News

Application security and coding requirements

• August 29, 2019 29 Aug'19

  Dutch regulator reveals potential Microsoft privacy breach

  Netherlands privacy watchdog has revealed potential breaches while testing Microsoft software changes

• August 26, 2019 26 Aug'19

  VMware’s latest acquisitions point to emerging platform war

  VMware’s buyout of Carbon Black and Pivotal is a sign of an emerging platform war following the IBM-Red Hat deal

• August 21, 2019 21 Aug'19

  Silence APT group eyes APAC banks

  Russian-speaking advanced persistent threat group has set its sights on banks in the region, customising its arsenal for targeted attacks

• August 20, 2019 20 Aug'19

  Even fintech startups battling to meet cyber security challenges

  A study shows that most fintech startups, like most banks, are failing to address vulnerabilities in the web and mobile applications, underlining the scale of the challenge

• August 14, 2019 14 Aug'19

  DCMS funding aims to increase diversity in cyber sector

  A funding round has been announced as part of the Cyber Skills Immediate Impact Fund (CSIIF) with aims of encouraging more diverse talent into the UK’s cyber security sector

• August 14, 2019 14 Aug'19

  Digital domain identified as major security threat by Norway’s intelligence service

  Norway's intelligence services has revealed the extent of the threat posed to the country by cyber attacks

• August 09, 2019 09 Aug'19

  F-Secure warns of F5 Big IP-related security issue

  F-Secure has discovered security issues relating to an F5 device that it says could potentially turn hundreds of thousands of load balancers into beachheads for cyber attacks

• August 09, 2019 09 Aug'19

  NCC Group warns of security risks of leading printers

  Researchers uncover more than 35 vulnerabilities in six leading enterprise printers, many of which could allow access to corporate networks, underlining the need to counter security risks of embedded systems

• June 25, 2019 25 Jun'19

  AI will drive reskilling in problem solving, creativity and collaboration

  A study from the Economist Intelligence Unit has found that executives do not believe that artificial intelligence will lead to job losses, but staff will need retraining

• June 25, 2019 25 Jun'19

  UK firms downloading vulnerable open source software

  Vulnerable open source software components are posing a security threat to UK firms, according to a report that also shows how best practice, including automation, can reduce the risk

• June 17, 2019 17 Jun'19

  Inside F5’s cyber security playbook

  F5 Networks' CISO talks up measures that the application delivery and security specialist is employing to fend off cyber attackers that come knocking on its doors

• June 04, 2019 04 Jun'19

  Beware of security blind spots in encrypted traffic

  The growth of encrypted traffic has put the spotlight on intrusion prevention systems that help to surface cyber attacks conducted under the cloak of network encryption

• May 02, 2019 02 May'19

  Microservices introduce hidden security complexity, analyst warns

  Microservice architecture – an approach to application development in which applications are built as a suite of modular services – simplifies development but complicates security, says KuppingerCole

• May 01, 2019 01 May'19

  BSA releases framework for secure software

  Software industry advocacy group releases framework to facilitate flexible and comprehensive software security assessments

• April 17, 2019 17 Apr'19

  Nearly a quarter of tech firms do not security check products

  Nearly a quarter of organisations polled do not run security checks on products, and nearly a third admitted to shipping products with known security vulnerabilities, a survey shows

• April 15, 2019 15 Apr'19

  How Palo Alto Networks fends off its cyber adversaries

  Palo Alto Networks CIO Naveen Zutshi talks up the company’s approach in keeping threat actors at bay

• January 30, 2019 30 Jan'19

  How traffic scrubbing can guard against DDoS attacks

  Although most scrubbing services can help fend off distributed denial of service attacks, a more comprehensive mitigation strategy is required to remain unscathed

• January 10, 2019 10 Jan'19

  UK firms say £6.6bn annual security testing cost too high

  Avord launches platform to reduce the multibillion-pound annual cyber security testing cost that most UK firms say is too high

• January 06, 2019 06 Jan'19

  Singapore Airlines’ software glitch exposed customer data

  More than 280 members of the Krisflyer frequent flyer programme had their personal information compromised by a one-off software bug

• December 18, 2018 18 Dec'18

  APAC cyber security landscape to be more tumultuous in 2019

  Amid growing cyber threats, the Asia-Pacific cyber security landscape will not get any rosier in 2019 unless organisations start shoring up their cyber hygiene

• November 02, 2018 02 Nov'18

  DevSecOps not limited to coding, says analyst

  DevSecOps is seen as a way of ensuring application security, but security leaders must understand that embedding a security culture and taking the inter-dependencies of new development frameworks into account is key, says KuppingerCole

• October 16, 2018 16 Oct'18

  UK faces 10 cyber attacks a week as hostile states step up hacking, says NCSC

  The UK’s National Cyber Security Centre has thwarted more than 1,600 attacks over the past two years – many by hostile nation states

• October 11, 2018 11 Oct'18

  Optus to acquire Hivint in cyber security deal

  The deal is expected to bolster the telco’s security pedigree in a market that is grappling with more data breaches and cyber incidents

• October 04, 2018 04 Oct'18

  Apps are gateway to business data for cyber attackers

  Application security is becoming increasingly important because apps are often the main way cyber attackers are getting into corporate networks, a threat researcher warns

• October 03, 2018 03 Oct'18

  Majority of businesses believe they are open to cyber attack

  More than two-thirds of businesses believe their network is open to attack, a report on the state of web application security reveals

• September 27, 2018 27 Sep'18

  Norwegian state discusses vulnerabilities with IT sector

  Government is collaborating with the country’s IT industry to improve the availability of security expertise

• September 19, 2018 19 Sep'18

  Equifax fined by ICO for security failings

  The Information Commissioners Office has fined Equifax UK in relation to a data breach at its UK parent last year

• September 11, 2018 11 Sep'18

  British Airways data breach: Security researchers name suspects and query attack timeline

  Security researchers claim to have pinpointed the cause and perpetrators of the British Airways data breach, and also claim the attackers may have had access to its customer data for far longer than previously thought

• September 10, 2018 10 Sep'18

  Cyber criminals outspend businesses in cyber security battle

  Cybercriminals are flexing their financial might and UK organisations are facing more attacks as a result

• August 23, 2018 23 Aug'18

  Apache Struts users urged to update due to new security flaw

  Another security flaw has been discovered in the Apache Struts, which was at the heart of the massive Equifax data breach in 2017

• August 10, 2018 10 Aug'18

  Microsoft looks at a Windows VM to sandbox rogue code

  A feature revealed in the Windows Insider programme may appear in a future Windows 10 update for enterprises

• August 06, 2018 06 Aug'18

  Virus outbreak at iPhone chip plant could delay shipments

  A computer virus at an iPhone chip manufacturing plant could delay shipments of Apple’s latest smartphones, but the impact will be limited, say analysts

• August 01, 2018 01 Aug'18

  Bromium evolves virtualisation-based security

  Virtualisation-based security firm Bromium has evolved its technology to offer bidirectional protection for applications and underlying operating systems

• July 30, 2018 30 Jul'18

  Pentagon flags risky software suppliers

  The Pentagon has drawn up a list of software suppliers that it wants the US military and defence contractors to avoid due to fears of risks to national security

• July 26, 2018 26 Jul'18

  Software development remains insecure

  The prevalence of common and well-known web-based vulnerabilities underlines the need for better education around secure software development

• July 25, 2018 25 Jul'18

  ERP applications are under cyber attack, research confirms

  ERP applications are increasingly being targeted by cyber criminals, hacktivists and nation-state actors, a report reveals

• July 25, 2018 25 Jul'18

  Apache OpenWhisk users urged to patch

  IBM has patched vulnerabilities in its Cloud Functions service that is based on Apache OpenWhisk in response to vulnerability disclosures, and all other users are urged to do the same

• July 25, 2018 25 Jul'18

  Application attacks demand new security approach

  Applying security software updates is an ineffective way to deal with application layer cyber attacks and businesses should change their approach, security experts advise

• July 24, 2018 24 Jul'18

  Google wants to ease hybrid cloud woes

  Cloud supplier Google claims its Cloud Service Platform will alleviate complexities in managing microservices in a hybrid IT environment

• July 24, 2018 24 Jul'18

  Most firms have software security vulnerability

  Most firms have a software vulnerability that can be exploited by cyber attackers, a study has revealed

• July 17, 2018 17 Jul'18

  A third of organisations do not have a security expert, survey shows

  Around a third of organisations are vulnerable to cyber attacks due to a lack of dedicated in-house cyber security experts, finds Gartner survey

• July 12, 2018 12 Jul'18

  Cyber attackers cashing in on ‘hidden’ attack surface

  Cyber attackers are cashing in on organisations’ lack of visibility into all online interactions that can involve multiple third parties, a report reveals

• July 11, 2018 11 Jul'18

  White-hat hackers find record number of vulnerabilities

  White-hat hackers are finding more vulnerabilities than ever before, with crowdsourced security testing continuing to gain popularity, a report reveals

• July 09, 2018 09 Jul'18

  Inside one of the world’s largest bug bounty programmes

  Trend Micro’s Zero Day Initiative may be the top external supplier of software bug reporting for Microsoft and Adobe, but that does not mean it purchases every type of bug

• June 27, 2018 27 Jun'18

  Brexit a greater risk to UK financial system than cyber attack

  While Brexit is seen as the biggest risk to the stability of the UK financial system, cyber attack is the most difficult risk to manage for over half of firms

• June 26, 2018 26 Jun'18

  High-Tech Bridge bets on machine learning capabilities

  Machine learning has a great potential to drive the automation of some security tasks to free up information security professionals to do more strategic work, says High-Tech Bridge founder

• June 19, 2018 19 Jun'18

  Singapore remains hotbed for cyber threats

  Singapore was a victim of advanced persistent threats, phishing and website defacements in 2017, according to the latest threat landscape report by the Cyber Security Agency

• June 11, 2018 11 Jun'18

  APAC remains a hotbed for software piracy

  The Asia-Pacific region is still seeing the highest use of unlicensed software installations globally, making enterprises more susceptible to cyber attacks from malware

• May 24, 2018 24 May'18

  Grab outlines its approach to cyber security

  Singapore-based ride-hailing company prefers detective controls rather than preventive ones to deter cyber threats – an approach it claims is less intrusive and costly to implement

• May 09, 2018 09 May'18

  Nutanix builds hooks to SDN and cloud with Flow, Era and Beam

  Hyper-converged pioneer builds in functionality from acquisitions with Flow software-defined networking, Beam cloud monitoring and Era database provisioning and data protection