💡 Tips: Application security and coding requirements news, help and research - ComputerWeekly.com

News : Application security and coding requirements

March 31, 2022 31 Mar'22
Spring4Shell zero-day sprung on security teams

Some are describing a newly disclosed Spring Java framework vulnerability as the next Log4Shell, but what is Spring4Shell, and what can we do about it?
March 28, 2022 28 Mar'22
IT professionals wary of government campaign to limit end-to-end encryption

Members of the Chartered Institute of IT, the professional body for technology professionals in the UK, warn against limiting end-to-end encryption
March 24, 2022 24 Mar'22
How India organisations can mitigate cyber threats

Organisations in India will need to invest more in cloud security, gain more visibility into their systems and improve security awareness among employees to fend off cyber attacks
March 17, 2022 17 Mar'22
Kaspersky CEO: Ukraine war must end through diplomacy

Eugene Kaspersky speaks out on the war in Ukraine, and rebuffs Germany’s BSI, branding its warnings over his company’s trustworthiness as insulting

How APAC organisations can mitigate edge security threats

The move to the edge expands an organisation’s attack surface. Here are some measures that organisations can take to minimise their edge security risks Continue Reading
What neurodivergent people really think of working in cyber security

Many firms are filling cyber security skills gaps by hiring neurodivergent talent – but more support is needed for neurodivergent cyber security professionals, writes autistic tech journalist Nicholas Fearn Continue Reading
Bridging the gender gap in cyber security

Some professional groups and companies in Asia are working hard to improve awareness of the cyber security profession and mentoring talented women in a bid to bridge the gender gap Continue Reading

Time to act on "Authorised Payment" Fraud

In 2014 a working group hosted by the DPA (Digital Policy Alliance) working with faster payment data from six banks established that 75% of fraudulent payments could have been stopped in real time ... Continue Reading
Security's Buoyancy Aid - Keeping Your Head Above Murky Cyber Waters With Swimlane

Towards the end of last year, I spoke about a vendor, Swimlane, who appeared to be getting the concept of automation and orchestration absolutely on the money – and in the area where it is most ... Continue Reading
2022: Time to take algorithm-enhanced online abuse seriously

The algorithms used by dominant social media companies have compounded the risks to unsupervised children in their bedrooms by automating the processes predators use to find and groom potential ... Continue Reading

When to pull the plug on an ecommerce site

Distributed denial of service and other attacks on websites have the potential to leak personally identifiable information Continue Reading
The UK’s cyber security sector is thriving, but our work has only just begun

The government’s Annual Cyber Sector Report painted a positive picture of the UK security industry. CIISec’s Amanda Finch thinks we can go further in developing cyber talent and opening up the sector Continue Reading
Security Think Tank: In the cloud, anti-human approaches set us up to fail

Security learning is a career-long process, so as 2021 draws to a close, participants in the Computer Weekly Security Think Tank sum up the most important cyber lessons they’ve taken away from the past 12 months Continue Reading

CW500 Interview: Jonathan Moreira, CTO of PrimaryBid.com

In this CW500 video, Jonathan Moreira, CTO of PrimaryBid.com, gives a fintech startup’s perspective on the security challenges small businesses can face when adopting new technologies.
Lauri Love: how reformed hackers halted the WannaCry virus

Lauri Love presents a compelling story of the WannaCry malware that nearly brought down the NHS, and the behind the scenes work of former hackers, and security researchers that helped to prevent lives being lost. Love is facing extradition to the US after allegedly taking part in a hacking protest over the death of internet pioneer Aaron Swartz, who faced jail for using a hidden computer to downloading academic journals at MIT.
Screencast: Employ the FOCA tool as a metadata extractor

Mike McLaughlin demos the FOCA tool as a metadata extractor to expose the 'hidden' data users often post on their own websites.