IT security
-
Opinion
27 Feb 2025
Maksim Kabakou - Fotolia
Secure software: Third-party suppliers your first-party risk
Outgoing CISA chief Jen Easterly called on buyers to demand better security standards from their software suppliers. The Security Think Tank considers what better means, and what best practice for secure software procurement looks like in 2025 Continue Reading
-
News
27 Feb 2025
Dmitry Nikolaev - stock.adobe.co
CVE volumes head towards 50,000 in 2025, analysts claim
Many trends, notably a big shift to open source tools, are behind an expected boom in the number of disclosed vulnerabilities Continue Reading
By- Alex Scroxton, Security Editor
-
News
07 Nov 2023
ktsdesign - stock.adobe.com
AI Safety Summit review
Computer Weekly takes stock of the UK government’s AI Safety Summit and the differing perspectives around its success Continue Reading
By- Sebastian Klovig Skelton, Data & ethics editor
-
E-Zine
07 Nov 2023
How ExxonMobil is leading with data
In this week’s Computer Weekly, we talk to the leader of ExxonMobil’s data organisation, about the energy giant’s strategy to establish enterprise-wide principles for the use of data. As the UK’s Online Safety Act comes into force, we examine the tech sector’s concerns over the laws around end-to-end encryption. And we look at the software tools available to HR teams to help improve staff retention. Read the issue now. Continue Reading
-
Opinion
06 Nov 2023
Maksim Kabakou - Fotolia
IR plans: The difference between disaster and recovery
What goes into a good incident response plan, and what steps should security professionals take to ensure they are appropriately prepared for the almost inevitable attack, and secure buy-in from organisational leadership? Continue Reading
By- Becky Gelder, Turnkey Consulting
-
News
06 Nov 2023
stokkete - stock.adobe.com
Shadow IT use at Okta behind series of damaging breaches
Okta now believes the initial access vector in a series of damaging breaches was one of its own employees who used a corporate device to sign into their personal Google account Continue Reading
By- Alex Scroxton, Security Editor
-
News
06 Nov 2023
alphaspirit - stock.adobe.com
How Trellix’s CISO keeps threat actors at bay
Trellix’s chief information security officer, Harold Rivas, outlines how the company mitigates security threats through containment and by helping security analysts to respond faster to cyber incidents Continue Reading
By- Aaron Tan, TechTarget
-
06 Nov 2023
Tech firms flag risk to end-to-end encryption as Online Safety Bill gets royal assent
Technology organisations remain concerned that the newly implemented Online Safety Act could undermine end-to-end encryption, despite government reassurances that it will ensure online safety. Continue Reading
-
Feature
03 Nov 2023
aleksandar nakovski - stock.adob
SolarWinds hack explained: Everything you need to know
Hackers targeted SolarWinds by deploying malicious code into its Orion IT monitoring and management software used by thousands of enterprises and government agencies worldwide. Continue Reading
By- Saheed Oladimeji, Sean Michael Kerner
-
Opinion
03 Nov 2023
Maksim Kabakou - Fotolia
Incident response planning requires constant testing
What goes into a good incident response plan, and what steps should security professionals take to ensure they are appropriately prepared for the almost inevitable attack, and secure buy-in from organisational leadership? Continue Reading
By- Jack Chapman
-
News
02 Nov 2023
Montri - stock.adobe.com
Admins told to take action over F5 Big-IP platform flaws
Two vulnerabilities in the widely used F5 Networks Big-IP platform are now being exploited in the wild Continue Reading
By- Alex Scroxton, Security Editor
-
News
02 Nov 2023
JKstock - stock.adobe.com
UK workers exhibit poor security behaviours, report reveals
Report by KnowBe4 has found that four in five UK workers do not make security-conscious choices, whether in-office, remote or hybrid working Continue Reading
By- Scarlet Charles
-
Opinion
02 Nov 2023
Maksim Kabakou - Fotolia
Use existing structures to build your incident response plan
What goes into a good incident response plan, and what steps should security professionals take to ensure they are appropriately prepared for the almost inevitable attack, and secure buy-in from organisational leadership? Continue Reading
By- Sam Lascelles
-
News
02 Nov 2023
William - stock.adobe.com
How the UK crime agency repurposed Amazon cloud platform to analyse EncroChat cryptophone data
UK crime agency repurposed AWS-based analytics platform to triage EncroChat data and identify threats to life in messages sent on encrypted phone network Continue Reading
By- Bill Goodwin, Computer Weekly
- Sebastian Klovig Skelton, Data & ethics editor
-
News
02 Nov 2023
EU digital ID reforms should be ‘actively resisted’, say experts
Over 300 cyber security experts have called for the EU to rethink its proposals for eIDAS digital identity reforms, saying some of the provisions risk damaging user privacy and security Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
01 Nov 2023
Maksim Kabakou - Fotolia
Incident response planning is vulnerable to legacy thinking
What goes into a good incident response plan, and what steps should security professionals take to ensure they are appropriately prepared for the almost inevitable attack, and secure buy-in from organisational leadership? Continue Reading
-
News
01 Nov 2023
Zerophoto - Fotolia
Lloyds bank kicks off Hyderabad operation
Lloyds Banking Group has opened its latest tech operation in Hyderabad, with plans to recruit around 600 IT experts Continue Reading
By- Karl Flinders, Chief reporter and senior editor EMEA
-
News
01 Nov 2023
Prostock-studio - stock.adobe.co
Darktrace CEO Poppy Gustafsson on her AI Safety Summit goals
As the AI Safety Summit at Bletchley Park takes place, Computer Weekly caught up with Darktrace CEO Poppy Gustafsson to find out what one of the UK’s most prominent AI advocates wants from proceedings Continue Reading
By- Alex Scroxton, Security Editor
-
News
31 Oct 2023
Sergey Nivens - stock.adobe.com
British Library falls victim to cyber attack
The British Library is experiencing a major IT outage following a cyber incident of an undisclosed nature Continue Reading
By- Alex Scroxton, Security Editor
-
News
31 Oct 2023
Laurent - stock.adobe.com
Biden’s AI plans focus on US workers’ protection
The US president has issued an Executive Order that sets out his administration’s strategy for AI safety and security Continue Reading
By- Cliff Saran, Managing Editor
-
News
31 Oct 2023
emiliau - Fotolia
SEC sues SolarWinds, alleging serious security failures
SolarWinds and its CISO have been charged with fraud and internal control failures by the US authorities amid allegations of a series of cyber security failings leading up to the 2020 Sunburst attacks Continue Reading
By- Alex Scroxton, Security Editor
-
Definition
30 Oct 2023
ISO 27002 (International Organization for Standardization 27002)
The ISO 27002 standard is a collection of information security management guidelines that are intended to help an organization implement, maintain and improve its information security management. Continue Reading
By- Paul Kirvan
- Ben Cole, Executive Editor
-
Opinion
30 Oct 2023
The implications of biased AI models on the financial services industry
The Bank of England has warned of the risk artificial intelligence models present in creating bias that could pose a threat to the UK’s financial services sector. How do those risks emerge and how they might be mitigated? Continue Reading
By- Jamie Rowlands
-
Definition
30 Oct 2023
supercookie
A supercookie is a type of tracking cookie inserted into an HTTP header to collect data about a user's internet browsing history and habits. Continue Reading
By- Rahul Awati
- Madelyn Bacon, TechTarget
-
News
30 Oct 2023
Sergii Figurnyi - stock.adobe.co
Frontier AI Taskforce starts recruitment drive
The second progress report from the Frontier AI Taskforce reveals new hires plus vacancy posts for software and research engineers Continue Reading
By- Cliff Saran, Managing Editor
-
News
30 Oct 2023
Rawpixel - Fotolia
FDM Group partners with ISACA to boost cyber training programme
The FDM Group has announced a partnership with ISACA to help develop and boost their cyber training programmes and credentials Continue Reading
By- Scarlet Charles
-
Opinion
30 Oct 2023
tashatuvango - Fotolia
Reported major cyberattacks are falling – but watch out for the massive threats posed by gen AI
The number of reported major cyberattacks is falling. Are we just getting used to them? Continue Reading
By- Jim Tiller
-
Feature
30 Oct 2023
Alexey Achepovsky - stock.adobe.
Greek data watchdog to rule on AI systems in refugee camps
A forthcoming decision on the compliance of surveillance and security systems in Greek refugee camps could set a precedent for how AI and biometric systems are deployed for ‘migration management’ in Europe Continue Reading
-
Definition
27 Oct 2023
compliance officer
Compliance officers are employees tasked with ensuring a company follows its internal rules and best-practice policies while always complying with applicable external laws and government regulations. Continue Reading
-
News
27 Oct 2023
Pawel Pajor - stock.adobe.com
Tech firms cite risk to end-to-end encryption as Online Safety Bill gets royal assent
Tech firms continue to be concerned that the Online Safety Bill could undermine end-to-end encryption despite government reassurances Continue Reading
By- Bill Goodwin, Computer Weekly
-
News
27 Oct 2023
weerapat1003 - Fotolia
Domestic abuse charities surface fresh worries over NHS data sharing
With new NHS data access options coming into effect at the end of October, a group of campaigners including womens' charities and the BMA have warned that the revived GP-patient data sharing scheme risks putting vulnerable people at risk Continue Reading
By- Alex Scroxton, Security Editor
-
News
27 Oct 2023
Tryfonov - stock.adobe.com
Microsoft warns over growing threat from Octo Tempest gang
The English-speaking Octo Tempest extortion gang – which became an ALPHV/BlackCat affiliate recently – presents one of the most significant and rapidly growing threats to large organisations at this time, says Microsoft Continue Reading
By- Alex Scroxton, Security Editor
-
News
27 Oct 2023
How Elastic manages cyber security threats
Mandy Andress, CISO at Elastic, highlights the company’s approach to tackling evolving cyber threats through the use of AI tools and enhanced security measures while strengthening the capabilities of its security offerings Continue Reading
By- Aaron Tan, TechTarget
-
News
27 Oct 2023
Jürgen Fälchle - stock.adobe.c
Google launches bug bounties for generative AI attack scenarios
Google expands its bug bounty programme to encompass generative AI and takes steps to grow its commitment to supply chain security as it relates to the emerging technology Continue Reading
By- Alex Scroxton, Security Editor
-
News
27 Oct 2023
nmann77 - stock.adobe.com
Germany: European Court opinion kicks questions over EncroChat back to national courts
Germany lawfully obtained data on German EncroChat users from France, but whether the evidence is legally admissible is a matter for national courts Continue Reading
By- Bill Goodwin, Computer Weekly
-
News
26 Oct 2023
fabioberti.it - stock.adobe.com
ChatGPT, Bard, lack effective defences against fraudsters, Which? warns
Consumer advocacy Which? warns that popular generative AI tools are vulnerable to loopholes that render existing protections against malicious usage easily bypassed Continue Reading
By- Alex Scroxton, Security Editor
-
News
26 Oct 2023
Getty Images
Sunak sets scene for upcoming AI Safety Summit
Prime minister Rishi Sunak has outlined how the UK will approach making AI safe, but experts say there is still too big a focus on catastrophic but speculative risks over real harms the technology is already causing Continue Reading
By- Sebastian Klovig Skelton, Data & ethics editor
-
News
26 Oct 2023
Boardrooms losing control in generative AI takeover, says Kaspersky
C-suite executives are increasingly fretful about what they perceive as a ‘silent infiltration’ of generative AI tools across their organisations Continue Reading
By- Alex Scroxton, Security Editor
-
News
26 Oct 2023
Gina Sanders - stock.adobe.com
Exploitation of Citrix NetScaler vulns reaching dangerous levels
Observed activity exploiting two new Citrix NetScaler vulnerabilities disclosed earlier this month is ramping up, and users may be running out of time to patch lest they be attacked Continue Reading
By- Alex Scroxton, Security Editor
-
News
25 Oct 2023
puhhha - stock.adobe.com
UK Finance paints mixed picture of fraud as losses top £500m
UK losses to fraud in the first six months of the year topped £500m, but a slight decline in overall crime rates was observed, according to UK Finance’s latest data Continue Reading
By- Alex Scroxton, Security Editor
-
News
25 Oct 2023
Andrey Armyagov - stock.adobe.co
Demystifying the top five OT security myths
Goh Eng Choon, president of ST Engineering’s cyber business, outlines the common myths around OT security in a bid to raise awareness of the security challenges confronting OT systems Continue Reading
By- Aaron Tan, TechTarget
-
News
25 Oct 2023
Dilok - stock.adobe.com
1Password caught up in Okta support breach
After breaches at BeyondTrust and Cloudflare, 1Password, a third customer of Okta operating in the same space, has revealed that it too was impacted in a breach of the IAM house’s support systems Continue Reading
By- Alex Scroxton, Security Editor
-
Definition
25 Oct 2023
integrated risk management (IRM)
Integrated risk management (IRM) is a set of proactive, businesswide practices that contribute to an organization's security, risk tolerance profile and strategic decisions. Continue Reading
By- Nick Barney, Technology Writer
- Wesley Chai
-
News
24 Oct 2023
hilalabdullah - stock.adobe.com
Cisco hackers likely taking steps to avoid identification
Cisco confirms that a drop in detections of devices compromised by two zero-days was likely the result of reactive measures taken by the threat actors to avoid discovery Continue Reading
By- Alex Scroxton, Security Editor
-
News
24 Oct 2023
alswart - stock.adobe.com
Research team tricks AI chatbots into writing usable malicious code
Researchers at the University of Sheffield have demonstrated that so-called Text-to-SQL systems can be tricked into writing malicious code for use in cyber attacks Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
24 Oct 2023
weyo - Fotolia
The new data landscape: how will the new UK-US data bridge affect businesses?
With the UK-US data bridge coming into effect on 12 October 2023, find out what steps your organisation can take to take advantage of, and remain compliant with, the new framework Continue Reading
By- Charlie Bromley-Griffiths
-
News
24 Oct 2023
SFIO CRACHO - stock.adobe.com
Kaspersky opens up over spyware campaign targeting its staffers
Kaspersky has shared more details of the TriangleDB spyware that was used against its own workforce by an unknown APT group Continue Reading
By- Alex Scroxton, Security Editor
-
News
24 Oct 2023
beeboys - stock.adobe.com
Customers speak out over Okta’s response to latest breach
Customers of identity specialist Okta have been attacked via a compromise of its systems, and are claiming Okta’s response leaves something to be desired Continue Reading
By- Alex Scroxton, Security Editor
-
News
24 Oct 2023
sewcream - stock.adobe.com
Suzy Lamplugh Trust treads path to improved cyber resilience
Personal safety charity enlists the support of the London Cyber Resilience Centre to improve staff awareness and strengthen its overall cyber resilience Continue Reading
By- Alex Scroxton, Security Editor
-
News
24 Oct 2023
Getty Images/iStockphoto
NetApp ‘unified storage’ adds new ASA block storage at Insight
Las Vegas event sees NetApp continue its evolution to hybrid cloud and data management player announce ASA C-series and Keystone and Kubernetes storage enhancements Continue Reading
By- Antony Adshead, Storage Editor
-
News
23 Oct 2023
MR - stock.adobe.com
Cisco pushes update to stop exploitation of two IOS XE zero-days
Cisco releases updates to thwart exploitation of two flaws affecting users of its IOS XE software Continue Reading
By- Alex Scroxton, Security Editor
-
News
23 Oct 2023
Sapsiwai - Fotolia
How Ensign is leading the charge in cyber security
Lee Fook Sun, chairman of Ensign InfoSecurity, traces the company’s journey and how it is leading the charge in cyber security by doing things differently, investing in R&D and engaging with the wider ecosystem Continue Reading
By- Aaron Tan, TechTarget
-
Blog Post
22 Oct 2023
Secure printing: The foundation of multi-layered security
Implementing secure print solutions is an easy way to ensure neither network data nor printed documents fall into the wrong hands. RFID readers and mobile authentication technology solutions help ... Continue Reading
By- Louella Fernandes, Quocirca
-
Definition
20 Oct 2023
soft token
A soft token is a software-based security token that generates a single-use login personal identification number (PIN). Continue Reading
By -
News
20 Oct 2023
Thapana - stock.adobe.com
Computer Weekly contributor named Godfather of UK Security
Advent IM founder Mike Gillespie was among those honoured at the eighth annual Security Serious Unsung Heroes Awards Continue Reading
By- Alex Scroxton, Security Editor
-
News
20 Oct 2023
somartin - Fotolia
Five Eyes chiefs warn of Chinese spying campaign to steal high-tech secrets
Intelligence chiefs warn high-tech companies and universities they may be the target of attempts by the Chinese Communist Party to steal technology secrets Continue Reading
By- Bill Goodwin, Computer Weekly
-
Feature
20 Oct 2023
Five key questions about disaster recovery as a service
Disaster recovery as a service builds recovery data and systems into the cloud, accessible from anywhere. We look at the difference vs cloud backup, DRaaS use cases, the cost, and the firms that provide it Continue Reading
-
20 Oct 2023
How to tame the identity sprawl
Organisations should find a comprehensive way to gain full visibility into their digital identities and leverage automation to tame the identity sprawl. Continue Reading
-
20 Oct 2023
CyberArk eyes growth beyond PAM
Aaron Tan examines CyberArk’s exponential growth in the broader identity security market. Continue Reading
-
E-Zine
20 Oct 2023
CW APAC: Buyer’s guide to IAM
Identity access management tools are proving pivotal in the race to outwit cyber criminals. In this handbook, focused on IAM in the Asia-Pacific region, Computer Weekly takes a closer look at their capabilities, CyberArk’s growth, the uses of automation and how ForgeRock enhances user experience. Continue Reading
-
20 Oct 2023
APAC guide to identity and access management
The rise of identity-based attacks is fuelling investments in identity and access management tools. Continue Reading
-
News
20 Oct 2023
Afiq Sam - stock.adobe.com
RagnarLocker cyber gang that pioneered double extortion busted
Europol and the FBI have taken down the RagnarLocker ransomware crew, a long-standing gang that helped pioneer some now common tactics, taking its dark web negotiation and data leak sites offline Continue Reading
By- Alex Scroxton, Security Editor
-
News
19 Oct 2023
Nuclear regulator raps EDF over cyber compliance
The Office for Nuclear Regulation says EDF has come up short on needed measures to improve cyber security standards at several critical UK nuclear facilities Continue Reading
By- Alex Scroxton, Security Editor
-
News
19 Oct 2023
Skórzewiak - stock.adobe.com
Fears grow over extent of Cisco IOS XE zero-day
Researchers have identified spiking numbers of victims of a recently disclosed Cisco zero-day, as users of the networking supplier’s IOS XE software are urged to take defensive measures Continue Reading
By- Alex Scroxton, Security Editor
-
News
19 Oct 2023
Sellafield Ltd
Sellafield local authority unsure if data was stolen six years on from North Korea ransomware attack
Senior managers at an ‘Achilles heel’ local authority for Europe’s biggest nuclear site ‘still don’t know what was lost’ in a 2017 cyber attack, according to a council source Continue Reading
By -
Definition
19 Oct 2023
Structured Threat Information eXpression (STIX)
Structured Threat Information eXpression (STIX) is a standardized Extensible Markup Language (XML) programming language for conveying data about cybersecurity threats in a way that can be easily understood by both humans and security technologies. Continue Reading
By- Rahul Awati
- Madelyn Bacon, TechTarget
-
News
19 Oct 2023
methaphum - stock.adobe.com
Loughborough Uni to create five cyber AI research posts
Supported by Darktrace, Loughborough University is to recruit five doctoral researchers focusing on cross-disciplinary research in AI and cyber security Continue Reading
By- Alex Scroxton, Security Editor
-
Opinion
19 Oct 2023
oatawa - stock.adobe.com
DORA: Moving into a new era of digital resilience
The EU’s Digital Operational Resilience Act will come into force in just over a year, the majority of risk management professionals are only at the beginning of their planning journey. Kate Needham-Bennett of Fusion Risk Management explains how to get things moving Continue Reading
By- Kate Needham-Bennett
-
Definition
18 Oct 2023
antispoofing
Antispoofing is a technique for identifying and dropping packets that have a false source address. Continue Reading
By- Paul Kirvan
- Sharon Shea, Executive Editor
-
Definition
18 Oct 2023
Google Authenticator
Google Authenticator is a mobile security application that provides a second type of confirmation for websites and online services that use two-factor authentication (2FA) to verify a user's identity before granting him or her access to secure resources. Continue Reading
-
News
18 Oct 2023
Getty Images/iStockphoto
What are the cyber risks from the latest Middle Eastern conflict?
The outbreak of war between Hamas and Israel in October 2023 has seen a wide variety of accompanying cyber attacks from hacktivists and other groups. We look at the risks to organisations Continue Reading
By- Alex Scroxton, Security Editor
-
News
18 Oct 2023
Andrii Yalanskyi - stock.adobe.c
Networking and security teams converging
Study finds more than 80% of IT leaders are consolidating security and networking teams or have a management directive to improve collaboration, with 75% believing using one platform for both purposes would provide benefits across the board Continue Reading
By- Joe O’Halloran, Computer Weekly
-
News
17 Oct 2023
Montri - stock.adobe.com
Five Eyes issues five tips on thwarting nation state threats
Intelligence chiefs from the UK, Australia, Canada, New Zealand and the US have published guidance on building resilience against nation state cyber threats Continue Reading
By- Alex Scroxton, Security Editor
-
Definition
17 Oct 2023
Secure Sockets Layer certificate (SSL certificate)
A Secure Sockets Layer certificate (SSL certificate) is a small data file installed on a web server that allows for a secure, encrypted connection between the server and a web browser. Continue Reading
By -
Definition
17 Oct 2023
speculative risk
Speculative risk is a type of risk the risk-taker takes on voluntarily and will result in some degree of profit or loss. Continue Reading
By- Rahul Awati
- Ben Cole, Executive Editor
-
Feature
17 Oct 2023
Getty Images/iStockphoto
10 cybersecurity experts to follow on social media
Cybersecurity experts provide valuable insights into the security landscape. Follow this curated list of recognized authorities to stay informed and safeguard your digital assets. Continue Reading
By- Kinza Yasar, Technical Writer
-
News
17 Oct 2023
Artur Marciniec - Fotolia
Hacktivist attacks against Israeli websites mirror attacks following Russian invasion of Ukraine
Hacktivists supporting Gaza and Palestine have launched hundreds of website defacement attacks against Israeli websites, mirroring the pattern of attacks that occurred after Russia’s invasion of Ukraine Continue Reading
By- Bill Goodwin, Computer Weekly
-
News
17 Oct 2023
freshidea - stock.adobe.com
Alert sounded over dangerous Cisco IOS XE zero-day
Cisco warns customers using its IOS XE software of a newly discovered vulnerability that could enable a threat actor to take over their systems Continue Reading
By- Alex Scroxton, Security Editor
-
News
17 Oct 2023
Getty Images
What it takes to succeed in DevSecOps
Providing engineering leadership and balancing between speed and security are some areas that organisations will need to focus on in their DevSecOps journey Continue Reading
By- Aaron Tan, TechTarget
-
Definition
16 Oct 2023
SEO poisoning (search poisoning)
SEO poisoning, also known as 'search poisoning,' is a type of malicious advertising (malvertising) in which cybercriminals create malicious websites and then use search engine optimization (SEO) techniques to cause the sites' links to show up prominently in search results, often as ads at the top of the results. Continue Reading
-
News
13 Oct 2023
beebright - stock.adobe.com
US SEC launches probe into mass MOVEit breach
Progress Software is facing an investigation from the SEC for the breach of its MOVEit tool, as well as dozens of legal battles resulting from the exfiltration of personal data from the roughly 2,000 organisations affected Continue Reading
By- Sebastian Klovig Skelton, Data & ethics editor
-
News
12 Oct 2023
rost9 - stock.adobe.com
Scottish biometrics watchdog outlines police cloud concerns
Police Scotland’s response to the biometrics commissioner’s formal information notice ‘did not ameliorate’ his concerns about the sovereignty and security of the sensitive biometric information being uploaded to cloud infrastructure that is subject to intrusive US surveillance laws Continue Reading
By- Sebastian Klovig Skelton, Data & ethics editor
-
News
11 Oct 2023
Why only 1% of the Snowden Archive will ever be published
Speaking to Computer Weekly after we published new revelations from the Snowden archive, the Guardian’s Pulitzer Prize winner, Ewen MacAskill, explains why more of the Snowden trove is unlikely to see the light of day Continue Reading
By- Stefania Maurizi
-
Feature
11 Oct 2023
Alex - stock.adobe.com
Preparing IT security for the age of quantum computing
We look at what progress is being made to ensure digital communications remain secure as quantum computers make an entrance Continue Reading
By- Cliff Saran, Managing Editor
-
Definition
10 Oct 2023
password entropy
Password entropy is a measurement of a password's strength based on how difficult it would be to crack the password through guessing or a brute-force attack. Continue Reading
-
News
10 Oct 2023
Skórzewiak - stock.adobe.com
MGM faces £100m loss from cyber attack on its casinos
MGM Resorts has provided further details on the fallout of the hack targeting its casinos in early September, confirming that a range of personal information has been stolen and that it will likely cost the firm around $100m Continue Reading
By- Sebastian Klovig Skelton, Data & ethics editor
-
Quiz
10 Oct 2023
kras99 - stock.adobe.com
Security awareness training quiz: Questions and answers
From ransomware to passphrases, find out how much you know about preventing cybersecurity incidents in this security awareness training quiz. Continue Reading
By- Sharon Shea, Executive Editor
- Katie Donegan, Social Media Manager
-
Definition
06 Oct 2023
risk-based authentication (RBA)
Risk-based authentication (RBA) is an authentication method in which varying levels of stringency are applied to a system’s authentication process based on the likelihood that access to that system could result in its compromise. Continue Reading
By -
News
05 Oct 2023
Skórzewiak - stock.adobe.com
Microsoft: Nation-state cyber espionage on rise in 2023
Microsoft’s latest Digital Defence Report outlines how nation-state cyber activity has largely moved from destructive attacks to espionage and intelligence gathering Continue Reading
By- Sebastian Klovig Skelton, Data & ethics editor
-
News
05 Oct 2023
DragonImages - Fotolia
Red Cross issues rules of engagement for hackers in conflicts
The digital rules of engagement are the first time cyber activity has been looked at by the conflict watchdog, but a number of hacker groups have already come out and said they will not be following them Continue Reading
By- Sebastian Klovig Skelton, Data & ethics editor
-
Blog Post
05 Oct 2023
Can steel fences halt the march of cyber?
Cyber: for some, it’s a prefix that conjures up images of Dr Who’s silvery cyborg opponents. For others, it’s the equally science-fiction but very different image of Neuromancer-style cyberpunk ... Continue Reading
By- Bryan Betts, Freeform Dynamics
-
News
05 Oct 2023
shaunwilkinson - Fotolia
Policing minister wants to use UK passport data in facial recognition
The policing minister’s plans to integrate the UK’s passport database with police facial-recognition systems have been met with criticism from campaigners, academics, and the biometrics commissioner for England and Wales Continue Reading
By- Sebastian Klovig Skelton, Data & ethics editor
-
News
05 Oct 2023
Negro Elkha - stock.adobe.com
Ransomware dwell times now measured in hours, says Secureworks
Ransomware payloads are now being deployed and executed within 24 hours in more than 50% of cases, according to Secureworks’ annual report Continue Reading
By- Alex Scroxton, Security Editor
-
News
04 Oct 2023
William - stock.adobe.com
Lloyds Bank launches digital identity app
Lloyds Bank has launched a digital identity app with tech startup Yoti, after it invested £10m in the firm Continue Reading
By- Karl Flinders, Chief reporter and senior editor EMEA
-
Feature
04 Oct 2023
Getty Images/iStockphoto
Ransomware: All the ways you can protect storage and backup
We survey the key methods of ransomware protection, including immutable snapshots, anomaly detection, air-gapping, anomaly detection, and supplier monetary guarantees Continue Reading
-
News
04 Oct 2023
Andrey Popov - stock.adobe.com
ICO issues guidance on workplace surveillance
Guidance on employee monitoring covers how employers can conduct their digital surveillance lawfully, transparently and fairly, and warns against businesses intruding on their workers’ private lives Continue Reading
By- Sebastian Klovig Skelton, Data & ethics editor
-
Definition
03 Oct 2023
Whistleblower Protection Act
The Whistleblower Protection Act of 1989 is a law that protects federal government employees in the United States from retaliatory action for voluntarily disclosing information about dishonest or illegal activities occurring in a government organization. Continue Reading
By- Mary K. Pratt
- Ben Cole, Executive Editor
-
News
03 Oct 2023
Sikov - stock.adobe.com
Cyber experts urge EU to rethink vulnerability disclosure plans
The European Union’s proposed cyber security vulnerability disclosure measures are well-intentioned but ultimately counterproductive, as making unmitigated vulnerabilities public knowledge increases the risk of their exploitation by various actors, experts claim Continue Reading
By- Sebastian Klovig Skelton, Data & ethics editor
-
News
03 Oct 2023
Rawpixel.com - stock.adobe.com
IT decision-makers confident they can handle tech disruptions
The majority of IT decision-makers polled in a recent survey have admitted their organisations has been adversely affected by IT failures Continue Reading
By- Cliff Saran, Managing Editor
-
News
03 Oct 2023
RSA and other crypto systems vulnerable to side-channel attack
A researcher has found that a flaw in RSA is still vulnerable – a quarter of a century after it was first discovered Continue Reading
By- Cliff Saran, Managing Editor
-
News
03 Oct 2023
BillionPhotos.com - Fotolia
CIISec scores DSIT funding to expand successful CyberEPQ scheme
DSIT has committed to enhanced funding to expand CIISec’s CyberEPQ education programme after recording excellent results to date Continue Reading
By- Alex Scroxton, Security Editor
-
03 Oct 2023
Salesforce and Zoom embrace ethical hackers. You should, too
Software companies Salesforce and Zoom discuss their successful bug bounty programmes, what they learned at a recent in-person hackathon in which they participated, and why others shouldn’t be scared of hackers Continue Reading