News
Cloud security
-
April 22, 2022
22
Apr'22
UAE bolsters cyber security
The United Arab Emirates has successfully improved its security posture amid mounting cyber threats
-
April 21, 2022
21
Apr'22
Zoom adds new round of cyber security enhancements
Videoconferencing platform Zoom adds multiple third-party security certifications and service enhancements
-
April 20, 2022
20
Apr'22
AWS fixes vulnerabilities in Log4Shell hot patch
AWS issues fixes for a series of Log4Shell hot patches after they turned out to leave its services vulnerable to further exploitation
-
April 13, 2022
13
Apr'22
Microsoft patches two zero-days, 10 critical bugs
Patch Tuesday is here once again. This month, security teams must fix two privilege escalation zero-days in the Windows Common Log File System Driver and the Windows User Profile Service
-
April 13, 2022
13
Apr'22
More ANZ organisations warm to DevSecOps
About four in 10 organisations in Australia and New Zealand are undertaking the transition to development, security and operations, while a further 36% plan to do so in 2022, study finds
-
April 12, 2022
12
Apr'22
Universal IAM policy failings put cloud environments at risk
Almost all organisations lack appropriate IAM policy controls to effectively secure their data in the cloud, according to a damning study
-
April 11, 2022
11
Apr'22
Singapore to start licensing cyber security service providers
Those providing penetration testing and SOC services will need to apply for a licence under a new licensing regime that is expected to safeguard consumer interests and improve service standards
-
April 08, 2022
08
Apr'22
Was Spring4Shell a lot of hot air? No, but...
Find out why Spring4Shell was apparently not as impactful a security problem as many had at first feared, and why it’s on the cyber community as a whole to do better
-
April 06, 2022
06
Apr'22
Denonia malware may be first to target AWS Lambda
The newly discovered Denonia malware appears to be custom designed to target AWS Lambda environments, and may be the first of its kind
-
April 04, 2022
04
Apr'22
How remote browser isolation can mitigate cyber threats
Remote browser isolation can help to mitigate browser-based attacks by separating a user’s browsing activity from the device
-
April 01, 2022
01
Apr'22
Four moves to ‘checkmate’ critical assets thanks to lax cloud security
Malicious actors can compromise 94% of critical assets within four steps of the initial breach point, according to a report
-
March 30, 2022
30
Mar'22
Australia to spend A$9.9bn on intelligence and cyber capabilities
The Morrison government is investing in a landmark package of measures to shore up the intelligence and cyber security capabilities of the Australian Signals Directorate
-
March 29, 2022
29
Mar'22
NCSC: Not necessarily wise to ditch Kaspersky
UK’s National Cyber Security Centre issues refreshed guidance on organisations’ usage of technology and services of Russian origin, but stops short of advising users to expunge all Russian products from their IT estates
-
March 29, 2022
29
Mar'22
Singapore rolls out cyber security certification scheme
Two new cyber security marks are expected to provide an edge for Singapore businesses with good cyber security practices
-
March 25, 2022
25
Mar'22
London police arrest seven in connection to Lapsus$
Seven people arrested by London police over cyber attacks carried out by Lapsus$ group, which is responsible for a number of recent, high profile attacks
-
March 24, 2022
24
Mar'22
How India organisations can mitigate cyber threats
Organisations in India will need to invest more in cloud security, gain more visibility into their systems and improve security awareness among employees to fend off cyber attacks
-
March 24, 2022
24
Mar'22
Hiring and retention challenges in cyber security persist
Latest ISACA report shows that enterprises are struggling to find and retain cyber security talent
-
March 17, 2022
17
Mar'22
Kaspersky CEO: Ukraine war must end through diplomacy
Eugene Kaspersky speaks out on the war in Ukraine, and rebuffs Germany’s BSI, branding its warnings over his company’s trustworthiness as insulting
-
March 16, 2022
16
Mar'22
German authorities warn on Kaspersky but stop short of ban
Germany authorities warn Kaspersky users to consider alternatives to the firm’s flagship antivirus software, citing national security concerns and the war on Ukraine
-
March 16, 2022
16
Mar'22
Kubernetes vulnerability underscores repeated security warnings
The disclosure of a new vulnerability in an important container runtime engine that underpins Kubernetes has drawn fresh warnings to pay attention to securing Kubernetes environments
-
February 28, 2022
28
Feb'22
Cloudflare: Our network is our product
Cloudflare’s chief product officer explains why its network is its product and how it protects organisations against cyber threats
-
February 25, 2022
25
Feb'22
Irish data watchdog calls for ‘objective metrics’ for big tech regulation
Helen Dixon, Ireland’s data protection commissioner, says EU regulators must agree on metrics to measure the effectiveness of data protection regulation
-
February 23, 2022
23
Feb'22
Salesforce pays out over £2m in bug bounties
Salesforce says it received more than 4,000 vulnerability reports in 2021 alone as it delivers a rare public update on its bug bounty programme
-
February 23, 2022
23
Feb'22
Microsoft extends Defender umbrella to Google Cloud Platform
Redmond says extending Defender for Cloud native capabilities to the Google Cloud Platform will help simplify security for organisations pursuing multicloud strategies by eliminating the gaps where the bad guys can get in
-
February 16, 2022
16
Feb'22
2021 another record year for UK cyber investment
Total revenue generated by the UK’s cyber sector was up 14% last year, and UK-registered security firms raised over £1bn in investment
-
February 15, 2022
15
Feb'22
Botched third-party configuration exposes Internet Society data to web
Personal data on members of The Internet Society was exposed after a supplier failed to secure its Azure storage
-
February 11, 2022
11
Feb'22
Lack of knowledge disastrous for effective security strategy within Dutch companies
Most Dutch companies still haven’t realised that security is an integral part of their IT and company strategy
-
February 09, 2022
09
Feb'22
Linux-based clouds an open door for attackers, says VMware
Its prevalence as a cloud operating system means Linux is becoming a meal ticket for malicious actors, but the security industry does not seem to have cottoned on to this yet, says VMware
-
February 09, 2022
09
Feb'22
Ransomware ever more sophisticated and impactful, warns NCSC
UK’s National Cyber Security Centre teams up with US and Australian partners in a joint advisory warning organisations of the increasing sophistication exhibited by criminal ransomware gangs
-
February 08, 2022
08
Feb'22
Microsoft to start blocking macros to thwart malware
Microsoft is making changes to web macro permissions across multiple Office apps to help improve user security
-
February 08, 2022
08
Feb'22
The Security Interviews: Building the UK’s future cyber ecosystem
As the government lays out the next iteration of its Cyber Security Strategy, we speak to Plexal and Lorca’s Saj Huq about his work building a cyber ecosystem to support the UK’s future ambitions
-
February 07, 2022
07
Feb'22
Umbrella company Parasol confirms data breach linked to cyber attack five weeks ago
In an email to contractors sent out earlier today, umbrella company confirmed some data had been accessed and shared online in the wake of last month’s suspected ransomware attack on its systems
-
February 04, 2022
04
Feb'22
Check Point looks to plug ASEAN’s cyber security gap
Check Point is shoring up its sales force and partner ecosystem to address the cyber security needs of small and mid-sized businesses in a region that is highly targeted by threat actors
-
February 02, 2022
02
Feb'22
Zero-trust to soar in 2022, but dogged by implementation challenges
IT leaders are keen to invest in zero-trust, but face issues around a lack of expertise, and selling the concept into the C-suite
-
February 01, 2022
01
Feb'22
Check Point buys Spectral to safeguard cloud development
Check Point’s latest acquisition of Israel-based startup Spectral expands its developer-centric security toolset
-
January 25, 2022
25
Jan'22
Cyber Essentials programme gets biggest update since launch
NCSC implements a thorough revision of its Cyber Essentials scheme to reflect the changing security landscape
-
January 24, 2022
24
Jan'22
India’s cyber security industry doubles in size amid pandemic
Revenues from cyber security products and services reached $9.85bn in 2021 thanks to rapid digitalisation and regulatory attention on data and privacy
-
January 21, 2022
21
Jan'22
New normal sees SASE, SD-WAN surge as MPLS is phased out
Research confirms that MPLS is ‘out’ and SD-WAN and SASE systems are the clear winners in enterprise networking as more and more European organisations are eliminating all on-prem datacentres, with cloud adoption steaming ahead
-
January 20, 2022
20
Jan'22
Updated cyber security regulations proposed for managed services sector
The Network and Information Systems regulations are to be updated to include MSPs and outsourcers, following a spate of supply chain attacks
-
January 19, 2022
19
Jan'22
Trellix looks to democratise access to XDR in APAC
The company formed from the merger of FireEye Enterprise and McAfee will team up with managed service providers, among other efforts, to democratise access to extended detection and response capabilities in the region
-
January 19, 2022
19
Jan'22
Trellix XDR platform forged out of McAfee, FireEye union
The private equity owners of McAfee Enterprise and FireEye are merging the companies into a new entity to ‘define the future’ of cyber security through XDR technology
-
January 18, 2022
18
Jan'22
Exium, Teneo team to deliver digital experience, 5G-capable SASE platform
Work-from-anywhere IT services company and cyber security provider enter into partnership to assist lean enterprise IT teams in their transition to a secure access service edge
-
January 18, 2022
18
Jan'22
Cobalt Strike still C2 infrastructure of choice
Its utility and ease of use, coupled with explosive growth in ransomware actions, makes Cobalt Strike Team Servers the C2 infrastructure of choice for malicious actors
-
January 12, 2022
12
Jan'22
Macquarie joins NSW government’s cloud supplier panel
New South Wales state agencies will be able to access Macquarie’s sovereign cyber expertise and secure cloud, network and datacentre services
-
January 11, 2022
11
Jan'22
Almost half of Log4j downloads still dangerously exposed
Whether by error or design is unclear, but a great many IT teams are still exposing themselves by downloading outdated, insecure versions of Apache Log4j
-
January 11, 2022
11
Jan'22
Proofpoint acquires Singapore data security startup
Proofpoint’s acquisition of Dathena will bolster its data loss prevention capabilities, enabling organisations to better understand information risk through the use of AI
-
January 05, 2022
05
Jan'22
Google buys Siemplify in first phase of cyber investment
Once integrated into Google Cloud, Siemplify’s platform will serve as the basis for deeper security development at Google
-
January 03, 2022
03
Jan'22
How APAC firms can stay ahead of cyber threats
Organisations will need to develop behavioural detection, machine learning and threat hunting capabilities to keep pace with the onslaught of cyber attacks
-
December 23, 2021
23
Dec'21
Top 10 cyber security stories of 2021
Cyber security dominated the headlines in 2021, making it hard to gain a clear picture of what to pay attention to. What is an IT buyer to do?
-
December 21, 2021
21
Dec'21
IT Priorities 2022: Cloud-first mindset growing in India
Nearly half of organisations in India are expected to spend more on cloud services, underscoring the growing cloud-first mindset that is taking root in the subcontinent