IT security
-
Feature
05 Jul 2024
How do cybercriminals steal credit card information?
Cybercriminals have various methods at their disposal to hack and exploit credit card information. Learn what they are, how to prevent them and what to do when hacked. Continue Reading
-
Opinion
04 Jul 2024
Safeguarding democracy from cyber threat peril
There has been an increase in disturbing activity emerging on the dark web involving the sale of public sector assets, including election data Continue Reading
-
News
05 Apr 2023
Scottish police tech piloted despite major data protection issues
Scottish policing bodies are pressing ahead with a data sharing pilot despite data protection issues around the use of US cloud providers, placing sensitive personal data of tens of thousands of people at risk Continue Reading
-
News
04 Apr 2023
TikTok fined in UK over unlawful use of children’s data
The ICO has fined TikTok £12.7m for breaches of data protection law, including unlawfully collecting data on children under 13 Continue Reading
-
News
04 Apr 2023
National Cyber Force carrying out daily hacking operations to disrupt hostile threats
Government discloses details about the National Cyber Force’s disruption activities against terrorists, organised criminals and nation states – and names first NCF chief as James Babbage Continue Reading
-
News
04 Apr 2023
Threat researchers dissect anatomy of a Royal ransomware attack
Trellix researchers share the inside track on a Royal ransomware attack that hit one of its customers in late 2022 Continue Reading
-
News
04 Apr 2023
Over 90% of organisations find threat hunting a challenge
Understaffed security teams and high levels of background noise are making basic security operations tasks a chore for defenders, according to a report Continue Reading
-
E-Zine
04 Apr 2023
Revitalising UK digital government
In this week’s Computer Weekly, as the UK plummets down the international rankings for digital government, can its £400m identity system revitalise the UK’s digital strategy? We examine the container management platforms from the big six storage suppliers. And we look at the challenges of achieving IT sustainability while continuing to drive digital innovation. Read the issue now. Continue Reading
-
News
03 Apr 2023
Australia’s media and telecoms sector saw most data breaches in 2022
The media and telecoms industry accounted for the bulk of stolen credentials in Australia in 2022, underscoring the need to shore up the country’s cyber security posture Continue Reading
-
News
03 Apr 2023
Three-day Capita outage was result of cyber attack
Public sector outsourcer Capita has confirmed a major outage which began on 31 March was the result of a cyber attack affecting its Office 365 apps Continue Reading
-
News
03 Apr 2023
CIO interview: Carter Busse, CIO, Workato
Workato CIO Carter Busse talks up the company’s approach towards automation and its efforts to drive the technology across its business Continue Reading
-
News
31 Mar 2023
Mounting Russian disinformation campaign targeting Arab world
Researchers have found evidence of a broad Russian disinformation campaign targeting Arabic-speakers in the Middle East and North Africa Continue Reading
-
News
31 Mar 2023
Ukrainians bust cyber criminals who stole over £3m across Europe
Ukrainian police have arrested members of a cyber crime gang who stole and embezzled millions of pounds from victims across Europe Continue Reading
-
Tip
30 Mar 2023
Use backup encryption to protect data from would-be thieves
Encryption is a powerful tool to keep sensitive data out of the wrong hands. To ensure recoverability after a disruption, data backup encryption is vital. Continue Reading
-
News
30 Mar 2023
OSC&R supply chain security framework goes live on Github
The OSC&R framework for understanding and evaluating threats to supply chain security has made its debut on Github to allow anybody to contribute to the framework Continue Reading
-
News
30 Mar 2023
NCSC issues revised security Board Toolkit for business leaders
National Cyber Security Centre calls on CEOs and senior business leaders to take a more hands-on approach to cyber resilience with the launch of revised board-level tools Continue Reading
-
News
30 Mar 2023
NHS Highland rapped over data breach affecting HIV patients
NHS Highland inadvertently exposed the personal data of individuals likely to be accessing HIV services in a lapse of email hygiene Continue Reading
-
News
30 Mar 2023
Reactive approach to cyber procurement risks damaging businesses
Too many organisations are following a reactive approach to cyber security, which WithSecure believes is stifling security teams ability to demonstrate value and align with business outcomes Continue Reading
-
Opinion
30 Mar 2023
Preventing artificial deception in the age of AI
The proposals contained in Westminster’s AI whitepaper are a good start, but more creative thinking and investment will be required to achieve a truly pro-innovation regulatory environment Continue Reading
-
News
30 Mar 2023
3CX unified comms users hit by supply chain attacks
Ongoing supply chain attacks against customers of UC firm 3CX appear to be linked to North Korean threat actors Continue Reading
-
Podcast
29 Mar 2023
Podcast: Cloud storage, data protection and compliance
The lure of cloud storage hides its drawback, namely that you can lose control of it from a compliance perspective. We talk to Mathieu Gorge, CEO of Vigitrust, about how to tame it Continue Reading
-
News
29 Mar 2023
UK government publishes AI whitepaper
Artificial intelligence whitepaper outlines UK government’s proposals to regulate the technology, which are based around creating an agile, “pro-innovation” framework Continue Reading
-
News
29 Mar 2023
New North Korean APT launders crypto to fund spying programmes
Mandiant has attributed an ongoing campaign of malicious activity to a newly designated APT that is engaged in the acquisition and laundering of cryptocurrency to fund the regime’s espionage activities Continue Reading
-
News
29 Mar 2023
How organisations can weaponise data privacy
Organisations should turn data privacy into a competitive advantage and look beyond regulatory compliance to build a privacy programme that aligns with business targets, says Gartner Continue Reading
-
News
29 Mar 2023
Generative AI presents opportunities and challenges to UK schools
Generative AI and LLMs hold great potential for use in the classroom, but the privacy and security implications of its use must be carefully considered, says the Department for Education Continue Reading
-
News
28 Mar 2023
Microsoft expands AI Copilot project into security realm
New Microsoft service, Security Copilot, will supposedly expand the reach, speed and effectiveness of cyber teams Continue Reading
-
News
28 Mar 2023
Apple security updates fix 33 iPhone vulnerabilities
A larger-than-usual update to Apple’s mobile operating system fixes more than 30 distinct vulnerabilities, including two serious issues that may potentially affect device kernels Continue Reading
-
News
28 Mar 2023
Inside Group-IB’s cyber security playbook
A focus on threat intelligence, fraud protection and its work with Interpol has enabled Group-IB to compete against bigger rivals in the market Continue Reading
-
News
28 Mar 2023
Europol warns cops to prep for malicious AI abuse
In a report looking at how large language models can be used by criminals, Europol’s Innovation Lab calls on law enforcement agencies to prepare themselves for wide-ranging impacts on their work Continue Reading
-
News
28 Mar 2023
Ethical hackers urged to respond to Computer Misuse Act reform proposals
The deadline for submissions to the government’s consultation on reform of the Computer Misuse Act is fast approaching, and ethical hackers and security experts need to make their voices heard, says Bugcrowd Continue Reading
-
28 Mar 2023
Taking back control of AI training data
AI tools such as ChatGPT are trained on datasets scraped from the web, but you don’t have much say if your data is used. Technologist Bruce Schneier explains why it’s time to give control of AI training data back to the people. Continue Reading
-
28 Mar 2023
UK TikTok ban gives us all cause to consider social media security
The UK government’s ban on TikTok should give organisations cause to look into what information social media platforms are collecting on us, and what they are using it for. Continue Reading
-
E-Zine
28 Mar 2023
Is TikTok really a security threat to your business?
In this week’s Computer Weekly, with the UK government becoming the latest administration to ban TikTok, we ask whether the controversial social media app is really a security threat to enterprises. Technology guru Bruce Schneier tells us about the need to take back control of AI and the personal data it relies on. And we look at how firms are trying – and failing – to make AI work for online content moderation. Read the issue now. Continue Reading
-
News
28 Mar 2023
Ransomware attacks up 45% in February, LockBit responsible
NCC Group says it observed a surge in ransomware attacks in February, with LockBit, BlackCat and BianLian all highly active Continue Reading
-
Definition
28 Mar 2023
Sarbanes-Oxley Act
The Sarbanes-Oxley Act of 2002 is a federal law that established sweeping auditing and financial regulations for public companies. Continue Reading
-
Definition
27 Mar 2023
triage in IT
Triage is a term referring to the assignment of priority levels to tasks or individuals to determine the most effective order in which to deal with them. Continue Reading
-
News
27 Mar 2023
France latest to ban TikTok on government devices
Following bans in the UK and US, France has moved to enact restrictions on TikTok, and other social media apps, on government devices Continue Reading
-
News
27 Mar 2023
JP Morgan pilots palm and face-recognition technology in US
JP Morgan is testing out its biometric payment technology in selected retailer stores and at the upcoming Formula 1 Grand Prix in Miami Continue Reading
-
Tip
24 Mar 2023
Use zero-trust data management to better protect backups
Backup admins looking to protect data from bad actors can implement a zero-trust strategy for added protection. However, the method is not without its downsides. Continue Reading
-
Blog Post
24 Mar 2023
Acquiring the skills necessary to implement the UK Cybersecurity Strategy
The skills plan for meeting the needs of the world greatest Financial Services and Fin Tech Hub outside North America is therefore at heart of the work of the advisory group. Continue Reading
-
Definition
24 Mar 2023
vishing (voice or VoIP phishing)
Vishing (voice or VoIP phishing) is a type of cyber attack that uses voice and telephony technologies to trick targeted individuals into revealing sensitive data to unauthorized entities. Continue Reading
-
News
24 Mar 2023
National Crime Agency sting operation infiltrates cyber crime market
The UK National Crime Agency has tricked thousands of potential cyber criminals into registering with a fake website pretending to offer tools for creating DDoS attacks Continue Reading
-
News
24 Mar 2023
Aryaka expands SD-WAN, SASE offer to SMEs
Having deployed its services to large enterprises and Fortune 100 companies for over a decade, software-defined networking technology focuses on small to medium-sized enterprises for secure access and wide area networks Continue Reading
-
Definition
23 Mar 2023
forensic image
A forensic image (forensic copy) is a bit-by-bit, sector-by-sector direct copy of a physical storage device, including all files, folders and unallocated, free and slack space. Continue Reading
-
Blog Post
23 Mar 2023
Trust: easy to lose, hard to recover
Here are just a few of the topics that my fellow Freeformers and I have enjoyed researching and writing about in recent years: network security, SD-WAN, digital identity, smart wallets, digital ... Continue Reading
-
News
22 Mar 2023
Why Veeam thinks ransomware warranty payouts are unlikely
Veeam Data Platform v12 offers a financial guarantee to customers that can’t restore after ransomware attacks, but the backup supplier is convinced it won’t be making many payouts Continue Reading
-
News
22 Mar 2023
Government launches seven-year NHS cyber strategy
The new Cyber Security Strategy for Health and Adult Social Care lays out a plan for promoting cyber resilience in the sector by 2030 to protect services and patients alike Continue Reading
-
News
21 Mar 2023
Nordics move towards common cyber defence strategy
Nordic countries agree to work together to improve their cyber defences amid increasing threat Continue Reading
-
News
21 Mar 2023
How Mimecast thinks differently about email security
Mimecast CEO Peter Bauer believes the company’s comprehensive approach towards email security has enabled it to remain relevant to customers for two decades Continue Reading
-
News
21 Mar 2023
Hitachi Energy emerges as victim of Clop gang’s Fortra attack
The power and energy division of Japanese conglomerate Hitachi has disclosed that it has fallen victim to a Clop cyber attack, but insists customer data is safe Continue Reading
-
News
21 Mar 2023
GDS signs £24m worth of contracts for One Login
As the Government Digital Service (GDS) prepares for the official end of Gov.uk Verify, it signs three new contracts for its successor programme, One Login Continue Reading
-
News
21 Mar 2023
Ferrari rejects ransom demand after cyber attack
Italian carmaker Ferrari says it will refuse to pay a ransom after an unspecified threat actor broke into its IT systems and stole customer data Continue Reading
-
News
21 Mar 2023
Ransomware gangs harass victims to ‘bypass’ backups
Analysis reveals how cyber criminal gangs are turning to extensive, targeted harassment campaigns to force victims to pay up, even if their backups are in good order Continue Reading
-
News
20 Mar 2023
NCSC launches cyber check-up tools for SMEs
The NCSC has launched two new security services aimed at SMEs that lack the resources to address cyber issues, and may underestimate their vulnerability to attack Continue Reading
-
Blog Post
20 Mar 2023
Preventing Crime not meeting Political Targets - A review of the MPS Turnaround Plan
Respond by the end of March if you live or work in London and believe that the primary objective of policing is the prevention of time not the meeting of targets as proxies for delivering political ... Continue Reading
-
News
20 Mar 2023
NatWest announces ID service for its customers
The identities of NatWest customers engaging with businesses online can be confirmed by the bank's ID service in seconds Continue Reading
-
Definition
20 Mar 2023
packet filtering
Packet filtering is the process of passing or blocking data packets at a network interface by a firewall based on source and destination addresses, ports or protocols. Continue Reading
-
News
20 Mar 2023
BBC cracks down on TikTok after review
The BBC is asking staff not to install TikTok on corporate-owned devices without a justified business purpose, although its use will still be allowed to share media content with its audiences Continue Reading
-
Blog Post
20 Mar 2023
Half A Rack In Half A Day: Building A Private Cloud
Having entered my 39th (gulp!) year in IT, it’s fair to say I’ve had to endure more than my fair share of IT hype and BS. Many are the times at live events I’ve done a tally chart on the number of ... Continue Reading
-
News
17 Mar 2023
UK TikTok ban gives us all cause to consider social media security
The UK government’s ban on TikTok should give all organisations cause to look into what information social media platforms are collecting on us, and what they are using it for Continue Reading
-
News
17 Mar 2023
UK government to create code of practice for generative AI firms
The code will look to strike a balance between copyright holders and generative AI firms so that both parties can benefit from the use of copyrighted material in training data Continue Reading
-
News
16 Mar 2023
BEC attacks doubled in 2022, outstripping ransomware
Massive growth in the volume of Business Email Compromise or BEC attacks was linked to a surge in successful phishing campaigns, according to data from Secureworks Continue Reading
-
News
16 Mar 2023
TikTok banned on UK government devices
The UK government has followed in the footsteps of its US and European counterparts and banned the use of Chinese social media app TikTok on official devices Continue Reading
-
News
16 Mar 2023
Rubrik customer, partner data exposed in possible Clop attack
Rubrik was supposedly compromised by the Clop ransomware gang via a zero-day vulnerability in a managed file transfer software package it uses Continue Reading
-
News
16 Mar 2023
Mandiant: Dangerous MS Outlook zero-day widely used against Ukraine
A zero-day vulnerability in Microsoft Outlook that was fixed in the March Patch Tuesday update has likely been actively exploited by Russian actors for a year or more, and its use will now spread rapidly Continue Reading
- 16 Mar 2023
-
16 Mar 2023
How Zscaler is cracking APAC’s cloud security market
Zscaler’s head in Asia-Pacific and Japan, Scott Robertson, talks up the company’s growth momentum in the region and what it is doing to address areas where it can do better Continue Reading
-
16 Mar 2023
APAC buyer’s guide to SASE
Aaron Tan looks at the benefits of secure access service edge services, key considerations and the market landscape Continue Reading
-
News
15 Mar 2023
Chinese Silkloader cyber attack tool falls into Russian hands
A loader tool used by Chinese cyber criminals seems to have been enthusiastically taken up in recent weeks by Russian ransomware operators Continue Reading
-
Definition
15 Mar 2023
antivirus software (antivirus program)
Antivirus software (antivirus program) is a security program designed to prevent, detect, search and remove viruses and other types of malware from computers, networks and other devices. Continue Reading
-
News
15 Mar 2023
Microsoft patches Outlook zero-day for March Patch Tuesday
A highly dangerous privilege escalation bug in Outlook is among 80 different vulnerabilities patched in Microsoft’s March Patch Tuesday update Continue Reading
-
News
14 Mar 2023
NatWest introduces limits on crypto trading to prevent fraud
UK bank says its retail customers will benefit from daily and monthly limits on the amount they can pay into cryptocurrency exchanges Continue Reading
-
News
14 Mar 2023
NCSC warns over AI language models but rejects cyber alarmism
The UK's NCSC has issued advice for those using the technology underpinning AI tools such as ChatGPT, but says some of the security doomsday scenarios being proposed right now are not necessarily realistic Continue Reading
-
Definition
14 Mar 2023
information security (infosec)
Information security (infosec) is a set of policies, procedures and principles for safeguarding digital data and other kinds of information. Continue Reading
-
News
14 Mar 2023
AI interview: Elke Schwarz, professor of political theory
Elke Schwarz speaks with Computer Weekly about the ethics of military artificial intelligence and the dangers of allowing governments and corporations to push forward without oversight or scrutiny Continue Reading
-
14 Mar 2023
Securing low Earth orbit represents the new space race
The barriers to launching satellites into low Earth orbit are falling fast, and that brings new cyber security challenges. Continue Reading
-
News
13 Mar 2023
MI5 to oversee new National Protective Security Authority
The new National Protective Security Authority will address various national security threats including state-sponsored cyber espionage against UK targets Continue Reading
-
News
13 Mar 2023
HSBC buys Silicon Valley Bank UK arm for £1 following collapse
UK tech ecosystem welcomes government intervention to facilitate HSBC purchase after the collapse of SVB left many UK startups unable to access their deposits Continue Reading
-
News
10 Mar 2023
Technology minister Michelle Donelan defends data reforms
Secretary of state Michelle Donelan has defended the government’s new data reforms as providing certainty for businesses while simultaneously retaining high standards of data protection, but industry figures are having mixed reactions Continue Reading
-
Definition
09 Mar 2023
cyberwarfare
The generally accepted definition of cyberwarfare is a series of cyber attacks against a nation-state, causing it significant harm. Continue Reading
-
Definition
08 Mar 2023
hackathon
A hackathon, also known as a codefest, is a social coding event that brings computer programmers and other interested people together to improve upon or build a new software program. Continue Reading
-
Definition
08 Mar 2023
FACTA (Fair and Accurate Credit Transactions Act)
FACTA (Fair and Accurate Credit Transactions Act) is an amendment to FCRA (Fair Credit Reporting Act ) that was added, primarily, to protect consumers from identity theft... (Continued) Continue Reading
-
News
08 Mar 2023
UK government introduces revised data reform bill to Parliament
Designed in close collaboration with technology businesses, the UK government is re-introducing an updated version of its Data Protection and Digital Information Bill to Parliament, which civil society groups say upends key safeguards Continue Reading
-
News
08 Mar 2023
How ForgeRock is tackling identity management
ForgeRock CEO Fran Rosch has set the identity and access management software supplier on a path to deliver a frictionless identity experience without compromising security or privacy Continue Reading
-
News
07 Mar 2023
Nine in 10 enterprises fell victim to successful phishing in 2022
Egress annual email security risk report breaks down impacts of email-based phishing attacks and data loss, and the effect these can have on organisations in terms of staff retention and morale Continue Reading
-
News
07 Mar 2023
Dutch hospitals underestimate impact of cyber attack
IT failures in acute care organisations in the Netherlands have increased considerably since 2010, affecting patient care and stressing the need to improve IT security in hospitals Continue Reading
-
Feature
07 Mar 2023
What can security teams learn from a year of cyber warfare?
With the passing of the first anniversary of Russia’s invasion of Ukraine, we reflect on the ongoing cyber war, and ask what security leaders can learn from the past 12 months Continue Reading
-
News
07 Mar 2023
Taking back control: Could a distributed model breed a better AI?
AI tools such as ChatGPT are trained on datasets scraped from the web, but you don’t have much say if your data is used. Technologist Bruce Schneier says it’s time to give control of AI training data back to the people Continue Reading
-
News
07 Mar 2023
APAC IT leaders bullish on tech spending
Over half of respondents in this year’s IT Priorities study have bigger IT budgets as they continue to make strategic investments in cyber security, cloud and automation, among other areas Continue Reading
-
Podcast
06 Mar 2023
Podcast: 2023 compliance and storage outlook
Geopolitical instability casts its shadow as organisations must think about cyber attacks, data location and what to do if things change quickly. We talk to Mathieu Gorge, CEO of Vigitrust Continue Reading
-
News
03 Mar 2023
White House unveils National Cybersecurity Strategy
The strategy will focus on ensuring closer collaboration on cyber security between government and industry, while giving software and other tech companies a bigger role in combatting threats due to their resources and expertise Continue Reading
-
Blog Post
03 Mar 2023
UK and US Strategies for Public Private co-operation on Cyber
Given support from a critical mass of those employers who are serious about addressing their own skills needs, plus those of their supply chain and customer base, we should be able to use the LSIP ... Continue Reading
-
Feature
02 Mar 2023
Flipper Zero explained: What to know about the viral hacker tool
The hacking tool blew up on TikTok. Unlike other TikTok trends, it is a powerful tool that can be used by serious pen testers and a learning device for new hackers. Continue Reading
-
News
02 Mar 2023
AI interview: Michael Osborne, professor of machine learning
Artificial intelligence researcher speaks with Computer Weekly about the implications of a market-driven AI arms race and the overwhelming dominance of the private sector over the technology Continue Reading
-
News
02 Mar 2023
Uber introduces dynamic pricing algorithm in London
The dynamic pricing algorithm will allow Uber to set variable pay and pricing levels, but drivers are concerned about how their personal data will be used and the impact the algorithm will have on their livelihoods Continue Reading
-
News
02 Mar 2023
WH Smith staff data accessed in cyber attack
The retailer has said that customer data has not been affected by the incident as it is held in different systems, and that investigations into the attack are ongoing Continue Reading
-
News
02 Mar 2023
Salt Labs identifies OAuth security flaw within Booking.com
Security flaw in Booking.com OAuth implementation could be used to launch account takeovers, but researchers discovered and flagged the issue before it could be exploited in the wild Continue Reading
-
News
01 Mar 2023
Data breaches in Australia on the rise, says OAIC
Cyber security incidents were the cause of most data breaches, which rose by 26% in the second half of 2022, according to the Office of the Australian Information Commissioner Continue Reading
-
Opinion
28 Feb 2023
Security Think Tank: Training can no longer be a compliance exercise
Historically, security training has tended to take a compliance-based focus, a ‘tick-box’ exercise using generic, off-the-shelf courses. This needs to change, says Hayley Watson of Turnkey Consulting. Continue Reading
-
News
28 Feb 2023
LastPass attack saw employee’s home computer hacked
The ongoing investigation into a series of linked security incidents at LastPass has found that the attacker was successfully able to compromise a developer’s home PC using a vulnerability in a media software package Continue Reading
-
News
27 Feb 2023
Advanced digital resiliency can save organisations millions
Businesses that build out their digital resiliency are not only more secure, they also have more opportunities to innovate with IT Continue Reading
-
News
27 Feb 2023
Scotland launches data strategy for health and social care
The five-year strategy aims to make it easier for people to access their own health and social care data, improve data flows between organisations, and transform the way data is used to enhance services Continue Reading