News

Cloud security

July 20, 2022 20 Jul'22
Cato aims to bust cyber myths as it extends network protections

Cato Networks is beefing up its platform’s security features with ransomware and data loss protections, and the firm’s security strategy lead Etay Maor is using the occasion – and his unique access to billions of data points from the firm’s network ...
July 20, 2022 20 Jul'22
Russia’s Cozy Bear abusing Dropbox, Google Drive to target victims

Russian APT known as Cozy Bear has become adept at quickly incorporating popular cloud storage services into its attack chain to avoid detection
July 12, 2022 12 Jul'22
Microsoft Windows Autopatch now generally available

Microsoft customers with Windows Enterprise E3 and E5 licences can now take full advantage of its new automated patching service
July 06, 2022 06 Jul'22
Plexal seeks new scaleups for next phase of Cyber Runway

Established security startups looking to grow and scale their operations are being invited to join the next phase of Plexal’s Cyber Runway programme

July 05, 2022 05 Jul'22
Prepare for long-term cyber threat from Ukraine war, says NCSC

The NCSC has published refreshed guidance on cyber preparedness as the war on Ukraine continues, urging organisations to pay attention to the state of their security teams
June 24, 2022 24 Jun'22
US cyber agency in fresh warning over Log4Shell risk to VMware

Many VMware Horizon and UAG servers remain defenceless against Log4Shell, and organisations continue to fall victim to the vulnerability
June 21, 2022 21 Jun'22
CNI leaders’ attitude to ransomware lackadaisical at best

A survey of security decision-makers in sectors regarded as critical national infrastructure reveals a disappointing attitude to ransomware threats
June 16, 2022 16 Jun'22
Dundee security research centre opens with support from SBRC

An £18m hub at Abertay University in Dundee forms the centrepiece of Scotland’s first security research cluster
June 16, 2022 16 Jun'22
Office 365 loophole may give ransomware an easy shot at your files

Researchers at Proofpoint have discovered potentially dangerous Microsoft Office 365 functionality that they believe may give ransomware a clear shot at files stored on SharePoint and OneDrive
June 14, 2022 14 Jun'22
MS Azure Synapse vulnerability fixed after six-month slog

Microsoft patched a critical Azure Synapse vulnerability twice, but each time the researcher who discovered it was able to bypass it with ease, leading to a lengthy saga

June 13, 2022 13 Jun'22
Government recommits to UK’s cyber future in Digital Strategy

New strategy leans heavily on cyber security but stops short of announcing any initiatives that have not already been launched or heavily trailed
June 13, 2022 13 Jun'22
Qatar bolsters cyber security in preparation for World Cup

With hackers honing their cyber weapons to target the upcoming football World Cup, Qatar is busy developing countermeasures and raising awareness
June 07, 2022 07 Jun'22
Software house Mega achieves holistic SaaS security with Synopsys

Mega International, a supplier of IT management software, turned to Synopsys’s Coverity and Black Duck products to reassure both itself and its customers that its software-as-a-service offerings were built to the best possible security standards
June 01, 2022 01 Jun'22
Executive interview: Jeetu Patel, general manager of collaboration and security, Cisco

Anyone with an idea can help solve a problem if geography and distance don’t matter when bringing in talent, says Cisco’s collaboration and security chief
May 26, 2022 26 May'22
Consultation launched on datacentre, cloud security

The government is seeking views on how to boost the security and resilience of the UK’s datacentres and online cloud platforms
May 25, 2022 25 May'22
Rubrik charts data security path

Backup and recovery software provider Rubrik now sees itself as a cyber security company that helps organisations recover from ransomware and other data security threats
May 19, 2022 19 May'22
Red teaming will be standard in Dutch governmental organisations by 2025

The Dutch government wants to include the testing of the digital security of systems, processes and people – also known as red teaming – in all of its governmental organisations’ test planning and budgeting by 2025 at the latest
May 17, 2022 17 May'22
Veeam outlines data protection vision

Veeam is looking to achieve an “outsized market leading position” by tapping its strengths in data protection and doubling down on innovation to help enterprises secure emerging workloads
May 16, 2022 16 May'22
Keeping Singapore’s critical systems secure

Tracy Thng offers a glimpse into her work in strengthening the cyber resilience of 11 essential service sectors in Singapore
May 12, 2022 12 May'22
APAC career guide: Becoming a cyber security pro

The region’s burgeoning cyber security industry has attracted more talent last year, but it takes more than just technical knowhow to succeed in the field
May 10, 2022 10 May'22
CyberUK 22: NCSC refreshes cloud security guidance

The National Cyber Security Centre is revising its cloud guidance as increasing uptake of potentially vulnerable cloud services puts more organisations at risk of compromise
May 06, 2022 06 May'22
IT infrastructure used to launch DDoS attack on Russian targets

Organisations could unwittingly be participating in hostile activity against the Russian government as compromised IT infrastructure is used without their knowledge to launch denial of service attacks
April 28, 2022 28 Apr'22
Manufacturer sues JPMorgan after cyber criminals stole $272m

Manufacturer files lawsuit alleging that US bank failed to inform it of suspicious transaction activity
April 27, 2022 27 Apr'22
Log4Shell, ProxyLogon, ProxyShell among most exploited bugs of 2021

These 15 CVEs were the most commonly exploited last year, and if you haven’t mitigated against them, now is the time
April 26, 2022 26 Apr'22
Coralogix makes foray into cyber security with Snowbit

Observability platform supplier Coralogix has set up a cyber security venture and a global security resource centre in India to tap the growth opportunities in the subcontinent
April 25, 2022 25 Apr'22
Mimecast makes deeper push into ASEAN

Mimecast opens regional office in Singapore and is looking at setting up a datacentre in Southeast Asia as it makes a deeper push into the region
April 22, 2022 22 Apr'22
UAE bolsters cyber security

The United Arab Emirates has successfully improved its security posture amid mounting cyber threats
April 21, 2022 21 Apr'22
Zoom adds new round of cyber security enhancements

Videoconferencing platform Zoom adds multiple third-party security certifications and service enhancements
April 20, 2022 20 Apr'22
AWS fixes vulnerabilities in Log4Shell hot patch

AWS issues fixes for a series of Log4Shell hot patches after they turned out to leave its services vulnerable to further exploitation
April 13, 2022 13 Apr'22
Microsoft patches two zero-days, 10 critical bugs

Patch Tuesday is here once again. This month, security teams must fix two privilege escalation zero-days in the Windows Common Log File System Driver and the Windows User Profile Service
April 13, 2022 13 Apr'22
More ANZ organisations warm to DevSecOps

About four in 10 organisations in Australia and New Zealand are undertaking the transition to development, security and operations, while a further 36% plan to do so in 2022, study finds
April 12, 2022 12 Apr'22
Universal IAM policy failings put cloud environments at risk

Almost all organisations lack appropriate IAM policy controls to effectively secure their data in the cloud, according to a damning study
April 11, 2022 11 Apr'22
Singapore to start licensing cyber security service providers

Those providing penetration testing and SOC services will need to apply for a licence under a new licensing regime that is expected to safeguard consumer interests and improve service standards
April 08, 2022 08 Apr'22
Was Spring4Shell a lot of hot air? No, but...

Find out why Spring4Shell was apparently not as impactful a security problem as many had at first feared, and why it’s on the cyber community as a whole to do better
April 06, 2022 06 Apr'22
Denonia malware may be first to target AWS Lambda

The newly discovered Denonia malware appears to be custom designed to target AWS Lambda environments, and may be the first of its kind
April 04, 2022 04 Apr'22
How remote browser isolation can mitigate cyber threats

Remote browser isolation can help to mitigate browser-based attacks by separating a user’s browsing activity from the device
April 01, 2022 01 Apr'22
Four moves to ‘checkmate’ critical assets thanks to lax cloud security

Malicious actors can compromise 94% of critical assets within four steps of the initial breach point, according to a report
March 30, 2022 30 Mar'22
Australia to spend A$9.9bn on intelligence and cyber capabilities

The Morrison government is investing in a landmark package of measures to shore up the intelligence and cyber security capabilities of the Australian Signals Directorate
March 29, 2022 29 Mar'22
NCSC: Not necessarily wise to ditch Kaspersky

UK’s National Cyber Security Centre issues refreshed guidance on organisations’ usage of technology and services of Russian origin, but stops short of advising users to expunge all Russian products from their IT estates
March 29, 2022 29 Mar'22
Singapore rolls out cyber security certification scheme

Two new cyber security marks are expected to provide an edge for Singapore businesses with good cyber security practices
March 25, 2022 25 Mar'22
London police arrest seven in connection to Lapsus$

Seven people arrested by London police over cyber attacks carried out by Lapsus$ group, which is responsible for a number of recent, high profile attacks
March 24, 2022 24 Mar'22
How India organisations can mitigate cyber threats

Organisations in India will need to invest more in cloud security, gain more visibility into their systems and improve security awareness among employees to fend off cyber attacks
March 24, 2022 24 Mar'22
Hiring and retention challenges in cyber security persist

Latest ISACA report shows that enterprises are struggling to find and retain cyber security talent
March 17, 2022 17 Mar'22
Kaspersky CEO: Ukraine war must end through diplomacy

Eugene Kaspersky speaks out on the war in Ukraine, and rebuffs Germany’s BSI, branding its warnings over his company’s trustworthiness as insulting
March 16, 2022 16 Mar'22
German authorities warn on Kaspersky but stop short of ban

Germany authorities warn Kaspersky users to consider alternatives to the firm’s flagship antivirus software, citing national security concerns and the war on Ukraine
March 16, 2022 16 Mar'22
Kubernetes vulnerability underscores repeated security warnings

The disclosure of a new vulnerability in an important container runtime engine that underpins Kubernetes has drawn fresh warnings to pay attention to securing Kubernetes environments
February 28, 2022 28 Feb'22
Cloudflare: Our network is our product

Cloudflare’s chief product officer explains why its network is its product and how it protects organisations against cyber threats
February 25, 2022 25 Feb'22
Irish data watchdog calls for ‘objective metrics’ for big tech regulation

Helen Dixon, Ireland’s data protection commissioner, says EU regulators must agree on metrics to measure the effectiveness of data protection regulation
February 23, 2022 23 Feb'22
Salesforce pays out over £2m in bug bounties

Salesforce says it received more than 4,000 vulnerability reports in 2021 alone as it delivers a rare public update on its bug bounty programme
February 23, 2022 23 Feb'22
Microsoft extends Defender umbrella to Google Cloud Platform

Redmond says extending Defender for Cloud native capabilities to the Google Cloud Platform will help simplify security for organisations pursuing multicloud strategies by eliminating the gaps where the bad guys can get in