Web application security
-
Opinion
07 Feb 2025
Secure software procurement in 2025: A call for accountability
Outgoing CISA chief Jen Easterly called on buyers to demand better security standards from their software suppliers. The Security Think Tank considers what better means, and what best practice for secure software procurement looks like in 2025. Continue Reading
-
News
07 Feb 2025
US lawmakers move to ban DeepSeek AI tool
US politicians have introduced a bill seeking to ban the use of the DeepSeek AI tool on government-owned devices, citing national security concerns due to its alleged links to the Chinese state Continue Reading
By- Alex Scroxton, Security Editor
-
News
11 Apr 2022
Singapore to start licensing cyber security service providers
Those providing penetration testing and SOC services will need to apply for a licence under a new licensing regime that is expected to safeguard consumer interests and improve service standards Continue Reading
By- Aaron Tan, TechTarget
-
News
11 Apr 2022
Open source CMS platform Directus patches XSS bug
A stored cross-site scripting vulnerability in the Directus platform could have enabled malicious actors to gain access to valuable data Continue Reading
By- Alex Scroxton, Security Editor
-
News
08 Apr 2022
Was Spring4Shell a lot of hot air? No, but...
Find out why Spring4Shell was apparently not as impactful a security problem as many had at first feared, and why it’s on the cyber community as a whole to do better Continue Reading
By- Alex Scroxton, Security Editor
-
News
06 Apr 2022
Denonia malware may be first to target AWS Lambda
The newly discovered Denonia malware appears to be custom designed to target AWS Lambda environments, and may be the first of its kind Continue Reading
By- Alex Scroxton, Security Editor
-
Blog Post
06 Apr 2022
Scoop: Zero Trust Network Access Becomes Your Flexible Friend!
In my last blog, I highlighted the ongoing debate within IT security that is zero trust or, to use the full acronym, ZTNA (Zero Trust Network Access) and that – in theory, at least – it is kind of ... Continue Reading
By- Steve Broadhead, Broadband Testing
-
Definition
05 Apr 2022
content filtering
Content filtering is a process involving the use of software or hardware to screen and/or restrict access to objectionable email, webpages, executables and other suspicious items. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
- Andrew Zola
-
News
04 Apr 2022
How remote browser isolation can mitigate cyber threats
Remote browser isolation can help to mitigate browser-based attacks by separating a user’s browsing activity from the device Continue Reading
By- Aaron Tan, TechTarget
-
News
31 Mar 2022
Spring4Shell zero-day sprung on security teams
Some are describing a newly disclosed Spring Java framework vulnerability as the next Log4Shell, but what is Spring4Shell, and what can we do about it? Continue Reading
By- Alex Scroxton, Security Editor
-
News
30 Mar 2022
Australia to spend A$9.9bn on intelligence and cyber capabilities
The Morrison government is investing in a landmark package of measures to shore up the intelligence and cyber security capabilities of the Australian Signals Directorate Continue Reading
-
News
29 Mar 2022
Wave of Log4j-linked attacks targeting VMware Horizon
Sophos issues a new warning to organisations that have so far failed to patch their VMware Horizon servers against Log4Shell Continue Reading
By- Alex Scroxton, Security Editor
-
Blog Post
24 Mar 2022
The Importance of CASB And Its Limitations
It’s been over two years since I introduced the Gartner-defined SASE (“sassy”) to my CW readers – in that time the world has changed somewhat, but the requirement for an intensified, integrated ... Continue Reading
By- Steve Broadhead, Broadband Testing
-
News
17 Mar 2022
Kaspersky CEO: Ukraine war must end through diplomacy
Eugene Kaspersky speaks out on the war in Ukraine, and rebuffs Germany’s BSI, branding its warnings over his company’s trustworthiness as insulting Continue Reading
By- Alex Scroxton, Security Editor
-
News
16 Mar 2022
Kubernetes vulnerability underscores repeated security warnings
The disclosure of a new vulnerability in an important container runtime engine that underpins Kubernetes has drawn fresh warnings to pay attention to securing Kubernetes environments Continue Reading
By- Alex Scroxton, Security Editor
-
News
10 Mar 2022
Tech brands sign on to HackerOne responsible security drive
Tech companies sign HackerOne’s new corporate security responsibility pledge to bring cyber out of the shadows and promote effective, secure development practices Continue Reading
By- Alex Scroxton, Security Editor
-
News
10 Mar 2022
Government to force tech firms to stop fraudsters using their platforms for scams
Changes to legislation will make social media and search engine firms responsible for preventing fraudsters using their platforms to commit crimes Continue Reading
By- Karl Flinders, Chief reporter and senior editor EMEA
-
News
09 Mar 2022
China’s APT41 exploited Log4j within hours
APT41 compromised multiple government organisations via the Log4Shell exploit within hours of its initial disclosure, Mandiant claims Continue Reading
By- Alex Scroxton, Security Editor
-
News
09 Mar 2022
Microsoft serves up three zero-days on March Patch Tuesday
Three zero-days pop up in Microsoft’s March update, along with a number of other noteworthy concerns for defenders Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
04 Mar 2022
Universities need better protection from email-based cyber attacks
The need to educate university staff and students on avoiding email-based cyber attacks is more acute than ever, says Proofpoint’s Adenike Cosgrove Continue Reading
By- Adenike Cosgrove
-
Definition
03 Mar 2022
Open Web Application Security Project (OWASP)
The Open Web Application Security Project (OWASP) is a nonprofit foundation that provides guidance on how to develop, purchase and maintain trustworthy and secure software applications. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
News
03 Mar 2022
Use of encrypted Telegram platform soars in Ukraine, Russia
Encrypted messaging service Telegram is proving a valuable asset to both sides in Russia’s war on Ukraine Continue Reading
By- Alex Scroxton, Security Editor
-
Definition
02 Mar 2022
Hypertext Transfer Protocol Secure (HTTPS)
Hypertext Transfer Protocol Secure (HTTPS) is a protocol that secures communication and data transfer between a user's web browser and a website. Continue Reading
By -
News
02 Mar 2022
Cyber companies step up support for Ukraine
Security companies Bitdefender and Vectra AI are both to offer products and services in support of Ukraine Continue Reading
By- Alex Scroxton, Security Editor
-
News
01 Mar 2022
BBC blasted with millions of malicious emails
Responding to an FoI request, the BBC has revealed it receives more than 300,000 malicious email attacks every day Continue Reading
By- Alex Scroxton, Security Editor
-
News
28 Feb 2022
Ukraine cyber attacks seen spiking, but no destructive cyber war yet
While cyber attacks linked to Russia’s war on Ukraine are taking place, they are having little impact beyond the region Continue Reading
By- Alex Scroxton, Security Editor
-
News
28 Feb 2022
Cloudflare: Our network is our product
Cloudflare’s chief product officer explains why its network is its product and how it protects organisations against cyber threats Continue Reading
By- Aaron Tan, TechTarget
-
Opinion
24 Feb 2022
The UK’s cyber security sector is thriving, but our work has only just begun
The government’s Annual Cyber Sector Report painted a positive picture of the UK security industry. CIISec’s Amanda Finch thinks we can go further in developing cyber talent and opening up the sector Continue Reading
By- Amanda Finch, Institute of Information Security Professionals
-
News
24 Feb 2022
KnowBe4 cyber drama tackles Colonial Pipeline in fourth season
KnowBe4’s ongoing cyber security training drama, The Inside Man, reaches its fourth season with a plot drawing inspiration from one of the most impactful cyber attacks of 2021 Continue Reading
By- Alex Scroxton, Security Editor
-
News
23 Feb 2022
Salesforce pays out over £2m in bug bounties
Salesforce says it received more than 4,000 vulnerability reports in 2021 alone as it delivers a rare public update on its bug bounty programme Continue Reading
By- Alex Scroxton, Security Editor
-
News
23 Feb 2022
IBM opens cyber security hub in India
Big Blue’s new cyber security hub, comprising a cyber range, software development facilities and a security operations centre, will serve enterprises across the Asia-Pacific region Continue Reading
By- Aaron Tan, TechTarget
-
E-Zine
22 Feb 2022
Think nation-state cyber attacks won’t hit you? Think again…
In this week’s Computer Weekly, with Russian state cyber attacks in the news, we find out why security professionals in every organisation need to remain alert. Our buyer’s guide looks at the tools and programmes helping improve IT training. And we look at how the traditional sport of golf is undergoing a digital transformation. Read the issue now. Continue Reading
-
News
21 Feb 2022
Zoom gains NCSC Cyber Essentials Plus and NHS security badges
Video platform Zoom has added a number of UK-specific cyber certifications to help it demonstrate its platform is safeguarded against common threats Continue Reading
By- Alex Scroxton, Security Editor
-
News
16 Feb 2022
2021 another record year for UK cyber investment
Total revenue generated by the UK’s cyber sector was up 14% last year, and UK-registered security firms raised over £1bn in investment Continue Reading
By- Alex Scroxton, Security Editor
-
News
11 Feb 2022
Lack of knowledge disastrous for effective security strategy within Dutch companies
Most Dutch companies still haven’t realised that security is an integral part of their IT and company strategy Continue Reading
By- Kim Loohuis
-
News
09 Feb 2022
Microsoft stomps on 48 bugs in February Patch Tuesday update
It’s a light Patch Tuesday for February 2022, as Microsoft issues fixes for just 48 CVEs, including a solitary zero-day Continue Reading
By- Alex Scroxton, Security Editor
-
Podcast
09 Feb 2022
Log4Shell, Ukraine and umbrella firm cyber attacks – Computer Weekly Downtime Upload podcast
Alex Scroxton joins the team to discuss the Log4j vulnerability and Russian pressure on Ukraine. Also discussed are cyber attacks on umbrella companies, neuro-diversity and junk in space Continue Reading
By- Alex Scroxton, Security Editor
- Caroline Donnelly, Senior Editor, UK
- Clare McDonald, Business Editor
-
News
08 Feb 2022
DPD delivers swift fix for serious API flaw
API vulnerability potentially left PII on DPD Group’s customers dangerously exposed, but was rapidly fixed on disclosure Continue Reading
By- Alex Scroxton, Security Editor
-
News
08 Feb 2022
Microsoft to start blocking macros to thwart malware
Microsoft is making changes to web macro permissions across multiple Office apps to help improve user security Continue Reading
By- Alex Scroxton, Security Editor
-
News
08 Feb 2022
The Security Interviews: Building the UK’s future cyber ecosystem
As the government lays out the next iteration of its Cyber Security Strategy, we speak to Plexal and Lorca’s Saj Huq about his work building a cyber ecosystem to support the UK’s future ambitions Continue Reading
By- Alex Scroxton, Security Editor
-
News
04 Feb 2022
Check Point looks to plug ASEAN’s cyber security gap
Check Point is shoring up its sales force and partner ecosystem to address the cyber security needs of small and mid-sized businesses in a region that is highly targeted by threat actors Continue Reading
By- Aaron Tan, TechTarget
-
News
03 Feb 2022
Crisp supply shortage looms after KP Snacks hit by ransomware
Supplies of Hula Hoops and many other snack brands are under threat after a ransomware attack on the systems of KP Snacks Continue Reading
By- Alex Scroxton, Security Editor
-
News
02 Feb 2022
MPs call on government to ‘push harder’ and ‘act faster’ amid online fraud epidemic
MPs on the Treasury Committee want the government to act quickly to reduce the amount of money being stolen through online fraud Continue Reading
By- Karl Flinders, Chief reporter and senior editor EMEA
-
Feature
02 Feb 2022
What neurodivergent people really think of working in cyber security
Many firms are filling cyber security skills gaps by hiring neurodivergent talent – but more support is needed for neurodivergent cyber security professionals, writes autistic tech journalist Nicholas Fearn Continue Reading
-
News
01 Feb 2022
Check Point buys Spectral to safeguard cloud development
Check Point’s latest acquisition of Israel-based startup Spectral expands its developer-centric security toolset Continue Reading
By- Alex Scroxton, Security Editor
-
News
27 Jan 2022
Novel phishing campaign highlights need for MFA, says Microsoft
Microsoft details a new multi-stage phishing campaign that only affects victims without multifactor authentication in place Continue Reading
By- Alex Scroxton, Security Editor
-
News
27 Jan 2022
Nightmare Log4Shell scenario averted by prompt, professional action
Prompt and professional community response to the Log4Shell disclosure means the dangerous and widespread vulnerability has not been exploited to the extent many had feared Continue Reading
By- Alex Scroxton, Security Editor
-
News
20 Jan 2022
Updated cyber security regulations proposed for managed services sector
The Network and Information Systems regulations are to be updated to include MSPs and outsourcers, following a spate of supply chain attacks Continue Reading
By- Alex Scroxton, Security Editor
-
News
19 Jan 2022
Investigators find Beijing 2022 app riddled with security flaws
Security flaws in Olympic app may put personal health data at risk of compromise in a man-in-the-middle attack Continue Reading
By- Alex Scroxton, Security Editor
-
Blog Post
19 Jan 2022
2022: Time to take algorithm-enhanced online abuse seriously
The algorithms used by dominant social media companies have compounded the risks to unsupervised children in their bedrooms by automating the processes predators use to find and groom potential ... Continue Reading
By- Philip Virgo, Winsafe Ltd
-
News
17 Jan 2022
Top three questions about the Log4j vulnerability
Singapore’s Ensign Infosecurity answers the top three questions about the impact of the Log4j vulnerability Continue Reading
By- Aaron Tan, TechTarget
-
News
14 Jan 2022
Nato offers tech support after 'massive cyber attack' hits Ukraine
Speculation mounts that Russia is behind a cyber attack which defaced Ukrainian government websites amid growing international tension Continue Reading
By- Bill Goodwin, Computer Weekly
-
News
14 Jan 2022
Umbrella company Brookson self-refers to NCSC following cyber attack on its network
Contractor payroll, accounting and compliance firm confirms its networks have been targeted by an ‘extremely aggressive’ cyber attack that has resulted in some of its systems being proactively taken offline Continue Reading
By- Caroline Donnelly, Senior Editor, UK
-
News
12 Jan 2022
MEPs demand EU probe into Pegasus spyware abuse
A group of European Parliament Members has called for an EU-wide investigation into NSO Group’s Pegasus spyware after it emerged EU member states may have used it Continue Reading
By- Alex Scroxton, Security Editor
-
News
12 Jan 2022
Microsoft fixes six zero-days in January Patch Tuesday update
A larger than of late Patch Tuesday update from Microsoft comes as defenders continue to grapple with Log4Shell Continue Reading
By- Alex Scroxton, Security Editor
-
News
11 Jan 2022
Almost half of Log4j downloads still dangerously exposed
Whether by error or design is unclear, but a great many IT teams are still exposing themselves by downloading outdated, insecure versions of Apache Log4j Continue Reading
By- Alex Scroxton, Security Editor
-
News
11 Jan 2022
Banks accused of neglecting customer security measures
Which? singles out Metro Bank, Virgin Money and TSB over insecure online banking processes Continue Reading
By- Alex Scroxton, Security Editor
-
News
03 Jan 2022
How APAC firms can stay ahead of cyber threats
Organisations will need to develop behavioural detection, machine learning and threat hunting capabilities to keep pace with the onslaught of cyber attacks Continue Reading
By- Aaron Tan, TechTarget
-
News
23 Dec 2021
Top 10 cyber security stories of 2021
Cyber security dominated the headlines in 2021, making it hard to gain a clear picture of what to pay attention to. What is an IT buyer to do? Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
16 Dec 2021
Enabling secure remote working is once again a top priority
The pandemic has bought many new security risks, particularly around remote working. As the UK government once again urges people to work from home under its Plan B restrictions, these risks must be tackled as a priority Continue Reading
By- Warwick Ashford, Senior analyst
-
News
15 Dec 2021
After Log4j, December Patch Tuesday piles on the pressure
December’s Patch Tuesday update from Microsoft contains several critical CVEs, but this month all attention is focused on the fall-out from Log4Shell, and burn-out is becoming a real issue Continue Reading
By- Alex Scroxton, Security Editor
-
News
14 Dec 2021
Almost half of networks probed for Log4Shell weaknesses
Close to half of corporate networks have already been actively targeted by individuals seeking to exploit the critical Log4Shell Apache bug Continue Reading
By- Alex Scroxton, Security Editor
-
News
13 Dec 2021
What is Log4Shell, and why are we panicking about it?
It’s been described as a ‘design failure of catastrophic proportions’ that threatens the very fabric of the digital world. Find out what the Log4j2 Log4Shell panic is all about, and what you should do about it Continue Reading
By- Alex Scroxton, Security Editor
-
News
09 Dec 2021
UK and US to collaborate on privacy innovation contest
Joint UK-US innovation challenge contest centring on privacy-enhancing technology announced at Summit for Democracy in Washington DC Continue Reading
By- Alex Scroxton, Security Editor
-
News
08 Dec 2021
2021 another record-breaker for vulnerability disclosure
More than 50 CVEs were logged every day in 2021, more than at any time since records began, while ethical hackers continue to prove their value Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
07 Dec 2021
Security Think Tank: Attackers leveraging the supply chain
Security learning is a career-long process, so as 2021 draws to a close, participants in the Computer Weekly Security Think Tank sum up the most important cyber lessons they have taken away from the past 12 months Continue Reading
-
Opinion
01 Dec 2021
Security Think Tank: In the cloud, anti-human approaches set us up to fail
Security learning is a career-long process, so as 2021 draws to a close, participants in the Computer Weekly Security Think Tank sum up the most important cyber lessons they’ve taken away from the past 12 months Continue Reading
By- Mike Lloyd, RedSeal
-
News
26 Nov 2021
UK’s surveillance culture may be normalising use of tech for abuse
Intense surveillance of public spaces by UK authorities may be playing a part in the normalisation of cyber stalking in intimate relationships Continue Reading
By- Alex Scroxton, Security Editor
-
Definition
23 Nov 2021
cookie poisoning
Cookie poisoning is a type of cyber attack in which a bad actor hijacks, forges, alters or manipulates a cookie to gain unauthorized access to a user's account, open a new account in the user's name or steal the user's information for purposes such as identity theft. Continue Reading
By -
News
18 Nov 2021
Memento ransomware gang quick to retool for ‘optimum’ outcome
The operators of a new ransomware called Memento are quick to retool for ‘success’ if they run up against a competent defender, says Sophos Continue Reading
By- Alex Scroxton, Security Editor
-
News
17 Nov 2021
Security startups line up on Cyber Runway
Some 108 cyber security startups representing the UK’s most cutting-edge innovators are to join Plexal’s Cyber Runway accelerator Continue Reading
By- Alex Scroxton, Security Editor
-
News
17 Nov 2021
Zero-days: The next element of the service-based cyber economy?
Digital Shadows researchers have reported on the emergence of zero-days as a service, which could be the next big thing in the cyber criminal underworld Continue Reading
By- Alex Scroxton, Security Editor
-
News
10 Nov 2021
November Patch Tuesday drop fixes bugs in Excel, Exchange Server
Another relatively light Patch Tuesday drop from Microsoft addresses 55 vulnerabilities, two of them already being exploited Continue Reading
By- Alex Scroxton, Security Editor
-
News
08 Nov 2021
How cosmetics retailer Lush made over its approach to authentication
Evolving approaches to IT at cosmetics retailer Lush meant the organisation’s previous approach to authentication was no longer up to scratch. Find out how it overcame this hurdle Continue Reading
By- Alex Scroxton, Security Editor
-
News
04 Nov 2021
The Netherlands works on resilience with large-scale national cyber exercise
For the Netherlands, the biggest challenge in a large-scale cyber crisis is to maintain speed while exercising due care Continue Reading
By- Kim Loohuis
-
News
03 Nov 2021
Spyware firm NSO and others added to US banned Entity List
US government bans target Israeli spyware makers and cyber firms in Russia and Singapore Continue Reading
By- Alex Scroxton, Security Editor
-
News
21 Oct 2021
Airport operator MAG boosts threat visibility with hybrid SOC
With budget concerns weighing heavy during the pandemic, Manchester Airports Group ditched an impending capex-heavy cyber investment in favour of a hybrid managed/in-house approach. Learn more about its experience Continue Reading
By- Alex Scroxton, Security Editor
-
Definition
21 Oct 2021
script kiddie
Script kiddie is a derogative term that computer hackers coined to refer to immature, but often just as dangerous, exploiters of internet security weaknesses. Continue Reading
By- Ben Lutkevich, Site Editor
-
Opinion
18 Oct 2021
No easy fix for vulnerability exploitation, so be prepared
Vulnerability management and disclosure is a tricky business with ethical and business ramifications for software vendors, CISOs and ethical hackers alike – and CISOs sit right in the middle of this Continue Reading
By- Andrew Morris, Turnkey Consulting
-
Definition
15 Oct 2021
Uniform Resource Identifier (URI)
A Uniform Resource Identifier (URI) is a character sequence that identifies a logical (abstract) or physical resource -- usually, but not always, connected to the internet. A URI distinguishes one resource from another. Continue Reading
By- Rahul Awati
- Fred Churchville, TechTarget
-
Opinion
15 Oct 2021
Doing the right thing: How CISOs should approach responsible disclosure
Owen Wright, responsible for penetration testing and adversary simulation at Context, part of Accenture Security, advises how CISOs should approach responsible disclosure Continue Reading
By- Owen Wright, Accenture Security
-
Opinion
14 Oct 2021
Encryption protects the marginalised – and it’s under threat
Encryption keeps marginalised groups connected and safe, but new regulatory attempts to break it put them at risk Continue Reading
By- Callum Voge
-
News
13 Oct 2021
Google Cybersecurity Action Team springs into life
Google has announced a new Cybersecurity Action Team, with a mission to support security and digital transformation in governments, critical infrastructure, enterprises and small businesses Continue Reading
By- Alex Scroxton, Security Editor
-
News
13 Oct 2021
FCA warns over future hybrid working security risks
Earlier this week, the Financial Conduct Authority issued fresh guidance to regulated organisations on keeping hybrid workers safe and secure Continue Reading
By- Alex Scroxton, Security Editor
-
News
13 Oct 2021
Microsoft warns of MysterySnail on October Patch Tuesday
Microsoft has fixed a zero-day that is being actively exploited to deliver a new remote access trojan dubbed MysterySnail to targets Continue Reading
By- Alex Scroxton, Security Editor
-
News
08 Oct 2021
Craft beer specialist Brewdog fixes serious app vulnerability
Vulnerability in brewer’s mobile app could have resulted in serious consequences for its shareholders and customers Continue Reading
By- Alex Scroxton, Security Editor
-
News
07 Oct 2021
Twitch data breach investigations continue
Investigations are ongoing into a 125GB data breach that hit livestreaming platform Twitch, apparently the work of hacktivists Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
06 Oct 2021
Security Think Tank: Responsible vulnerability disclosure is a joint effort
By working hand-in-hand, developers and security researchers can both play a vital role in ensuring newly-discovered vulnerabilities are addressed appropriately, writes Paddy Francis of Airbus CyberSecurity Continue Reading
-
News
06 Oct 2021
Gaming service Twitch hacked, data leaked
Users of livestreaming platform Twitch may be at risk after a 125GB torrent of data was leaked Continue Reading
By- Alex Scroxton, Security Editor
-
News
06 Oct 2021
Apache web server users urged to patch immediately
New zero-day in Apache HTTP Server is already being actively exploited and must be addressed immediately Continue Reading
By- Alex Scroxton, Security Editor
-
News
06 Oct 2021
Auto-enrolment begins for Google multi-factor authentication
Google has started to turn on multi-factor authentication on consumer accounts by default, and aims to auto-enrol 150 million users by the end of 2021 Continue Reading
By- Alex Scroxton, Security Editor
-
News
06 Oct 2021
Israeli Orca to invest in UK cyber scene
Tel Aviv-headquartered Orca Security wants to set up a new R&D centre in the UK Continue Reading
By- Alex Scroxton, Security Editor
-
News
05 Oct 2021
New Python-based ransomware attacks unfold in record time
Sophos researchers detail a new variety of Python-based ransomware attack targeting VMware ESXi-hosted VMs Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
05 Oct 2021
ICO cookie consent: How will the plan affect businesses?
A data privacy and compliance expert considers what the ICO’s proposals for an overhaul of cookie consent procedures could mean for businesses Continue Reading
By- Peter Borner
-
News
01 Oct 2021
Amnesty International exploited in malware campaign
According to new intelligence from Cisco Talos, Amnesty International’s branding and profile is being used as part of a new malware campaign that exploits people’s fears of the notorious Pegasus spyware app Continue Reading
By- Alex Scroxton, Security Editor
-
News
23 Sep 2021
MoD in second leak of Afghan citizens’ data
A second breach of data relating to Afghan citizens at risk of Taliban reprisals has been reported by the Ministry of Defence Continue Reading
By- Alex Scroxton, Security Editor
-
News
23 Sep 2021
Threat actors target VMware vCenter Server users
Users of VMware vCenter Server are advised to patch a series of vulnerabilities post haste Continue Reading
By- Alex Scroxton, Security Editor
-
News
16 Sep 2021
Dutch education administrators underestimate threat of cyber crime
Research shows educational establishments in the Netherlands are becoming favoured targets of cyber criminals and administrators are underestimating the risks Continue Reading
By- Kim Loohuis
-
News
15 Sep 2021
Microsoft patches 66 vulnerabilities in September update
Another lighter-than-usual Patch Tuesday update includes important fixes for recently disclosed vulnerabilities, including a dangerous zero-day, and an update in the PrintNightmare saga Continue Reading
By- Alex Scroxton, Security Editor
-
News
15 Sep 2021
Australia and Singapore have higher incidences of insecure databases
Five-year longitudinal study by Imperva shows the proportion of databases with at least one known vulnerability in Australia and Singapore are among the world’s highest Continue Reading
By- Aaron Tan, TechTarget
-
News
14 Sep 2021
Mass health tracker data breach has UK impact
The leak of a database of 61 million users of health-tracking devices includes records on individuals located in the UK Continue Reading
By- Alex Scroxton, Security Editor
-
News
09 Sep 2021
Latest Microsoft zero-day being actively exploited
New Microsoft zero-day CVE-2021-40444 affects multiple versions of Windows and is probably being exploited through convincing phishing attacks Continue Reading
By- Alex Scroxton, Security Editor