Programme, approving a last-minute, 11-month contract extension to preserve the project’s vital security vulnerability work Continue Reading
By- Alex Scroxton, Security Editor
-
News
13 Dec 2022
Finnish government launches information security voucher scheme
Finland’s government is offering businesses financial support to help them improve their cyber security Continue Reading
By- Gerard O'Dwyer
-
News
13 Dec 2022
More Uber data exposed in possible supply chain attack
A second incident affecting ride-sharing app Uber appears to have originated through a third party in a supply chain attack Continue Reading
By- Alex Scroxton, Security Editor
-
News
11 Dec 2022
How Zscaler is cracking APAC’s cloud security market
Zscaler’s head in Asia-Pacific and Japan talks up the company’s growth momentum in the region and what it is doing to address areas where it can do better Continue Reading
By- Aaron Tan, TechTarget
-
Blog Post
09 Dec 2022
When IT Meets Christmas: The Massacre of the Innocents Updated
But Joseph had installed Anti-Spyware on Mary's phone, after she became pregnant and not by him. So they cashed in their bitcoin, dropped their mobiles down a well and departed for Egypt. Continue Reading
By- Philip Virgo, Winsafe Ltd
-
News
08 Dec 2022
Consumers to get new protections against dodgy apps
Government’s new code of practice will impose new privacy and security measures on app store operators and developers Continue Reading
By- Alex Scroxton, Security Editor
-
News
08 Dec 2022
Australia to develop new cyber security strategy
New strategy to be developed by top cyber security experts aims to turn Australia into a global cyber leader, among other goals Continue Reading
-
News
07 Dec 2022
Rackspace email outage confirmed as ransomware attack
An ongoing outage affecting Rackspace email customers is the result of a ransomware attack Continue Reading
By- Alex Scroxton, Security Editor
-
News
07 Dec 2022
Google, MS, Oracle vulnerabilities make November ’22 a big month for patching
Vulnerabilities affecting the likes of Google, Microsoft and Oracle proved particularly troublesome in November Continue Reading
By- Alex Scroxton, Security Editor
-
06 Dec 2022
Is Elon Musk’s Twitter still safe, and should you stop using the platform?
With a litany of security and compliance issues exposed and in many cases caused by Elon Musk’s takeover of social media platform Twitter, some may be asking if it’s still safe or appropriate to use. Continue Reading
-
News
05 Dec 2022
Fake investment ads persist on Meta’s social networks
Online adverts for investment scams relating to property and crypto assets are still getting past measures designed to stop them Continue Reading
By- Alex Scroxton, Security Editor
-
News
02 Dec 2022
Twitter ‘replacement’ Hive Social shuts off service in privacy alert
Hive Social, a recently established social media network, has temporarily closed its servers to address deep structural privacy issues identified by ethical hackers Continue Reading
By- Alex Scroxton, Security Editor
-
News
29 Nov 2022
Cyber criminals exploiting naked TikTok ‘challenge’
Malware operators lured targets by promising them they would be able to view nude videos of TikTok users Continue Reading
By- Alex Scroxton, Security Editor
-
News
27 Nov 2022
Plexal inducts six into cyber leadership scheme
Tech innovation hub Plexal is expanding its Cyber Runway programme with a new Ignite strand dedicated to supporting high-potential security leaders Continue Reading
By- Alex Scroxton, Security Editor
-
News
24 Nov 2022
Not-for-profit aims to encourage 1,300 girls into cyber careers
CyNam, a not-for-profit cyber security initiative, is collaborating with industry, education providers and government to encourage young women into cyber Continue Reading
By- Clare McDonald, Business Editor
-
News
22 Nov 2022
Ducktail spins new tales to hijack Facebook Business accounts
The increasingly active Ducktail cyber crime operation is refining its operations, seeking new methods to compromise its victims’ Facebook Business accounts Continue Reading
By- Alex Scroxton, Security Editor
-
News
21 Nov 2022
Bug Bounty Calculator helps organisations fine-tune their payouts
Newly launched comparison tool will supposedly help operators of vulnerability disclosure or bug bounty programmes to ensure their payments match market rates and expectations, and attract the right sort of attention Continue Reading
By- Alex Scroxton, Security Editor
-
News
18 Nov 2022
Is Elon Musk’s Twitter safe, and should you stop using it?
With a litany of security and compliance issues exposed and in many cases caused by Elon Musk’s takeover of social media platform Twitter, some may be asking if it’s still safe or appropriate to use Continue Reading
By- Alex Scroxton, Security Editor
-
News
14 Nov 2022
How Google and Mandiant are forging synergies in cyber security
Google’s AI smarts and Mandiant’s intelligence on new and emerging threats could lay the foundation of proactive security Continue Reading
By- Aaron Tan, TechTarget
-
News
09 Nov 2022
Microsoft serves smorgasbord of six zero-days
November’s Patch Tuesday fixes significantly fewer vulnerabilities of late, but includes six actively-exploited zero-days, three of them of critical severity Continue Reading
By- Alex Scroxton, Security Editor
-
News
04 Nov 2022
Microsoft: Nation-state cyber attacks became increasingly destructive in 2022
The willingness of nation-state actors to conduct destructive cyber attacks is a source of grave concern, as Microsoft’s latest annual Digital Defence Report lays bare Continue Reading
By- Alex Scroxton, Security Editor
-
News
03 Nov 2022
The Security Interviews: Building trust online
Consumer reviews website Trustpilot has built and scaled its IT security team and is now turning to agile methods and DevSecOps to further enhance its cyber capabilities Continue Reading
By -
Definition
03 Nov 2022
Adobe Flash
Adobe Flash is a software platform used to create rich digital content containing animation, graphic effects, streaming video and other interactive elements to deliver engaging user experiences over many platforms, including desktops and mobile devices. Continue Reading
By -
News
02 Nov 2022
OpenSSL vulnerabilities ‘not as bad as feared’
As previously trailed, OpenSSL patched two buffer overflow vulnerabilities, neither of them as impactful as had been feared Continue Reading
By- Alex Scroxton, Security Editor
-
News
31 Oct 2022
Prepare today for potentially high-impact OpenSSL bug
OpenSSL trailed a critical vulnerability patch last week, which will be only the second such flaw ever found in the open source encryption project. Unfortunately, the first was Heartbleed Continue Reading
By- Alex Scroxton, Security Editor
-
News
27 Oct 2022
LinkedIn adds new features to safeguard user privacy, security
Social media platform is adding a number of features and systems designed to protect legitimate users from inauthentic profiles and activity Continue Reading
By- Alex Scroxton, Security Editor
-
Feature
20 Oct 2022
What do the US’s new software security rules mean for UK organisations?
The White House announced recently that all software supplied to the US government and its agencies needs to be secure, so what does this mean for the UK and EU security sectors? Continue Reading
-
News
18 Oct 2022
Apache vulnerability a risk, but not as widespread as Log4Shell
A newly disclosed Apache Commons Text vulnerability may put many at risk, but does not appear to be as impactful or widespread as Log4Shell Continue Reading
By- Alex Scroxton, Security Editor
-
News
18 Oct 2022
Virtually all vulnerable open source downloads are avoidable
Some 96% of known vulnerable open source downloads could have been avoided altogether, according to a report Continue Reading
By- Alex Scroxton, Security Editor
-
News
14 Oct 2022
Malicious WhatsApp add-on highlights risks of third-party mods
Kaspersky researchers discovered a malicious version of a widely used WhatsApp messenger mod, highlighting the risks of using so-called mods Continue Reading
By- Alex Scroxton, Security Editor
-
News
14 Oct 2022
Office 365 email encryption flaw could pose risk to user privacy
A vulnerability in Microsoft Office 365 Message Encryption could leave the contents of emails dangerously exposed, but with no fix coming it’s up to users to decide how at risk they are Continue Reading
By- Alex Scroxton, Security Editor
-
News
13 Oct 2022
Gartner: Remote work, zero trust, cloud still driving cyber spend
Security leaders are eager to spend on categories including remote and hybrid cyber offerings, zero-trust network access, and cloud Continue Reading
By- Alex Scroxton, Security Editor
-
News
12 Oct 2022
Microsoft fixes lone zero-day on October Patch Tuesday
Microsoft patched a solitary zero-day vulnerability in its latest monthly drop, but fixes for two others disclosed in the past few weeks are nowhere to be seen Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
11 Oct 2022
Reducing the cyber stack with API security
Budgets are tight, making it difficult to secure spend, but is there an argument for jettisoning fragmented approaches to securing APIs in favour of a dedicated end-to-end approach? Doubling down on API security could help businesses not just reduce risk, but also costs Continue Reading
By- Jason Kent
-
News
11 Oct 2022
Contractor left Toyota source code exposed for five years
Source code related to Toyota’s T-Connect service was left exposed on GitHub for over five years by a contractor Continue Reading
By- Alex Scroxton, Security Editor
-
News
10 Oct 2022
How Cloudflare is staying ahead of the curve
Cloudflare co-founder and CEO Matthew Prince talks up what has changed since the company’s first business plan was written in 2009 and how it keeps pace with the fast-moving network security landscape Continue Reading
By- Aaron Tan, TechTarget
-
Opinion
10 Oct 2022
Security Think Tank: Design security in to reap container benefits
Provided container security basics are built into your development and runtime environment from the start, containerised services and applications can provide rapid – and secure – achievement of business objectives Continue Reading
By- Mairi MacLeod and Farrukh Ahmad
-
News
29 Sep 2022
Failure of Russia’s cyber attacks on Ukraine is most important lesson for NCSC
Russia has so far failed in its attempts to destabilise Ukraine through cyber attacks due to strength of Ukrainian, security industry and international efforts Continue Reading
By- Karl Flinders, Chief reporter and senior editor EMEA
-
Opinion
28 Sep 2022
Security Think Tank: Three steps to a solid DevSecOps strategy
Read about how buyers can manage third-party risk when procuring applications, how to secure the software development process, and even how to affect cultural change among developers not used to thinking cyber first Continue Reading
By- Cate Pye and Farrukh Ahmad
-
News
28 Sep 2022
Most hackers exfiltrate data within five hours of gaining access
Insights from more than 300 sanctioned adversaries, otherwise known as ‘ethical’ hackers, reveal that around two-thirds are able to collect and exfiltrate data within just five hours of gaining access Continue Reading
By- Sebastian Klovig Skelton, Data & ethics editor
-
News
26 Sep 2022
How Russian intelligence hacked the encrypted emails of former MI6 boss Richard Dearlove
Hack by Russian-linked ColdRiver group exposed former MI6 chief Richard Dearlove’s contacts and email communications with government, military, intelligence and political officials Continue Reading
By- Duncan Campbell , 2QQ Ltd, Sussex University
-
News
26 Sep 2022
More than 30 startups to join Plexal’s Cyber Runway accelerator
Now in its second year, the Cyber Runway accelerator has been designed to support firms at various stages of growth, as well as help the cyber security sector to improve on its diversity, inclusion and regional representation Continue Reading
By- Sebastian Klovig Skelton, Data & ethics editor
-
Opinion
23 Sep 2022
It’s time for engineering teams to own DevSecOps
It may seem counterintuitive, but maybe organisations should consider delegating responsibility for DevSecOps to engineering teams, not security teams, argues Elastic’s Mandy Andress Continue Reading
By- Mandy Andress, Elastic
-
News
22 Sep 2022
Nordic private equity firms pursue cyber security acquisitions
Increasing interest in the security sector from Nordic private equity firms is a reflection of growing threats and increasing enterprise security budgets Continue Reading
By- Gerard O'Dwyer
-
News
21 Sep 2022
15-year-old Python bug present in 350,000 open source projects
A Python tarfile vulnerability first disclosed in 2007 still persists to this day, according to analysis from Trellix Continue Reading
By- Alex Scroxton, Security Editor
-
News
16 Sep 2022
Uber suffers major cyber attack
Details are trickling out of an apparent ‘near total’ compromise of ride-sharing service Uber by an alleged teenage hacktivist Continue Reading
By- Alex Scroxton, Security Editor
-
News
14 Sep 2022
Microsoft patches 64 vulnerabilities on September Patch Tuesday
Microsoft drops fixes for five critical vulnerabilities and one zero-day in its latest monthly update Continue Reading
By- Alex Scroxton, Security Editor
-
News
13 Sep 2022
Cloud compromise a doddle for threat actors as victims attest
Two separate studies into the state of public cloud security reveal insight into the ease with which threat actors can compromise vast numbers of targets, and some of the challenges security teams are facing in the cloud Continue Reading
By- Alex Scroxton, Security Editor
-
News
13 Sep 2022
Users warned over Azure Active Directory authentication flaw
Secureworks researchers found what they say is a serious vulnerability in an Azure Active Directory authentication method, but Microsoft says it should not pose a serious risk to users Continue Reading
By- Alex Scroxton, Security Editor
-
News
12 Sep 2022
CISOs should spend on critical apps, cloud, zero-trust, in 2023
Faced with a global recession next year, security buyers should try to direct investment towards technology that protects customer-facing and revenue-generating workloads, say analysts Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
09 Sep 2022
Security Think Tank: Adding trust to AppSec and DevSecOps
When building in trust and assurance into app development through standards, it is critically important not to stifle innovation Continue Reading
By- Rowland Johnson
-
News
08 Sep 2022
Dutch cyber security organisations to join forces
Cyber security organisations in the Netherlands are going to merge into a single central expertise centre and information hub, which all organisations in the country will soon be able to tap into Continue Reading
By- Kim Loohuis
-
Opinion
08 Sep 2022
Security Think Tank: Creating a DevSecOps-friendly cyber strategy
When slowing down is not an option, you need to find a security strategy that is DevSecOps friendly, says Airbus Protect’s Olivier Allaire Continue Reading
By- Olivier Allaire, Airbus Protect
-
News
07 Sep 2022
August ’22 a bumper month for high-impact vulnerabilities
Bugs in products from Apple, Google, Microsoft and VMware dominated the threat landscape in August, says Recorded Future Continue Reading
By- Alex Scroxton, Security Editor
-
News
07 Sep 2022
Prince’s Trust teams with threat management specialist in skills push
Prince’s Trust hopes to address shortfall in cyber professionals and improve diversity in the industry Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
07 Sep 2022
Security Think Tank: The many dimensions of DevSecOps
It is imperative to make our colleagues and customers know that when we talk DevSecOps, we are facing a multiphase challenge that starts at the very beginning of DevOps, and one that never ends Continue Reading
By- Alejandro Bernal
-
Opinion
05 Sep 2022
Security Think Tank: Good procurement practices pave the way to app security
Application security is as much a question of good procurement practice as it is good development practice, says Petra Wenham of the BCS Continue Reading
By -
Opinion
02 Sep 2022
Security Think Tank: Shift left, shift right. What about shift everywhere?
The concepts of shift left and shift right are highly effective in securing the development process, but for those who want to take things that step further there is shift everywhere Continue Reading
By- Paul Holland, Information Security Forum
-
Opinion
01 Sep 2022
Security Think Tank: Effective DevSecOps requires collaboration
Application security and effective DevSecOps can only be achieved through collaboration with the business – the ultimate goal is to make it safer to do business, which requires considering integrated risk management and identity and access management alongside cyber security and application security Continue Reading
By- Andrew Morris, Turnkey Consulting
-
News
31 Aug 2022
Google debuts open source bug bounty programme
Google is calling on hackers to take pot-shots at its open source projects for the first time through a new vulnerability research programme Continue Reading
By- Alex Scroxton, Security Editor
-
News
30 Aug 2022
LastPass breach limited in scale and well-managed, say experts
A breach of LastPass’s developer environment does not seem to have affected users of the password management service, but it may still be time for a credential reset Continue Reading
By- Alex Scroxton, Security Editor
-
News
25 Aug 2022
Millions of Plex users may be at risk in password breach
Up to half of Plex’s 30 million users may have had their personal data stolen by an unknown threat actor Continue Reading
By- Alex Scroxton, Security Editor
-
News
23 Aug 2022
DevSecOps: Software developers lack sufficient security focus
GitLab survey shows developers want to produce high-quality code, but ‘shifting’ security left is hard to achieve Continue Reading
By- Cliff Saran, Managing Editor
-
News
19 Aug 2022
Cozy Bear targets MS 365 environments with new tactics
Cozy Bear, or APT29, is trying out new tricks as it seeks access to its targets’ Microsoft 365 environments Continue Reading
By- Alex Scroxton, Security Editor
-
News
19 Aug 2022
Apple patches two zero-days in macOs, iOS
Mac users should urgently apply new patches addressing vulnerabilities in its desktop and mobile operating systems Continue Reading
By- Alex Scroxton, Security Editor
-
News
18 Aug 2022
Growing MFA use spurs ‘pass-the-cookie’ attacks
The exploitation of stolen session cookies by cyber criminals is once again back on the agenda, thanks to the growing popularity of multifactor authentication tools Continue Reading
By- Alex Scroxton, Security Editor
-
News
12 Aug 2022
Microsoft doles out $13.7m in bug bounties
Microsoft’s Bug Bounty programme has paid a total of $13.7m to more than 300 researchers in almost 50 countries Continue Reading
By- Alex Scroxton, Security Editor
-
News
11 Aug 2022
NHS may take a month to recover from supply chain attack
Ransomware attack victim Advanced warns its NHS customers they could be waiting until early September to fully recover their operations Continue Reading
By- Alex Scroxton, Security Editor
-
News
10 Aug 2022
GitHub targets vulnerable open source components
There are thousands of vulnerabilities in open source code – GitHub aims to help developers see if their projects are impacted Continue Reading
By- Cliff Saran, Managing Editor
-
News
10 Aug 2022
Microsoft fixes two-year-old MSDT vulnerability in August update
August’s Patch Tuesday drop fixes more than 120 CVEs, including another MSDT RCE zero-day that is being actively exploited. Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
05 Aug 2022
The dangers of the UK’s illogical war on encryption
The unintended consequences of the Online Safety Bill will have a dramatic effect on our ability to communicate securely, including in Ukraine, where it is needed most Continue Reading
By- Robin Wilton
-
News
04 Aug 2022
Spyware activity particularly impactful in July
After a quiet June, vulnerability exploitation ramped up in July, with intrusions linked to spyware seeing unusually high volumes of activity, according to a report Continue Reading
By- Alex Scroxton, Security Editor
-
News
28 Jul 2022
NCSC startups scheme turns focus to operational technology, SME security
NCSC for Startups initiative turns its focus to supporting innovation around securing operational technology and addressing the challenges facing small businesses Continue Reading
By- Alex Scroxton, Security Editor
-
News
28 Jul 2022
Cyber criminals pivot away from macros as Microsoft changes bite
As Microsoft resumes blocking macros by default in its Office application suite, reversing a temporary reversal, analysis from Proofpoint suggests the action has had a remarkable effect Continue Reading
By- Alex Scroxton, Security Editor
-
News
27 Jul 2022
Retail software firm PrestaShop warns users about SQL injection attacks
Open source e-commerce platform PrestaShop warns thousands of small retailers that their customers’ credit card details may be at risk of compromise Continue Reading
By- Alex Scroxton, Security Editor
-
News
26 Jul 2022
Ducktail infostealer targets Facebook Business users
Newly uncovered Ducktail operation targets individuals with access to Facebook Business service and tries to steal their accounts Continue Reading
By- Alex Scroxton, Security Editor
-
E-Zine
26 Jul 2022
Inside Russia’s Ukraine information operations
In this week’s Computer Weekly, we get the inside track on Russia’s disinformation operations attempting to spread propaganda and cyber threats about the invasion of Ukraine. Our new buyer’s guide looks at customer and employee experience management. And we assess 10 top Kubernetes backup suppliers. Read the issue now. Continue Reading
-
News
25 Jul 2022
Latest Atlassian Confluence vulnerability raises concerns
CVE-2022-26138 is the second major vulnerability disclosure made for Atlassian’s Confluence collaboration platform in recent months Continue Reading
By- Alex Scroxton, Security Editor
-
News
22 Jul 2022
LinkedIn most impersonated brand in phishing attacks
Social network LinkedIn, along with Microsoft and DHL, are just some of the brands that are most frequently imitated by cyber criminals conducting phishing attacks Continue Reading
By- Alex Scroxton, Security Editor
-
News
21 Jul 2022
Buy ‘plug-n-play’ malware for the price of a pint of beer
Three-quarters of malwares and almost 90% of exploits retail on the dark web for about £8.40 or less, according to a report Continue Reading
By- Alex Scroxton, Security Editor
-
News
20 Jul 2022
(ISC)² expands entry-level cyber programme after UK success
Flush with success from a UK certification programme, reaching 100k in the UK, (ISC)² now wants to provide free security certification to a million people worldwide Continue Reading
By- Alex Scroxton, Security Editor
-
News
20 Jul 2022
Cato aims to bust cyber myths as it extends network protections
Cato Networks is beefing up its platform’s security features with ransomware and data loss protections, and the firm’s security strategy lead Etay Maor is using the occasion – and his unique access to billions of data points from the firm’s network – to explode some cyber myths Continue Reading
By- Alex Scroxton, Security Editor
-
News
15 Jul 2022
Log4Shell on its way to becoming ‘endemic’
US government report concludes that, like Covid, Log4Shell will be with us for a long time to come Continue Reading
By- Alex Scroxton, Security Editor
-
News
13 Jul 2022
Slippery phish wriggles around MFA protections, says Microsoft
Microsoft’s threat researchers share details of a phishing campaign that hit 10,000 organisations, against which standard multifactor authentication provides little defence Continue Reading
By- Alex Scroxton, Security Editor
-
News
13 Jul 2022
Digital break-up kit to help women get out of bad relationships safely
Domestic abuse charity Refuge teams up with Avast to equip women with the knowledge to effectively and safely end a relationship digitally Continue Reading
By- Alex Scroxton, Security Editor
-
News
13 Jul 2022
July Patch Tuesday brings more than 80 fixes, one zero-day
While some admins can put their feet up and let Windows Autopatch do the hard work of updating their Microsoft estates, for the rest of us, the Patch Tuesday bandwagon keeps on keeping on Continue Reading
By- Alex Scroxton, Security Editor
-
News
12 Jul 2022
Microsoft Windows Autopatch now generally available
Microsoft customers with Windows Enterprise E3 and E5 licences can now take full advantage of its new automated patching service Continue Reading
By- Alex Scroxton, Security Editor
-
News
11 Jul 2022
Microsoft VBA macro block will return
Microsoft provides more details about its sudden decision to rollback a landmark security policy, and reassures users it is a temporary measure Continue Reading
By- Alex Scroxton, Security Editor
-
News
08 Jul 2022
Microsoft appears to reverse VBA macro-blocking
Microsoft quietly reverses VBA macro-blocking across its Office portfolio in a move that has left security experts puzzled Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
07 Jul 2022
The evolution of threat modelling as a DevSecOps practice
Threat modelling is becoming ever more integrated into software architecture design. Here, Stephen de Vries of IriusRisk looks at the evolution of the process Continue Reading
By- Stephen de Vries
-
News
06 Jul 2022
Plexal seeks new scaleups for next phase of Cyber Runway
Established security startups looking to grow and scale their operations are being invited to join the next phase of Plexal’s Cyber Runway programme Continue Reading
By- Alex Scroxton, Security Editor
-
E-Zine
05 Jul 2022
How to get the right level of cyber insurance
In this week’s Computer Weekly, we look at how the market for cyber insurance is evolving and how to avoid buying the wrong level of cover. We find out what role hydrogen technologies could play in reducing datacentre carbon emissions. And we hear how a 125-year-old bicycle maker is embracing digital innovation. Read the issue now. Continue Reading
-
News
29 Jun 2022
Romance scammers exploit Ukraine war in cynical campaign
Romance scammers can make easy money exploiting people looking for love, but in this newly observed campaign linked to the Ukraine war they are playing on deeper emotions Continue Reading
By- Alex Scroxton, Security Editor
-
News
28 Jun 2022
Avast uncovers ‘thieves’ kitchen’ of malware-writing teens
Researchers stumble across online community of 11 to 18-year-olds constructing, exchanging and spreading malware Continue Reading
By- Alex Scroxton, Security Editor
-
News
24 Jun 2022
US cyber agency in fresh warning over Log4Shell risk to VMware
Many VMware Horizon and UAG servers remain defenceless against Log4Shell, and organisations continue to fall victim to the vulnerability Continue Reading
By- Alex Scroxton, Security Editor
-
News
24 Jun 2022
Developers grapple with open source software security
Software developers are taking longer to fix vulnerabilities and many do not know about the dependencies of open source software components they are using, study finds Continue Reading
By- Aaron Tan, TechTarget
-
News
23 Jun 2022
SolarWinds unveils new development model to avoid a repeat of Sunburst
SolarWinds has unveiled a new, secure-by-design software development model to protect itself from a repeat of the infamous 2020 cyber attack on its systems, and serve as a blueprint for the industry Continue Reading
By- Alex Scroxton, Security Editor
-
News
16 Jun 2022
Dundee security research centre opens with support from SBRC
An £18m hub at Abertay University in Dundee forms the centrepiece of Scotland’s first security research cluster Continue Reading
By- Alex Scroxton, Security Editor
-
News
16 Jun 2022
Office 365 loophole may give ransomware an easy shot at your files
Researchers at Proofpoint have discovered potentially dangerous Microsoft Office 365 functionality that they believe may give ransomware a clear shot at files stored on SharePoint and OneDrive Continue Reading
By- Alex Scroxton, Security Editor
-
News
15 Jun 2022
Patch Tuesday dogged by concerns over Microsoft vulnerability response
The last Patch Tuesday in its current form is overshadowed by persistent concerns about how Microsoft deals with vulnerability disclosure Continue Reading
By- Alex Scroxton, Security Editor
-
News
14 Jun 2022
MS Azure Synapse vulnerability fixed after six-month slog
Microsoft patched a critical Azure Synapse vulnerability twice, but each time the researcher who discovered it was able to bypass it with ease, leading to a lengthy saga Continue Reading
By- Alex Scroxton, Security Editor