• Continuity planning doesn’t have to be complex

    The Covid-19 coronavirus is a reminder (if one were needed) of our interconnected world and the ease with which an occurrence in one region can rapidly become a global phenomenon. 

    An enterprise’s employees, contractors, third-party partners and suppliers can all be affected. In recognition of this, many large global or regional organisations have processes in place to establish the threat to them if an event, such as a natural disaster or terrorist attack or – as is currently filling the headlines – the outbreak of a virus, occurs.

    The result is that reports detailing impacted individuals and disrupted operations can

    Read More
  • An evolving and dangerous threat

    JavaScript is a key and oft-used technology for web developers in the creation of interactive web pages, but its ubiquity has not gone unnoticed by cyber criminals looking to weaponise the programming language against organisations.

    In fact, the language is key to the fabric of the online world, with it being used client-side by 95% of all websites. A unique attribute of JavaScript exploits – mechanisms for the illicit and unintended use of the technology – is that they occur beyond the realm of the corporate network and, therefore, outside the parameters of traditional security controls.

    Savvy cyber criminals

    Read More
  • Business data science teams need to be multi-disciplined, says Trainline

    Building well-balanced data science teams in conjunction with a relentless focus on creating data-based products for customers are the critical elements of any successful data science programme.

    Sam Taylor, head of data science at Trainline, gives this advice to peers, while reflecting on the work of the team they have built over the past four years. And he puts a big emphasis on having a core data science team with people from different academic disciplines.

    “Our main goal has been to use Trainline’s data to build great data products for our customers,” he says. “We spend a lot of

    Read More
  • Magecart attacks on online retailers jump 20%

    Cyber criminals are taking advantage of unprecedented volumes of traffic to online shopping websites during the Covid-19 coronavirus pandemic, with Magecart credit card skimming attacks ramping up, according to RiskIQ researchers Jordan Herman and Mia Ihm.

    New data released by RiskIQ show that attacks leveraging Magecart – a credit card fraud technique that skims card numbers in a supply chain attack by injecting malicious JavaScript into online checkout software systems – have grown 20% amid the coronavirus pandemic.

    “With many homebound people forced to purchase what they need online, the digital skimming threat to e-commerce is as pronounced as

    Read More
  • NHSX working on contact tracing app

    Digital healthcare innovation unit NHSX is exploring the idea of developing an app that alerts people if they come into contact with someone who has tested positive for the Covid-19 coronavirus.

    The contact tracing app would allow government and healthcare officials to instantly track the spread of infection digitally, removing the need for time-consuming manual tracking.

    “NHSX is looking at whether app-based solutions might be helpful in tracking and managing the coronavirus, and we have assembled expertise from inside and outside the organisation to do this as rapidly as possible,” said an NHSX spokesperson.

    This expertise includes a team of

    Read More
  • The Computer Weekly Downtime Upload – Episode 53

    In this week’s episode of the Computer Weekly Downtime Upload podcast, Alex Scroxton, Computer Weekly’s security editor, joins Caroline Donnelly and Brian McKenna to talk about the Covid-19 coronavirus crisis, including chancellor Rishi Sunak’s package for the self-employed, and how Southeast Asia’s approach has differed from ours. They also talk about using data to govern the public sector.

    Read More