🔍 Deep Dive: Application security and coding requirements news, help and research - ComputerWeekly.com

News : Application security and coding requirements

April 28, 2022 28 Apr'22
Manufacturer sues JPMorgan after cyber criminals stole $272m

Manufacturer files lawsuit alleging that US bank failed to inform it of suspicious transaction activity
April 27, 2022 27 Apr'22
Log4Shell, ProxyLogon, ProxyShell among most exploited bugs of 2021

These 15 CVEs were the most commonly exploited last year, and if you haven’t mitigated against them, now is the time
April 26, 2022 26 Apr'22
Emotet tests new tricks to thwart enhanced security

The operators of the Emotet botnet seem to be trying to find a way to get around recent changes made by Microsoft to better protect its users
April 25, 2022 25 Apr'22
Mimecast makes deeper push into ASEAN

Mimecast opens regional office in Singapore and is looking at setting up a datacentre in Southeast Asia as it makes a deeper push into the region

How APAC organisations can mitigate edge security threats

The move to the edge expands an organisation’s attack surface. Here are some measures that organisations can take to minimise their edge security risks Continue Reading
What neurodivergent people really think of working in cyber security

Many firms are filling cyber security skills gaps by hiring neurodivergent talent – but more support is needed for neurodivergent cyber security professionals, writes autistic tech journalist Nicholas Fearn Continue Reading
Bridging the gender gap in cyber security

Some professional groups and companies in Asia are working hard to improve awareness of the cyber security profession and mentoring talented women in a bid to bridge the gender gap Continue Reading

Singing the key management blues

We need cryptographic keys, but who is going to manage them? How do you make an obscure topic like cryptographic key management interesting? And can you then persuade people to move this security ... Continue Reading
Just How Secure Are You?

Back in the autumn of last year, I talked about a vendor – Bugcrowd – that doesn’t simply rely on AI and ML within a microchip, but actually uses real flesh and bone people (AKA ethical hackers) to ... Continue Reading
Time to act on "Authorised Payment" Fraud

In 2014 a working group hosted by the DPA (Digital Policy Alliance) working with faster payment data from six banks established that 75% of fraudulent payments could have been stopped in real time ... Continue Reading

When to pull the plug on an ecommerce site

Distributed denial of service and other attacks on websites have the potential to leak personally identifiable information Continue Reading
The UK’s cyber security sector is thriving, but our work has only just begun

The government’s Annual Cyber Sector Report painted a positive picture of the UK security industry. CIISec’s Amanda Finch thinks we can go further in developing cyber talent and opening up the sector Continue Reading
Security Think Tank: In the cloud, anti-human approaches set us up to fail

Security learning is a career-long process, so as 2021 draws to a close, participants in the Computer Weekly Security Think Tank sum up the most important cyber lessons they’ve taken away from the past 12 months Continue Reading

CW500 Interview: Jonathan Moreira, CTO of PrimaryBid.com

In this CW500 video, Jonathan Moreira, CTO of PrimaryBid.com, gives a fintech startup’s perspective on the security challenges small businesses can face when adopting new technologies.
Lauri Love: how reformed hackers halted the WannaCry virus

Lauri Love presents a compelling story of the WannaCry malware that nearly brought down the NHS, and the behind the scenes work of former hackers, and security researchers that helped to prevent lives being lost. Love is facing extradition to the US after allegedly taking part in a hacking protest over the death of internet pioneer Aaron Swartz, who faced jail for using a hidden computer to downloading academic journals at MIT.
Screencast: Employ the FOCA tool as a metadata extractor

Mike McLaughlin demos the FOCA tool as a metadata extractor to expose the 'hidden' data users often post on their own websites.