Davey Winder

UK and other western universities targeted by suspected Iranian cyber-criminals

UK and other western universities targeted by suspected Iranian cyber-criminals

Nation-state threat group Cobalt Dickens launched campaign that spoofs library services login pages in order to steal intellectual property

Is data safer in the cloud? Or is it better stored on premises? Seconds out...

Is data safer in the cloud? Or is it better stored on premises? Seconds out...

More like Brexit than Marmite. The answer to the question of whether data is safer on site or in the cloud is....complicated.

Why won't WannaCry die?

Why won't WannaCry die?

Two years after its explosive debut in 2017, WannaCry still dominates the ransomware threatscape

The patching paradox: vulnerability scoring leads to slower high-risk remediation

The patching paradox: vulnerability scoring leads to slower high-risk remediation

Companies focused on compliance tended to struggle to patch all high-risk vulnerabilities across their organisation and tended to be slower in patching high-risk vulnerabilities. Those performing better used....

Could a HVAC vulnerability leave you liable to a massive NIS fine?

Could a HVAC vulnerability leave you liable to a massive NIS fine?

Supply-chain security risk: Who is liable when the vulnerability is in equipment from a third party supplier?Under NIS - unless your contract specifically says otherwise - its more likely to be you than your supplier.

Who monitors employee monitoring when AI is in the driving seat?

Who monitors employee monitoring when AI is in the driving seat?

Enterprises are increasingly monitoring employees by way of their email and social media usage, often by AI-powered technologies. There are ethical questions that have to be asked. So SC Media UK asked them.

Combolists-as-a-Service can now be added to the threat landscape

Combolists-as-a-Service can now be added to the threat landscape

Entrepreneurial cyber-criminals are now renting out access to databases that combine log-in, passwords and other details, having first curated and packaged stolen credentials before selling them.

Email threat confidence sky high, but is it misplaced?

Email threat confidence sky high, but is it misplaced?

EMEA IT teams receive more suspicious emails than the global average, are most likely to fall victim to a spear-phishing attack and suffer greater reputational impact, but over half thought they were more secure.

Ke3chang APT group drops Okrum backdoor bomb on diplomatic targets

Ke3chang APT group drops Okrum backdoor bomb on diplomatic targets

New versions of malware families linked to the Ke3chang APT group that operates out of China is being used to target political figures in Eastern Europe and the Americas

Can the DoRIoT project secure the Internet of Things?

Can the DoRIoT project secure the Internet of Things?

The way to secure the Internet of Things is to allow the self-organising migration of services away from a central cloud alone and into local infrastructure ecosystems where they can act independently. Or is it?