News

Application security and coding requirements

• November 02, 2018 02 Nov'18

  DevSecOps not limited to coding, says analyst

  DevSecOps is seen as a way of ensuring application security, but security leaders must understand that embedding a security culture and taking the inter-dependencies of new development frameworks into account is key, says KuppingerCole

• October 16, 2018 16 Oct'18

  UK faces 10 cyber attacks a week as hostile states step up hacking, says NCSC

  The UK’s National Cyber Security Centre has thwarted more than 1,600 attacks over the past two years – many by hostile nation states

• October 11, 2018 11 Oct'18

  Optus to acquire Hivint in cyber security deal

  The deal is expected to bolster the telco’s security pedigree in a market that is grappling with more data breaches and cyber incidents

• October 04, 2018 04 Oct'18

  Apps are gateway to business data for cyber attackers

  Application security is becoming increasingly important because apps are often the main way cyber attackers are getting into corporate networks, a threat researcher warns

• October 03, 2018 03 Oct'18

  Majority of businesses believe they are open to cyber attack

  More than two-thirds of businesses believe their network is open to attack, a report on the state of web application security reveals

• September 27, 2018 27 Sep'18

  Norwegian state discusses vulnerabilities with IT sector

  Government is collaborating with the country’s IT industry to improve the availability of security expertise

• September 19, 2018 19 Sep'18

  Equifax fined by ICO for security failings

  The Information Commissioners Office has fined Equifax UK in relation to a data breach at its UK parent last year

• September 11, 2018 11 Sep'18

  British Airways data breach: Security researchers name suspects and query attack timeline

  Security researchers claim to have pinpointed the cause and perpetrators of the British Airways data breach, and also claim the attackers may have had access to its customer data for far longer than previously thought

• September 10, 2018 10 Sep'18

  Cyber criminals outspend businesses in cyber security battle

  Cybercriminals are flexing their financial might and UK organisations are facing more attacks as a result

• August 23, 2018 23 Aug'18

  Apache Struts users urged to update due to new security flaw

  Another security flaw has been discovered in the Apache Struts, which was at the heart of the massive Equifax data breach in 2017

• August 10, 2018 10 Aug'18

  Microsoft looks at a Windows VM to sandbox rogue code

  A feature revealed in the Windows Insider programme may appear in a future Windows 10 update for enterprises

• August 06, 2018 06 Aug'18

  Virus outbreak at iPhone chip plant could delay shipments

  A computer virus at an iPhone chip manufacturing plant could delay shipments of Apple’s latest smartphones, but the impact will be limited, say analysts

• August 01, 2018 01 Aug'18

  Bromium evolves virtualisation-based security

  Virtualisation-based security firm Bromium has evolved its technology to offer bidirectional protection for applications and underlying operating systems

• July 30, 2018 30 Jul'18

  Pentagon flags risky software suppliers

  The Pentagon has drawn up a list of software suppliers that it wants the US military and defence contractors to avoid due to fears of risks to national security

• July 26, 2018 26 Jul'18

  Software development remains insecure

  The prevalence of common and well-known web-based vulnerabilities underlines the need for better education around secure software development

• July 25, 2018 25 Jul'18

  ERP applications are under cyber attack, research confirms

  ERP applications are increasingly being targeted by cyber criminals, hacktivists and nation-state actors, a report reveals

• July 25, 2018 25 Jul'18

  Apache OpenWhisk users urged to patch

  IBM has patched vulnerabilities in its Cloud Functions service that is based on Apache OpenWhisk in response to vulnerability disclosures, and all other users are urged to do the same

• July 25, 2018 25 Jul'18

  Application attacks demand new security approach

  Applying security software updates is an ineffective way to deal with application layer cyber attacks and businesses should change their approach, security experts advise

• July 24, 2018 24 Jul'18

  Google wants to ease hybrid cloud woes

  Cloud supplier Google claims its Cloud Service Platform will alleviate complexities in managing microservices in a hybrid IT environment

• July 24, 2018 24 Jul'18

  Most firms have software security vulnerability

  Most firms have a software vulnerability that can be exploited by cyber attackers, a study has revealed

• July 17, 2018 17 Jul'18

  A third of organisations do not have a security expert, survey shows

  Around a third of organisations are vulnerable to cyber attacks due to a lack of dedicated in-house cyber security experts, finds Gartner survey

• July 12, 2018 12 Jul'18

  Cyber attackers cashing in on ‘hidden’ attack surface

  Cyber attackers are cashing in on organisations’ lack of visibility into all online interactions that can involve multiple third parties, a report reveals

• July 11, 2018 11 Jul'18

  White-hat hackers find record number of vulnerabilities

  White-hat hackers are finding more vulnerabilities than ever before, with crowdsourced security testing continuing to gain popularity, a report reveals

• July 09, 2018 09 Jul'18

  Inside one of the world’s largest bug bounty programmes

  Trend Micro’s Zero Day Initiative may be the top external supplier of software bug reporting for Microsoft and Adobe, but that does not mean it purchases every type of bug

• June 27, 2018 27 Jun'18

  Brexit a greater risk to UK financial system than cyber attack

  While Brexit is seen as the biggest risk to the stability of the UK financial system, cyber attack is the most difficult risk to manage for over half of firms

• June 26, 2018 26 Jun'18

  High-Tech Bridge bets on machine learning capabilities

  Machine learning has a great potential to drive the automation of some security tasks to free up information security professionals to do more strategic work, says High-Tech Bridge founder

• June 19, 2018 19 Jun'18

  Singapore remains hotbed for cyber threats

  Singapore was a victim of advanced persistent threats, phishing and website defacements in 2017, according to the latest threat landscape report by the Cyber Security Agency

• June 11, 2018 11 Jun'18

  APAC remains a hotbed for software piracy

  The Asia-Pacific region is still seeing the highest use of unlicensed software installations globally, making enterprises more susceptible to cyber attacks from malware

• May 24, 2018 24 May'18

  Grab outlines its approach to cyber security

  Singapore-based ride-hailing company prefers detective controls rather than preventive ones to deter cyber threats – an approach it claims is less intrusive and costly to implement

• May 09, 2018 09 May'18

  Nutanix builds hooks to SDN and cloud with Flow, Era and Beam

  Hyper-converged pioneer builds in functionality from acquisitions with Flow software-defined networking, Beam cloud monitoring and Era database provisioning and data protection

• May 08, 2018 08 May'18

  Majority of security professionals favour shorter disclosure deadline

  Google’s Project Zero unit’s 90-day deadline for software suppliers to disclose vulnerabilities has always been controversial, but a survey reveals that most security professionals feel even that is too long

• May 03, 2018 03 May'18

  City Police use Lego simulation to teach businesses cyber security

  City of London Police are offering to train business leaders and IT security in cyber security using a Lego simulation that is surprisingly close to real life

• April 18, 2018 18 Apr'18

  APAC is becoming a hotspot for DDoS attacks

  The region’s largest and most-connected economies are most vulnerable to distributed denial-of-service attacks, according to CenturyLink

• April 11, 2018 11 Apr'18

  Government to set up £13.5m cyber security centre

  Located at the 2012 Olympic Park, the London Cyber Innovation Centre could create up to 2,000 jobs in cyber security

• March 28, 2018 28 Mar'18

  Facebook announces more privacy control updates

  Social media giant updates privacy settings and tools in response to the unfolding controversy over Cambridge Analytica’s use of Facebook data for political campaigns

• March 26, 2018 26 Mar'18

  Dutch SMEs’ cyber security is insufficient

  Nowhere in the Netherlands is digitisation as big as it is in small and medium-sized enterprises, but the sector still has a lot to do in terms of cyber security

• March 20, 2018 20 Mar'18

  Firms need to move from DevOps to DevSecOps, says expert

  In the face of competition, organisations are turning to DevOps to improve efficiency and accelerate innovation, but this is creating new security risks, an industry expert warns

• March 19, 2018 19 Mar'18

  C-suite a cyber attack risk, say security chiefs

  Those tasked with running organisations are the most likely group to expose them to a major cyber attack, a poll of UK information security executives shows

• March 19, 2018 19 Mar'18

  Heartbleed and Shellshock thriving in Docker community

  DevOps has revolutionised IT, but security best practices are being skimmed over, which means old vulnerabilities are finding a new lease of life in Docker

• March 15, 2018 15 Mar'18

  DocuTrac medical software is a breach risk, warns Rapid7

  Security researchers have issued a security warning about medical billing and documentation software they say puts patients at risk of data breach

• March 09, 2018 09 Mar'18

  Security researchers demonstrate ransomware attack on robots

  Researchers have carried out a ransomware attack on robots to show that such attacks are possible and should be guarded against

• March 08, 2018 08 Mar'18

  Mac malware more than doubled in 2017

  Malware targeting Apple Mac computers more than doubled from 2016 to 2017, according to security firm Malwarebytes

• March 07, 2018 07 Mar'18

  Only half of ransomware payments honoured

  Only half of ransomware victims who pay ransoms to cyber criminals recover their data, a report reveals, pointing to a need for more effective strategies to deal with these attacks

• March 06, 2018 06 Mar'18

  Security remains an afterthought in DevOps

  Enterprises in Asia are lapping up DevOps but less than one-third have baked security processes into their developments

• March 05, 2018 05 Mar'18

  Spring Break flaw shows cross-industry collaboration

  A flaw that was discovered in Pivotal’s Spring Framework in September 2017 has only come to light now that users have had a chance to update

• February 22, 2018 22 Feb'18

  Developers urged to submit apps to NHS Apps Library

  NHS Digital and NHS England have further opened up the newly updated NHS Apps Library, and are asking developers to submit their apps for assessment

• February 22, 2018 22 Feb'18

  Google calls out Microsoft for failing to fix reported flaw

  Google’s Project Zero has gone public with a Windows 10 flaw that Microsoft claimed to have fixed in its February security update

• February 19, 2018 19 Feb'18

  Botnets shift focus to credential abuse

  Cyber criminals are increasingly using automated attacks that make use of stolen credentials, a security threat report warns

• February 16, 2018 16 Feb'18

  Tech industry signs cyber security charter

  Nine technology organisations have signed a cyber security charter aimed at raising the level of cyber security internationally

• February 14, 2018 14 Feb'18

  Blockchain to give global LGBT community a louder economic voice

  Blockchain will underpin a global platform that aims to give the LGBT community a more powerful economic voice