Application security and coding requirements
-
News
13 Jun 2024
Black Basta ransomware crew may be exploiting Microsoft zero-day
A Microsoft vulnerability that was addressed without fanfare in March may in fact have been exploited as a zero-day by the notorious Black Basta ransomware gang, threat hunters warn Continue Reading
-
Feature
13 Jun 2024
Best practices to beat container misconfiguration
How can organisations ensure containerised environments are configured correctly and adequately defended, without getting lost in the complexity? Continue Reading
-
Opinion
10 Sep 2018
Security Think Tank: Balancing cost and risk in software vulnerability management
What is the most practical and cost-effective way for organisations to identify and remediate high-risk software vulnerabilities? Continue Reading
-
Opinion
07 Sep 2018
Security Think Tank: No shortcuts to addressing software vulnerabilities
What is the most practical and cost effective way for organisations to identify and remediate high-risk software vulnerabilities? Continue Reading
-
Opinion
06 Sep 2018
Security Think Tank: How to manage software vulnerabilities
What is the most practical and cost effective way for organisations to identify and remediate high-risk software vulnerabilities? Continue Reading
-
Opinion
05 Sep 2018
Security Think Tank: How to achieve software hygiene
What is the most practical and cost-effective way for organisations to identify and remediate high-risk software vulnerabilities? Continue Reading
-
Opinion
04 Sep 2018
Security Think Tank: Eight controls to manage software vulnerabilities
What is the most practical and cost effective way for organisations to identify and remediate high-risk software vulnerabilities? Continue Reading
-
Opinion
03 Sep 2018
Security Think Tank: Follow good practice to reduce risk of software vulnerabilities
What is the most practical and cost effective way for organisations to identify and remediate high-risk software vulnerabilities? Continue Reading
-
News
23 Aug 2018
Apache Struts users urged to update due to new security flaw
Another security flaw has been discovered in the Apache Struts, which was at the heart of the massive Equifax data breach in 2017 Continue Reading
-
Feature
16 Aug 2018
Inside DevOps, containers and enterprise security
Global corporates are waking up to containers and orchestrated containerisation for software development that is fast and safe. Computer Weekly looks at the best approach to ensure security is not compromised along the way Continue Reading
-
News
10 Aug 2018
Microsoft looks at a Windows VM to sandbox rogue code
A feature revealed in the Windows Insider programme may appear in a future Windows 10 update for enterprises Continue Reading
-
News
06 Aug 2018
Virus outbreak at iPhone chip plant could delay shipments
A computer virus at an iPhone chip manufacturing plant could delay shipments of Apple’s latest smartphones, but the impact will be limited, say analysts Continue Reading
-
News
01 Aug 2018
Bromium evolves virtualisation-based security
Virtualisation-based security firm Bromium has evolved its technology to offer bidirectional protection for applications and underlying operating systems Continue Reading
-
News
30 Jul 2018
Pentagon flags risky software suppliers
The Pentagon has drawn up a list of software suppliers that it wants the US military and defence contractors to avoid due to fears of risks to national security Continue Reading
-
Blog Post
26 Jul 2018
App users in developing APAC prefer convenience over security
By Kimberly Chua Mobile app users in developing Asia-Pacific (APAC) countries prefer convenience over security, signaling a potential rift between companies and users, a new F5 Networks study has ... Continue Reading
-
News
26 Jul 2018
Software development remains insecure
The prevalence of common and well-known web-based vulnerabilities underlines the need for better education around secure software development Continue Reading
-
News
25 Jul 2018
ERP applications are under cyber attack, research confirms
ERP applications are increasingly being targeted by cyber criminals, hacktivists and nation-state actors, a report reveals Continue Reading
-
News
25 Jul 2018
Apache OpenWhisk users urged to patch
IBM has patched vulnerabilities in its Cloud Functions service that is based on Apache OpenWhisk in response to vulnerability disclosures, and all other users are urged to do the same Continue Reading
-
News
25 Jul 2018
Application attacks demand new security approach
Applying security software updates is an ineffective way to deal with application layer cyber attacks and businesses should change their approach, security experts advise Continue Reading
-
News
24 Jul 2018
Google wants to ease hybrid cloud woes
Cloud supplier Google claims its Cloud Service Platform will alleviate complexities in managing microservices in a hybrid IT environment Continue Reading
-
News
24 Jul 2018
Most firms have software security vulnerability
Most firms have a software vulnerability that can be exploited by cyber attackers, a study has revealed Continue Reading
-
News
17 Jul 2018
A third of organisations do not have a security expert, survey shows
Around a third of organisations are vulnerable to cyber attacks due to a lack of dedicated in-house cyber security experts, finds Gartner survey Continue Reading
-
16 Jul 2018
Application and device security under the spotlight
The security of internet-connected devices and associated applications has become a significant concern, prompting suggestions legislation may be required, while the UK government’s recent Secure by Design review suggests several solutions, including legislative measures. Continue Reading
-
News
12 Jul 2018
Cyber attackers cashing in on ‘hidden’ attack surface
Cyber attackers are cashing in on organisations’ lack of visibility into all online interactions that can involve multiple third parties, a report reveals Continue Reading
-
News
11 Jul 2018
White-hat hackers find record number of vulnerabilities
White-hat hackers are finding more vulnerabilities than ever before, with crowdsourced security testing continuing to gain popularity, a report reveals Continue Reading
-
News
09 Jul 2018
Inside one of the world’s largest bug bounty programmes
Trend Micro’s Zero Day Initiative may be the top external supplier of software bug reporting for Microsoft and Adobe, but that does not mean it purchases every type of bug Continue Reading
-
News
27 Jun 2018
Brexit a greater risk to UK financial system than cyber attack
While Brexit is seen as the biggest risk to the stability of the UK financial system, cyber attack is the most difficult risk to manage for over half of firms Continue Reading
-
News
26 Jun 2018
High-Tech Bridge bets on machine learning capabilities
Machine learning has a great potential to drive the automation of some security tasks to free up information security professionals to do more strategic work, says High-Tech Bridge founder Continue Reading
-
News
19 Jun 2018
Singapore remains hotbed for cyber threats
Singapore was a victim of advanced persistent threats, phishing and website defacements in 2017, according to the latest threat landscape report by the Cyber Security Agency Continue Reading
-
News
11 Jun 2018
APAC remains a hotbed for software piracy
The Asia-Pacific region is still seeing the highest use of unlicensed software installations globally, making enterprises more susceptible to cyber attacks from malware Continue Reading
-
Feature
05 Jun 2018
Application security more important than ever
Applications have an increasingly crucial role in our lives, yet they are also a real security threat, with hackers always finding new ways to bypass security defences. Computer Weekly looks at how organisations are responding to the challenge Continue Reading
-
Feature
01 Jun 2018
Cyber resilience key to securing industrial control systems
Operators of industrial control systems can build greater cyber resilience by getting IT and operational technology teams to work more closely together and improving the visibility of their infrastructure, among other security measures Continue Reading
-
News
24 May 2018
Grab outlines its approach to cyber security
Singapore-based ride-hailing company prefers detective controls rather than preventive ones to deter cyber threats – an approach it claims is less intrusive and costly to implement Continue Reading
-
Feature
23 May 2018
Application and device security under the spotlight
The security of internet-connected devices and associated applications has become a significant concern, prompting suggestions legislation may be required, while the UK government’s recent Secure by Design review suggests several solutions, including legislative measures Continue Reading
-
News
09 May 2018
Nutanix builds hooks to SDN and cloud with Flow, Era and Beam
Hyper-converged pioneer builds in functionality from acquisitions with Flow software-defined networking, Beam cloud monitoring and Era database provisioning and data protection Continue Reading
-
News
08 May 2018
Majority of security professionals favour shorter disclosure deadline
Google’s Project Zero unit’s 90-day deadline for software suppliers to disclose vulnerabilities has always been controversial, but a survey reveals that most security professionals feel even that is too long Continue Reading
-
News
03 May 2018
City Police use Lego simulation to teach businesses cyber security
City of London Police are offering to train business leaders and IT security in cyber security using a Lego simulation that is surprisingly close to real life Continue Reading
-
News
18 Apr 2018
APAC is becoming a hotspot for DDoS attacks
The region’s largest and most-connected economies are most vulnerable to distributed denial-of-service attacks, according to CenturyLink Continue Reading
-
News
11 Apr 2018
Government to set up £13.5m cyber security centre
Located at the 2012 Olympic Park, the London Cyber Innovation Centre could create up to 2,000 jobs in cyber security Continue Reading
-
News
28 Mar 2018
Facebook announces more privacy control updates
Social media giant updates privacy settings and tools in response to the unfolding controversy over Cambridge Analytica’s use of Facebook data for political campaigns Continue Reading
-
News
26 Mar 2018
Dutch SMEs’ cyber security is insufficient
Nowhere in the Netherlands is digitisation as big as it is in small and medium-sized enterprises, but the sector still has a lot to do in terms of cyber security Continue Reading
-
News
20 Mar 2018
Firms need to move from DevOps to DevSecOps, says expert
In the face of competition, organisations are turning to DevOps to improve efficiency and accelerate innovation, but this is creating new security risks, an industry expert warns Continue Reading
-
News
19 Mar 2018
C-suite a cyber attack risk, say security chiefs
Those tasked with running organisations are the most likely group to expose them to a major cyber attack, a poll of UK information security executives shows Continue Reading
-
News
19 Mar 2018
Heartbleed and Shellshock thriving in Docker community
DevOps has revolutionised IT, but security best practices are being skimmed over, which means old vulnerabilities are finding a new lease of life in Docker Continue Reading
-
News
15 Mar 2018
DocuTrac medical software is a breach risk, warns Rapid7
Security researchers have issued a security warning about medical billing and documentation software they say puts patients at risk of data breach Continue Reading
-
News
09 Mar 2018
Security researchers demonstrate ransomware attack on robots
Researchers have carried out a ransomware attack on robots to show that such attacks are possible and should be guarded against Continue Reading
-
News
08 Mar 2018
Mac malware more than doubled in 2017
Malware targeting Apple Mac computers more than doubled from 2016 to 2017, according to security firm Malwarebytes Continue Reading
-
News
07 Mar 2018
Only half of ransomware payments honoured
Only half of ransomware victims who pay ransoms to cyber criminals recover their data, a report reveals, pointing to a need for more effective strategies to deal with these attacks Continue Reading
-
News
06 Mar 2018
Security remains an afterthought in DevOps
Enterprises in Asia are lapping up DevOps but less than one-third have baked security processes into their developments Continue Reading
-
News
05 Mar 2018
Spring Break flaw shows cross-industry collaboration
A flaw that was discovered in Pivotal’s Spring Framework in September 2017 has only come to light now that users have had a chance to update Continue Reading
-
News
22 Feb 2018
Developers urged to submit apps to NHS Apps Library
NHS Digital and NHS England have further opened up the newly updated NHS Apps Library, and are asking developers to submit their apps for assessment Continue Reading
-
News
22 Feb 2018
Google calls out Microsoft for failing to fix reported flaw
Google’s Project Zero has gone public with a Windows 10 flaw that Microsoft claimed to have fixed in its February security update Continue Reading
-
News
19 Feb 2018
Botnets shift focus to credential abuse
Cyber criminals are increasingly using automated attacks that make use of stolen credentials, a security threat report warns Continue Reading
-
News
16 Feb 2018
Tech industry signs cyber security charter
Nine technology organisations have signed a cyber security charter aimed at raising the level of cyber security internationally Continue Reading
-
News
14 Feb 2018
Blockchain to give global LGBT community a louder economic voice
Blockchain will underpin a global platform that aims to give the LGBT community a more powerful economic voice Continue Reading
-
News
14 Feb 2018
Telegram zero-day exploit is a warning
The discovery of an exploit of a zero-day vulnerability in the Telegram messaging app demonstrates that not all “secure” apps are automatically safe, security experts have warned Continue Reading
-
News
12 Feb 2018
Criminals hijack government sites to mine cryptocurrency used to hide wealth
Europol says criminals are hiding billions in cryptocurrencies, as thousands of government and other websites have reportedly been used to hijack computers to mine more Continue Reading
-
News
08 Feb 2018
Norway’s government backs cyber defence mobilisation
Norway has accelerated plans to scale up its national security infrastructure against threats emanating from the cyber domain Continue Reading
-
News
07 Feb 2018
Third party cyber breach risk set to rise
Third party cyber security risk should always have been a priority, but this has never been more important than it is now in light of new technology risks and data protection regulations Continue Reading
-
Tip
06 Feb 2018
How to manage application security risks and shortcomings
A lack of proper testing, communication and insight into best practices all contribute to application security shortcomings. Kevin Beaver explains how to manage the risks. Continue Reading
-
News
02 Feb 2018
GDPR: Don’t panic, but seize the chance to build trust, says ICO
With the compliance deadline for the EU’s GDPR just 112 days away, the UK’s information commissioner has urged organisations not to panic, but to seize the chance to build trust with customers Continue Reading
-
Opinion
01 Feb 2018
Security Think Tank: Automating basic security tasks
How can organisations evolve their security operations teams to do more automation of basic tasks and cope with dynamic IT environments? Continue Reading
-
News
31 Jan 2018
Many businesses still using outdated security, says Troy Hunt
Too many businesses are using out-of-date approaches to security, a world-renowned cyber security author and trainer warns Continue Reading
-
News
24 Jan 2018
AI is moving towards acceptance in cyber security, says Check Point
Artificial intelligence is well on its way to being a useful tool in the cyber security professional’s kit, but according to Check Point, there are still big challenges to overcome Continue Reading
-
News
24 Jan 2018
NHS organisations to get cyber security alerts service
As part of a deal between NHS Digital and Microsoft, NHS organisations will be able to get a threat detection service, alerting them to any cyber security issues Continue Reading
-
Feature
23 Jan 2018
Do website design platforms pose too big a security risk?
Cloud-based website design platforms are booming in popularity because of their simplicity and affordability, but business security should be considered carefully when using such services Continue Reading
-
News
23 Jan 2018
China’s Yitu eyes ASEAN market with facial recognition know-how
Facial recognition software specialist Yitu, which recently won a face identification accuracy contest in the US, has already nabbed regional clients such as Singapore’s Certis Cisco Continue Reading
-
Blog Post
15 Jan 2018
Spectre of IT vulnerability looms large
In some ways the Meltdown and Spectre flaws represent a risk that goes to the very heart of computing. This microprocessor flaw has resulted in major network, server, PC and mobile hardware firms ... Continue Reading
-
News
11 Jan 2018
Mobile app flaws are a risk to industrial IT systems, says report
Cyber security vulnerabilities in mobile applications could be exploited to compromise industrial network infrastructure, a report warns Continue Reading
-
News
10 Jan 2018
UAE tech growth prompts firms to review internal IT security
As IT becomes more prominent in the UAE economy, more and more internal connections between people and systems are created, all of which need to be secured Continue Reading
-
News
09 Jan 2018
Cyber attacks in 2017 drive Nordic security efforts
The volume of cyber attacks last year has increased boardroom focus on security in the Nordic region Continue Reading
-
News
08 Jan 2018
Sweden steps up cyber defence measures
Sweden is tightening up its cyber security defences as part of a wider national security strategy Continue Reading
-
News
03 Jan 2018
Top IT priorities for Nordic CIOs in 2018
Nordic CIOs tell Computer Weekly about their intentions for the year ahead Continue Reading
-
News
21 Dec 2017
Top 10 IT security stories of 2017
Here are Computer Weekly's top 10 IT security stories of 2017 Continue Reading
-
News
20 Dec 2017
UK government blames North Korea for WannaCry cyber attack
The UK and US governments say a North Korean group was responsible for the ransomware attacks that hit the NHS and other organisations globally this year Continue Reading
-
News
04 Dec 2017
Barclays Bank stops offering Kaspersky software to new users
Bank is no longer offering customers Kaspersky anti-virus software after UK security agency issues warning Continue Reading
-
Video
28 Nov 2017
Lauri Love: how reformed hackers halted the WannaCry virus
Lauri Love presents a compelling story of the WannaCry malware that nearly brought down the NHS, and the behind the scenes work of former hackers, and security researchers that helped to prevent lives being lost. Love is facing extradition to the US after allegedly taking part in a hacking protest over the death of internet pioneer Aaron Swartz, who faced jail for using a hidden computer to downloading academic journals at MIT. Continue Reading
-
Feature
27 Nov 2017
UK sale of surveillance equipment to Macedonia raises questions over export licence policy
The UK approved an export licence for the sale of surveillance equipment to Macedonia – while the country was engaged in an illegal surveillance programme against its citizens. A senior minister was consulted on the decision Continue Reading
-
News
15 Nov 2017
How the biggest cyber security disasters could have been avoided
The headline-grabbing breaches that hit Accenture and Equifax in 2017 could have been averted had basic cyber hygiene been in place Continue Reading
-
News
17 Oct 2017
RSA’s Middle East cyber security conference gains its own identity
RSA Abu Dhabi conference focuses on region’s cyber security needs as digital technology deployments expand Continue Reading
-
E-Zine
19 Sep 2017
Can DevOps deliver on its productivity promises?
DevOps and agile working are often cited as key elements of successful digital transformation – in this week’s Computer Weekly, we examine the challenges to delivering on that promise. Many retailers are investing in emerging technologies to gain an edge – but are they getting too far ahead of the curve? And we hear how a new spirit of collaboration could help UK broadband roll-out. Read the issue now. Continue Reading
-
News
05 Sep 2017
People with non-IT backgrounds could help fill cyber security skills gap
Organisations should look to fill cyber security roles with people who are curious and have work experience rather than focusing solely on graduates Continue Reading
-
News
28 Aug 2017
VMware making bigger push into cloud, cyber security
The virtualisation bigwig is making it easier for VMware customers to adopt public cloud services, starting with a partnership with Amazon Web Services Continue Reading
-
News
17 Aug 2017
Developers lack skills needed for secure DevOps, survey shows
The growing demand for developers with security skills is outpacing supply, but a survey reveals that a lack of formal security education and training by employers is contributing to the growing skills gap Continue Reading
-
News
07 Aug 2017
Gaming apps ‘main source’ of mobile phishing attacks, research shows
Analysis of 100,000 corporate devices shows more than a quarter of traffic going to phishing domains was from gaming apps Continue Reading
-
E-Zine
19 Jul 2017
CW ANZ: Cyber security plan bears fruit
Australia’s Cyber Security Strategy, aimed at protecting citizens, companies and critical infrastructure, has made significant headway over the past year, but the jury is still out on its long-term impact. In this month’s CW ANZ, we take a look at the progress of Australia’s national cyber security blueprint and what else needs to be done to better protect Australia’s interests in the global cyber security landscape. Also, read about what the Australian government is doing to better guard public sector IT systems against cyber attacks. Continue Reading
-
E-Zine
19 Jul 2017
CW ASEAN: Stay alert to threats
With cyber threats intensifying in recent years, from the global outbreak of ransomware to intrusions of university networks to access government data, the role of threat intelligence in anticipating and mitigating threats has become more important than ever. In this month’s CW ASEAN, learn how organizations can make the most out of threat data feeds in an intelligence-driven security strategy. Also, find out how companies can navigate the ominous cyber threat landscape by investing in cyber security technology and processes. Continue Reading
-
E-Zine
18 Jul 2017
Airbus helps secure critical infrastructure
In this week's ezine, Computer Weekly explores how to secure industrial control systems, which have often lagged behind the leading edge of IT security and pose serious risks to critical national infrastructure. Airbus believes that despite the vulnerabilities of individual components, industrial control systems as a whole are quite resilient. We also speak to the head of technology at Centrica about how the utility company is becoming a specialist provider of data lake integration tools, and we explore the 802.11ac Wave 2 standard. Continue Reading
-
News
30 Jun 2017
Danish shipping giant Maersk recovering from major Petya cyber attack
Company confirms attack took down its IT system across multiple sites and business units, but has now been contained Continue Reading
-
Feature
19 Jun 2017
The Macedonian surveillance scandal that brought down a government
Macedonia has been accused of using surveillance technology for covert spying - the subsequent political protests were instrumental in the ruling party losing power after 10 years Continue Reading
-
E-Zine
25 May 2017
CW Nordics: The trouble with connected things
In this issue, Finnish cyber security expert Mikko Hyppönen talks about security in the Nordics, Russia and the trouble with connected devices. Also read how Icelandic airline Wow Air averted disaster through the use of application performance monitoring software when it embarked on a major expansion. And find out how, since December 2015, anyone playing popular sandbox game Minecraft has been able to build their worlds on the actual map of Sweden. Continue Reading
-
News
23 May 2017
Economic and political uncertainty drives organisations to rethink IT strategies
CIO job satisfaction reaches a three-year high as organisations hire more IT staff and invest in innovative digital technology Continue Reading
-
News
11 Apr 2017
Security as a service on the rise in the UAE
Organisations in the United Arab Emirates are increasingly turning to security services Continue Reading
-
News
06 Apr 2017
Interview: F-Secure’s Mikko Hyppönen on the Nordics, Russia and the internet of insecure things
Computer Weekly sat down with Finnish cyber security expert Mikko Hyppönen to talk about security in the Nordics, Russia and the trouble with connected devices Continue Reading
-
News
31 Mar 2017
How IT can be more defensible
A renowned Google engineer calls for the IT industry to build devices capable of being defended and for enterprises to take a balance sheet approach in managing risks Continue Reading
-
News
28 Mar 2017
Threats grow in Saudi Arabia’s cyber sector
Saudi Arabia's wealth makes it an attractive target for cyber criminals, but what have been the recent trends in cyber crime? Continue Reading
-
E-Zine
28 Mar 2017
Making the UK fit for 5G
In this week’s Computer Weekly, we look at the government’s new 5G strategy and assess whether it’s enough to stimulate development of next generation mobile networks. We meet some of the Silicon Valley startups hoping to revolutionise big data analytics. And we examine how to prevent the move to DevOps from harming work-life balance for IT professionals. Read the issue now. Continue Reading
-
E-Zine
16 Mar 2017
CW ASEAN: Raising national security standards
In this month’s CW ASEAN, we describe how Singapore is improving its cyber security defenses and preparations through a partnership with British security company BAE Systems. We also find out why the Thai military plans to recruit civilian cyber warriors and we take a look at evolving security approaches. Read the issue now. Continue Reading
-
News
27 Feb 2017
Citizen Love: the story of an ordinary family's fight with the US government
Finnish documentary makers Raimo Uunila and Lauri Danska tell the behind-the-scenes story of activist Lauri Love’s battle with the US government – and the impact of the case on his family Continue Reading
-
Feature
09 Jan 2017
Secure IoT before it kills us
Experts say more must be done to mitigate the potentially catastrophic threats presented by connected devices Continue Reading
-
News
21 Dec 2016
Top 10 IT security stories of 2016
Here are Computer Weekly’s top 10 IT security stories of 2016: Continue Reading
-
News
05 Dec 2016
Top 10 ANZ enterprise IT stories of 2016
Here is a rundown of Computer Weekly’s most popular ANZ enterprise IT articles for 2016 Continue Reading