News

Cloud security

April 22, 2022 22 Apr'22
UAE bolsters cyber security

The United Arab Emirates has successfully improved its security posture amid mounting cyber threats
April 21, 2022 21 Apr'22
Zoom adds new round of cyber security enhancements

Videoconferencing platform Zoom adds multiple third-party security certifications and service enhancements
April 20, 2022 20 Apr'22
AWS fixes vulnerabilities in Log4Shell hot patch

AWS issues fixes for a series of Log4Shell hot patches after they turned out to leave its services vulnerable to further exploitation
April 13, 2022 13 Apr'22
Microsoft patches two zero-days, 10 critical bugs

Patch Tuesday is here once again. This month, security teams must fix two privilege escalation zero-days in the Windows Common Log File System Driver and the Windows User Profile Service

April 13, 2022 13 Apr'22
More ANZ organisations warm to DevSecOps

About four in 10 organisations in Australia and New Zealand are undertaking the transition to development, security and operations, while a further 36% plan to do so in 2022, study finds
April 12, 2022 12 Apr'22
Universal IAM policy failings put cloud environments at risk

Almost all organisations lack appropriate IAM policy controls to effectively secure their data in the cloud, according to a damning study
April 11, 2022 11 Apr'22
Singapore to start licensing cyber security service providers

Those providing penetration testing and SOC services will need to apply for a licence under a new licensing regime that is expected to safeguard consumer interests and improve service standards
April 08, 2022 08 Apr'22
Was Spring4Shell a lot of hot air? No, but...

Find out why Spring4Shell was apparently not as impactful a security problem as many had at first feared, and why it’s on the cyber community as a whole to do better
April 06, 2022 06 Apr'22
Denonia malware may be first to target AWS Lambda

The newly discovered Denonia malware appears to be custom designed to target AWS Lambda environments, and may be the first of its kind
April 04, 2022 04 Apr'22
How remote browser isolation can mitigate cyber threats

Remote browser isolation can help to mitigate browser-based attacks by separating a user’s browsing activity from the device

April 01, 2022 01 Apr'22
Four moves to ‘checkmate’ critical assets thanks to lax cloud security

Malicious actors can compromise 94% of critical assets within four steps of the initial breach point, according to a report
March 30, 2022 30 Mar'22
Australia to spend A$9.9bn on intelligence and cyber capabilities

The Morrison government is investing in a landmark package of measures to shore up the intelligence and cyber security capabilities of the Australian Signals Directorate
March 29, 2022 29 Mar'22
NCSC: Not necessarily wise to ditch Kaspersky

UK’s National Cyber Security Centre issues refreshed guidance on organisations’ usage of technology and services of Russian origin, but stops short of advising users to expunge all Russian products from their IT estates
March 29, 2022 29 Mar'22
Singapore rolls out cyber security certification scheme

Two new cyber security marks are expected to provide an edge for Singapore businesses with good cyber security practices
March 25, 2022 25 Mar'22
London police arrest seven in connection to Lapsus$

Seven people arrested by London police over cyber attacks carried out by Lapsus$ group, which is responsible for a number of recent, high profile attacks
March 24, 2022 24 Mar'22
How India organisations can mitigate cyber threats

Organisations in India will need to invest more in cloud security, gain more visibility into their systems and improve security awareness among employees to fend off cyber attacks
March 24, 2022 24 Mar'22
Hiring and retention challenges in cyber security persist

Latest ISACA report shows that enterprises are struggling to find and retain cyber security talent
March 17, 2022 17 Mar'22
Kaspersky CEO: Ukraine war must end through diplomacy

Eugene Kaspersky speaks out on the war in Ukraine, and rebuffs Germany’s BSI, branding its warnings over his company’s trustworthiness as insulting
March 16, 2022 16 Mar'22
German authorities warn on Kaspersky but stop short of ban

Germany authorities warn Kaspersky users to consider alternatives to the firm’s flagship antivirus software, citing national security concerns and the war on Ukraine
March 16, 2022 16 Mar'22
Kubernetes vulnerability underscores repeated security warnings

The disclosure of a new vulnerability in an important container runtime engine that underpins Kubernetes has drawn fresh warnings to pay attention to securing Kubernetes environments
February 28, 2022 28 Feb'22
Cloudflare: Our network is our product

Cloudflare’s chief product officer explains why its network is its product and how it protects organisations against cyber threats
February 25, 2022 25 Feb'22
Irish data watchdog calls for ‘objective metrics’ for big tech regulation

Helen Dixon, Ireland’s data protection commissioner, says EU regulators must agree on metrics to measure the effectiveness of data protection regulation
February 23, 2022 23 Feb'22
Salesforce pays out over £2m in bug bounties

Salesforce says it received more than 4,000 vulnerability reports in 2021 alone as it delivers a rare public update on its bug bounty programme
February 23, 2022 23 Feb'22
Microsoft extends Defender umbrella to Google Cloud Platform

Redmond says extending Defender for Cloud native capabilities to the Google Cloud Platform will help simplify security for organisations pursuing multicloud strategies by eliminating the gaps where the bad guys can get in
February 16, 2022 16 Feb'22
2021 another record year for UK cyber investment

Total revenue generated by the UK’s cyber sector was up 14% last year, and UK-registered security firms raised over £1bn in investment
February 15, 2022 15 Feb'22
Botched third-party configuration exposes Internet Society data to web

Personal data on members of The Internet Society was exposed after a supplier failed to secure its Azure storage
February 11, 2022 11 Feb'22
Lack of knowledge disastrous for effective security strategy within Dutch companies

Most Dutch companies still haven’t realised that security is an integral part of their IT and company strategy
February 09, 2022 09 Feb'22
Linux-based clouds an open door for attackers, says VMware

Its prevalence as a cloud operating system means Linux is becoming a meal ticket for malicious actors, but the security industry does not seem to have cottoned on to this yet, says VMware
February 09, 2022 09 Feb'22
Ransomware ever more sophisticated and impactful, warns NCSC

UK’s National Cyber Security Centre teams up with US and Australian partners in a joint advisory warning organisations of the increasing sophistication exhibited by criminal ransomware gangs
February 08, 2022 08 Feb'22
Microsoft to start blocking macros to thwart malware

Microsoft is making changes to web macro permissions across multiple Office apps to help improve user security
February 08, 2022 08 Feb'22
The Security Interviews: Building the UK’s future cyber ecosystem

As the government lays out the next iteration of its Cyber Security Strategy, we speak to Plexal and Lorca’s Saj Huq about his work building a cyber ecosystem to support the UK’s future ambitions
February 07, 2022 07 Feb'22
Umbrella company Parasol confirms data breach linked to cyber attack five weeks ago

In an email to contractors sent out earlier today, umbrella company confirmed some data had been accessed and shared online in the wake of last month’s suspected ransomware attack on its systems
February 04, 2022 04 Feb'22
Check Point looks to plug ASEAN’s cyber security gap

Check Point is shoring up its sales force and partner ecosystem to address the cyber security needs of small and mid-sized businesses in a region that is highly targeted by threat actors
February 02, 2022 02 Feb'22
Zero-trust to soar in 2022, but dogged by implementation challenges

IT leaders are keen to invest in zero-trust, but face issues around a lack of expertise, and selling the concept into the C-suite
February 01, 2022 01 Feb'22
Check Point buys Spectral to safeguard cloud development

Check Point’s latest acquisition of Israel-based startup Spectral expands its developer-centric security toolset
January 25, 2022 25 Jan'22
Cyber Essentials programme gets biggest update since launch

NCSC implements a thorough revision of its Cyber Essentials scheme to reflect the changing security landscape
January 24, 2022 24 Jan'22
India’s cyber security industry doubles in size amid pandemic

Revenues from cyber security products and services reached $9.85bn in 2021 thanks to rapid digitalisation and regulatory attention on data and privacy
January 21, 2022 21 Jan'22
New normal sees SASE, SD-WAN surge as MPLS is phased out

Research confirms that MPLS is ‘out’ and SD-WAN and SASE systems are the clear winners in enterprise networking as more and more European organisations are eliminating all on-prem datacentres, with cloud adoption steaming ahead
January 20, 2022 20 Jan'22
Updated cyber security regulations proposed for managed services sector

The Network and Information Systems regulations are to be updated to include MSPs and outsourcers, following a spate of supply chain attacks
January 19, 2022 19 Jan'22
Trellix looks to democratise access to XDR in APAC

The company formed from the merger of FireEye Enterprise and McAfee will team up with managed service providers, among other efforts, to democratise access to extended detection and response capabilities in the region
January 19, 2022 19 Jan'22
Trellix XDR platform forged out of McAfee, FireEye union

The private equity owners of McAfee Enterprise and FireEye are merging the companies into a new entity to ‘define the future’ of cyber security through XDR technology
January 18, 2022 18 Jan'22
Exium, Teneo team to deliver digital experience, 5G-capable SASE platform

Work-from-anywhere IT services company and cyber security provider enter into partnership to assist lean enterprise IT teams in their transition to a secure access service edge
January 18, 2022 18 Jan'22
Cobalt Strike still C2 infrastructure of choice

Its utility and ease of use, coupled with explosive growth in ransomware actions, makes Cobalt Strike Team Servers the C2 infrastructure of choice for malicious actors
January 12, 2022 12 Jan'22
Macquarie joins NSW government’s cloud supplier panel

New South Wales state agencies will be able to access Macquarie’s sovereign cyber expertise and secure cloud, network and datacentre services
January 11, 2022 11 Jan'22
Almost half of Log4j downloads still dangerously exposed

Whether by error or design is unclear, but a great many IT teams are still exposing themselves by downloading outdated, insecure versions of Apache Log4j
January 11, 2022 11 Jan'22
Proofpoint acquires Singapore data security startup

Proofpoint’s acquisition of Dathena will bolster its data loss prevention capabilities, enabling organisations to better understand information risk through the use of AI
January 05, 2022 05 Jan'22
Google buys Siemplify in first phase of cyber investment

Once integrated into Google Cloud, Siemplify’s platform will serve as the basis for deeper security development at Google
January 03, 2022 03 Jan'22
How APAC firms can stay ahead of cyber threats

Organisations will need to develop behavioural detection, machine learning and threat hunting capabilities to keep pace with the onslaught of cyber attacks
December 23, 2021 23 Dec'21
Top 10 cyber security stories of 2021

Cyber security dominated the headlines in 2021, making it hard to gain a clear picture of what to pay attention to. What is an IT buyer to do?
December 21, 2021 21 Dec'21
IT Priorities 2022: Cloud-first mindset growing in India

Nearly half of organisations in India are expected to spend more on cloud services, underscoring the growing cloud-first mindset that is taking root in the subcontinent