With millions of businesses now using Amazon Web Services (AWS) for their cloud computing needs, it’s become a vital consideration for IT security teams and professionals. As such, AWS offers a broad range of cyber security tools to secure AWS-based tech stacks. They cover areas such as data privacy, access management, configuration management, threat detection,…
How cyber security professionals are leveraging AWS tools Read More »
Microsoft has issued fixes for a total of five new zero-day vulnerabilities out of a grand total of just over 70 addressable common vulnerabilities and exposures (CVEs) on the fifth Patch Tuesday of 2025 – over 80 when third-party issues are accounted for. In numerical order, this month’s zero days are as follows: CVE-2025-30400, an…
May Patch Tuesday brings five exploited zero-days to fix Read More »
The United States’ national metrology institute, the National Institute of Standards and Technology (NIST), is to cease providing updates to tens of thousands of older common vulnerabilities and exposures (CVEs) held within its National Vulnerability Database (NVD). In an announcement posted last week, the standards body said that every CVE with a published date prior…
NIST calls time on older vulnerabilities amid surging disclosures Read More »
The UK’s Information Commissioner’s Office (ICO) has today fined Advanced Computer Software Group – now known as OneAdvanced – £3.07m for cyber security failings that exacerbated the impact of a LockBit ransomware attack against the organisation. The cyber attack, which occurred in August 2022, saw services provided by Advanced customers – including the NHS and…
Thank you for joining! Access your Pro+ Content below. 28 January 2025 Turbulent times ahead for tech Share this item with your network: In this week’s Computer Weekly, the World Economic Forum in Davos highlighted growing risks to digital supply chains – we examine the turbulence ahead. Data sovereignty is becoming a growing issue as…
Microsoft has issued fixes for 71 Common Vulnerabilities and Exposures (CVEs) to mark the final Patch Tuesday of 2025, with a solitary zero-day that enables privilege elevation through the Windows Common Log File System Driver stealing the limelight. Assigned designation CVE-2024-49138 and credited to CrowdStrike’s Advanced Research Team, the flaw stems from a heap-based buffer…
Dangerous CLFS and LDAP flaws stand out on Patch Tuesday Read More »
The China-backed advanced persistent threat (APT) actor tracked as APT40 has been busy evolving its playbook and has recently been observed actively targeting new victims by exploiting vulnerabilities in small office and home office (SoHo) networking devices as a staging post for command and control (C2) activity during their attacks This is according to an…
Chinese spies target vulnerable home office kit to run cyber attacks Read More »
Security teams will have a busy few days ahead of them after Microsoft patched close to 140 new common vulnerabilities and exposures (CVEs) in its July Patch Tuesday update, including four zero-day exploits – one of them a third-party update via processor giant ARM. The four zero-days are listed, in numerical order, as follows: CVE-2024-35264,…
Hyper-V zero-day stands out on a busy Patch Tuesday Read More »
Across EMEA, organisations must up their game when it comes to addressing the human factors leading to data breaches and cyber security incidents, according to telco Verizon, which this week issued a wake-up call in the form of the 17th annual edition of its landmark global Data breach investigations report (DBIR) In the compilation of…
EMEA CISOs must address human factors behind cyber incidents Read More »
Apple has rolled out patches to its mobile iOS and iPadOS operating systems to safeguard against four newly disclosed flaws, two of which are under active exploitation as zero-day vulnerabilities, as part of a wider update that also includes significant new features designed to safeguard the iPhone and iPad estate from future quantum cyber attacks.…
Apple patches zero-days amid ‘foundational’ post-quantum update Read More »
