News

Data breach incident management and recovery

• September 27, 2019 27 Sep'19

  Five million DoorDash customers’ details lost in data breach

  Takeaway delivery service was breached in May 2019, resulting in the data of millions of users and delivery drivers being stolen

• September 27, 2019 27 Sep'19

  GDPR compliance: Whose job is it and is it really possible?

  Nobody seems to have a good handle on business GDPR compliance, how many businesses are compliant, or indeed what compliance really is, but according to security experts, it very much depends on who you talk to

• September 26, 2019 26 Sep'19

  Attackers breached supplier systems to steal Airbus secrets

  Airbus has been the subject of at least four major cyber attacks in the past 12 months, with contractors and suppliers targeted through their VPNs

• September 26, 2019 26 Sep'19

  Overinvestment breeds overconfidence among security pros

  CISOs have made an abundance of security investments in multiple suppliers, but this might not be the right approach

• September 26, 2019 26 Sep'19

  Teen TalkTalk hacker accused of cryptocurrency fraud in US

  Elliott Gunton, one of the teenage hackers who broke into TalkTalk’s systems in 2015, faces extradition to the US to face fraud charges

• September 24, 2019 24 Sep'19

  Singapore payment card data compromised by JavaScript sniffers

  Raw data of thousands of payment cards issued by Singapore banks stolen by the online equivalent of a traditional card sniffer

• September 24, 2019 24 Sep'19

  Enterprises exposed to data loss by cloud configuration errors

  Only 1% of misconfigured cloud environments are spotted and attackers are capitalising on this, claims McAfee

• September 24, 2019 24 Sep'19

  Google pushes back on scale of YouTube phishing threat

  Millions of YouTubers may be at risk after some high-profile influencers reported their accounts were compromised in an apparent phishing attack, but the platform’s owner, Google, is not so sure

• September 18, 2019 18 Sep'19

  WannaCry variants accidentally protecting against WannaCry

  New variants of the infamous WannaCry malware continue to emerge, and many of them have accidentally turned themselves into a somewhat effective, although ill-advised, vaccine against infection

• September 18, 2019 18 Sep'19

  Emotet phishing botnet returns from summer vacation

  The Emotet phishing trojan-turned-botnet is back in action after a three-and-a-half month break, say threat researchers

• September 17, 2019 17 Sep'19

  Ecuador citizens’ data breach holds lessons for enterprises

  What caused the mass breach of Ecuadorian citizens’ data, and what can businesses learn from it?

• September 16, 2019 16 Sep'19

  Ensign InfoSecurity opens global headquarters in Singapore

  The Singapore-based cyber security firm’s new headquarters will also be home to a new security operations centre that will be supported by Singapore-centric threat intelligence

• September 13, 2019 13 Sep'19

  When AIs go to war: Autonomous cyber weapons ‘inevitable’

  CISOs must start thinking about how to engage with intelligent, adaptive, non-human attackers, says Trend Micro’s Rik Ferguson

• September 12, 2019 12 Sep'19

  UN agency Unicef praised for response to accidental data leak

  The UN’s children’s agency has disclosed an inadvertent leak of personal data belonging to users of its online learning platform Agora

• September 12, 2019 12 Sep'19

  Mirai descendants dominate IoT threat environment

  Attacks leveraging compromised IoT devices are growing in size, scale and frequency, report security experts at F-Secure and Trend Micro, with Mirai-related botnets a major source of trouble

• September 11, 2019 11 Sep'19

  Equifax and Heartbleed are most-Googled cyber security terms

  Analysis of 15 years’ worth of Google search data has revealed some insight into what cyber security trends are capturing the imagination

• September 11, 2019 11 Sep'19

  GDPR non-compliance worse than feared

  Over half of UK businesses do not yet appear to be fully GDPR-compliant, and many have de-prioritised their compliance efforts

• September 09, 2019 09 Sep'19

  Social engineering a factor in virtually all cyber attacks, report claims

  Almost every single cyber attack will, at some stage, require a human to be tricked into doing something, according to research by Proofpoint

• September 06, 2019 06 Sep'19

  Australia government to chart 2020 cyber security strategy

  Australia’s home affairs ministry has released a discussion paper to seek views from all segments of society on the country’s next cyber security blueprint

• September 05, 2019 05 Sep'19

  Singapore’s SecureAge eyes US market

  The Singapore-based supplier of encryption and anti-malware tools has set up a new office in Greater Washington, DC as the next logical step in its global expansion plan

• August 29, 2019 29 Aug'19

  Finland’s security agencies collaborate after cyber attacks

  National Bureau of Investigations and National Cyber Security Centre aim to increase expertise and capability to defend Finland’s critical IT infrastructure

• August 22, 2019 22 Aug'19

  A helping hand from the Nordics in the eye of the GDPR storm

  Nordic IT companies are well suited to supporting enterprises in their data protection projects, even though openness is more natural to them

• August 21, 2019 21 Aug'19

  Box aims to shield businesses from data loss threat

  Box has introduced an add-in to its cloud-based collaboration platform to lock down and monitor access to files and folders

• August 21, 2019 21 Aug'19

  Silence APT group eyes APAC banks

  Russian-speaking advanced persistent threat group has set its sights on banks in the region, customising its arsenal for targeted attacks

• August 19, 2019 19 Aug'19

  How EDR is moving beyond the endpoint

  An emerging breed of detection and response offerings is going beyond endpoints to collect and decipher telemetry data from across the enterprise

• August 14, 2019 14 Aug'19

  DCMS funding aims to increase diversity in cyber sector

  A funding round has been announced as part of the Cyber Skills Immediate Impact Fund (CSIIF) with aims of encouraging more diverse talent into the UK’s cyber security sector

• August 14, 2019 14 Aug'19

  GDPR faces growing pains across Europe

  The General Data Protection Regulation is over a year old now, but it faces challenges across Europe where compliance has taken place at different speeds

• August 14, 2019 14 Aug'19

  Digital domain identified as major security threat by Norway’s intelligence service

  Norway's intelligence services has revealed the extent of the threat posed to the country by cyber attacks

• August 07, 2019 07 Aug'19

  Southeast Asian ‘white hat’ urges more countries to sign the Paris Call

  A renowned ethical hacker in Malaysia has called for more nations to support the Paris Call for Trust and Security in Cyberspace to counter the threat of cyber warfare

• August 01, 2019 01 Aug'19

  Leaked Sephora databases peddled on dark web

  Cyber security firm finds two databases likely to be related to the Sephora data breach that affected online customers in Southeast Asia, Australia and New Zealand

• July 30, 2019 30 Jul'19

  Australian firms grappling with “train-smash” of security legislation

  While businesses should avoid going into checkbox compliance mode, the constant flux of regulations on cyber security and privacy has led to calls for more legislative coherence from regulators

• July 29, 2019 29 Jul'19

  Cyber kill chain is outdated, says Carbon Black

  The chief cyber security officer of Carbon Black calls for a new cognitive paradigm to fend off cyber adversaries that are now attacking in cycles

• July 25, 2019 25 Jul'19

  F-Secure talks up threat-hunting to stay ahead of cyber attacks in APAC

  Cyber security firm calls for organisations to double up on threat-hunting now that nearly all attack and reconnaissance traffic is automated

• July 24, 2019 24 Jul'19

  Zuckerberg responsible for Facebook privacy compliance after $5bn FTC fine

  Facebook pays record fine after breaching users’ privacy, following settlements with Federal Trade Commission and Securities and Exchange Commission

• July 23, 2019 23 Jul'19

  Microsoft talks up benefits and pitfalls of machine learning in security

  Software giant Microsoft uses machine learning models to detect emerging threats while keeping an eye on potential bias in security data points that could derail its analysis

• July 22, 2019 22 Jul'19

  US fines Equifax $700m over 2017 breach

  Global settlement with US authorities follows systems breach that saw more than 140 million customer records stolen

• July 18, 2019 18 Jul'19

  Singapore shores up data protection capabilities

  The Singapore government has developed a skills framework for data protection officers and is looking to certify organisations under a regional cross-border privacy rules system

• July 15, 2019 15 Jul'19

  UK boards ignoring £30bn cyber risk

  Despite the danger posed by cyber attacks to mid-sized companies, boards are not prepared to manage the risk and firms are over-confident in their cyber capabilities, report finds

• July 05, 2019 05 Jul'19

  St John Ambulance praised for response to ransomware attack

  Charity’s response to ransomware attack demonstrates that it is possible to ensure minimal disruption if properly prepared

• July 04, 2019 04 Jul'19

  APAC experts weigh in on cyber security trends

  The onslaught of cyber attacks being reported each day has been a wake-up call, but experts say businesses need to be mindful of the limitations of certain security measures

• July 02, 2019 02 Jul'19

  Sweden’s Protective Security Act targets cyber risks

  IT suppliers must comply with tighter cyber security requirements, but are being offered help from government agencies

• June 27, 2019 27 Jun'19

  Dutch bank and researchers begin defence against quantum computing’s dark side

  ABN Amro is working with QuTech to ensure that banks can protect data against quantum computers in the future

• June 26, 2019 26 Jun'19

  Singapore government forms digital industry office

  New office will help local tech firms grow their regional footprint and build new capabilities in order to thrive in APAC’s booming digital economy

• June 20, 2019 20 Jun'19

  Online porn age-verification checks delayed for six months

  Changes to force UK internet users to prove their age to access adult content are postponed for a third time because of failure to notify the European Commission of key policy details

• June 18, 2019 18 Jun'19

  Singapore faced fewer cyber threats in 2018

  Despite the fall in the number of common cyber threats last year, Singapore will continue to face advanced persistent threats, CSA warns

• June 07, 2019 07 Jun'19

  How ASEAN firms are using AI to combat cyber threats

  Artificial intelligence tools are becoming a vital part of the security arsenal for organisations and cyber criminals alike

• June 04, 2019 04 Jun'19

  Businesses investing blindly in cyber security

  Businesses need to find out what their real cyber risks and weaknesses are before investing in new technologies, says ethical hacker

• June 03, 2019 03 Jun'19

  Australia’s Notifiable Data Breaches scheme drives compliance but issues remain

  Australia’s data breach notification rules have largely been complied with, but some quarters are calling for more clarity on the reporting threshold and tougher action against errant firms

• May 31, 2019 31 May'19

  Facebook loses bid to halt European court decision on EU-US data sharing

  Irish Supreme Court dismisses attempt by Facebook to prevent the European Court of Justice considering the validity of US-EU data transfers, after Austrian lawyer Max Schrems argued that they put the privacy of EU citizens at risk

• May 28, 2019 28 May'19

  Perfect storm for data science in security

  After nearly 20 years of research, the perfect storm of computing technologies is finally enabling data science to realise its potential to make valuable contributions to improving cyber security capabilities