News

Endpoint security

• June 03, 2021 03 Jun'21

  FireEye sold to private equity, Mandiant regains independence

  FireEye has agreed to sell its products business and name to a private equity consortium, while Mandiant will spin out as an independent threat intel business

• May 25, 2021 25 May'21

  CyberSprinters game gives kids a head start, says NCSC

  An online game for primary schools, clubs and youth organisations will teach children aged seven to 11 the fundamentals of staying safe online

• May 25, 2021 25 May'21

  McAfee to change terms of auto-renewing consumer plans

  Consumers who found their McAfee antivirus contracts auto-renewed will be able to get out of their contracts and get their money back

• May 25, 2021 25 May'21

  Legacy vulnerabilities may be biggest enterprise cyber risk

  While high-profile cyber attacks and zero-days grab headlines, statistics gathered by network security specialists Cato suggest CISOs should be addressing legacy threats

• May 24, 2021 24 May'21

  Dutch researchers build security software to mimic human immune system

  Software could help IT systems develop immunity to some cyber attacks in a similar way to how the body fights infection

• May 24, 2021 24 May'21

  Why the security stack needs to move to the edge

  Akamai’s chief technology officer Robert Blumofe makes the case for a decentralised security model to address cyber threats that are emanating from the network edge

• May 20, 2021 20 May'21

  Malicious scans for at-risk systems start minutes after disclosure

  Statistics collated by Palo Alto Networks reveal malicious actors begin scanning the internet for systems at risk of new CVEs within minutes

• May 20, 2021 20 May'21

  HP taps micro virtual machines in endpoint security

  HP’s Wolf Security technology stack uses an endpoint security controller to run computing tasks in micro virtual machines so that any potential malware can be isolated and contained

• May 19, 2021 19 May'21

  Barclays first bank to publish online scam refund details

  All banks must be transparent about the proportion of victims of authorised push payment fraud they refund, says consumer rights organisation Which?

• May 19, 2021 19 May'21

  Flexxon bakes AI into SSDs to fight unknown threats

  Singapore-based Flexxon has developed a solid-state drive that uses artificial intelligence to fend off malware and other unknown threats

• May 18, 2021 18 May'21

  Cisco acquires Kenna Security amid security expansion

  Cisco announces a new acquisition alongside service enhancements around XDR and SASE in support of its security customers

• May 17, 2021 17 May'21

  Government seeks input on supply chain security

  Amid concerns that too few companies are addressing vulnerabilities in their supply chain, DCMS is opening a consultation on new measures to enhance security

• May 14, 2021 14 May'21

  Okta and Auth0 to expand APAC coverage

  Okta’s acquisition of rival Auth0 will enable both companies to expand their footprint in the Asia-Pacific region as demand for identity management services soars amid the pandemic

• May 13, 2021 13 May'21

  Refuge launches tech safety site for domestic abuse victims

  Created with the help of survivors, Refuge’s resource site offers guidance on protecting yourself from tech-enabled domestic abuse

• May 12, 2021 12 May'21

  Microsoft fixes four critical bugs on lighter Patch Tuesday

  Four critical RCE vulnerabilities put users of various Microsoft products at risk, and should be patched right away

• May 11, 2021 11 May'21

  Collaboration key to success of UK’s Cyber Security Council

  The founders of the UK’s Cyber Security Council have been setting out their plans to professionalise the cyber sector at the NCSC’s CyberUK 2021 event

• May 07, 2021 07 May'21

  NCSC publishes smart city security guidelines

  Guidance for local authorities, IT and cyber professionals aims to ensure the security of connected, smart city projects

• May 07, 2021 07 May'21

  Ransomware, supply chain attacks show no sign of abating

  Security experts at Black Hat Asia 2021 discuss the state of ransomware and supply chain attacks, two of the most common attack vectors that offer high returns for threat actors

• May 06, 2021 06 May'21

  Google to introduce mandatory MFA for users

  In future, holders of Google accounts will have no option but to use multifactor authentication if they want to use the firm’s services

• May 06, 2021 06 May'21

  HSBC blocks £249m in UK fraud with voice biometrics

  HSBC voice recognition technology has reduced telephone banking fraud as demand for the channel increases

• May 05, 2021 05 May'21

  Sophos: How timely intervention stopped a ProxyLogon attack

  A recent incident at an undisclosed customer sheds new light on how malicious actors exploit unpatched Microsoft Exchange servers

• May 03, 2021 03 May'21

  New standard to simplify IoT device onboarding

  Fido Alliance’s device onboarding protocol will automate the process of connecting internet-of-things devices to device management platforms while improving security

• April 28, 2021 28 Apr'21

  Recruiters can’t afford to hold out for cyber ‘unicorns’

  The perfect security candidate is hard to find, so hiring policy needs to be more pragmatic

• April 27, 2021 27 Apr'21

  Apple OS updates patch multiple security holes

  The much-heralded release of the privacy-centric iOS 14.5 also brings patches for multiple CVEs, and users of Apple smartphones, tablets and notebooks are best advised to update as soon as possible

• April 27, 2021 27 Apr'21

  North London school wins NCSC girls’ cyber challenge

  Highgate School in North London is the winner of this year’s CyberFirst Girls security competition

• April 27, 2021 27 Apr'21

  The Security Interviews: Making sense of outbound email security

  Screening inbound emails is an accepted part of an organisation’s security posture, but the topic of securing outbound traffic is less often discussed. Zivver’s Rick Goud is on a mission to change this

• April 27, 2021 27 Apr'21

  UnitingCare Queensland hit by cyber attack

  Healthcare service provider UnitingCare Queensland was reportedly hit by a ransomware attack that crippled several IT systems

• April 26, 2021 26 Apr'21

  How Toffs is seizing Asia’s CDN market

  Toffs Technologies is eyeing second- and third-tier cities in Asia as it bolsters its infrastructure and experiments with the use of home networks as content delivery networks

• April 22, 2021 22 Apr'21

  ToxicEye malware exploits Telegram messaging service

  The Telegram instant messaging service is being used by malicious actors to manage a remote access trojan called ToxicEye

• April 21, 2021 21 Apr'21

  NCSC offers teachers free cyber security training

  The NCSC’s latest security training offer builds on a package of measures designed to protect schools from cyber attack

• April 20, 2021 20 Apr'21

  Health app myGP adds Covid-19 vaccine passport function

  The new feature is described as the UK’s first NHS-assured Covid-19 certification feature

• April 20, 2021 20 Apr'21

  UK’s proposed IoT cyber security law gathers momentum

  New statistics appear to vindicate UK government proposals to force suppliers to be upfront about IoT security

• April 20, 2021 20 Apr'21

  Chinese APT exploits critical CVE in Pulse Secure VPN

  A newly disclosed vulnerability in Pulse Secure’s VPN is being exploited by a Chinese advanced persistent threat group – assume compromise and mitigate today

• April 20, 2021 20 Apr'21

  Singapore’s ViewQwest debuts security service

  ViewQwest’s SecureNet service uses Palo Alto Networks’ next-generation firewall with deep packet inspection capabilities to guard against cyber threats

• April 16, 2021 16 Apr'21

  Finnish government strengthens country’s IT network security

  Finland’s government has created a new national organisation to help public and private bodies improve network security

• April 15, 2021 15 Apr'21

  Microsoft is most impersonated brand in phishing attempts

  Technology companies continue to be frequently spoofed by cyber criminals in their phishing attempts

• April 14, 2021 14 Apr'21

  FBI accesses ProxyLogon target servers to disrupt cyber criminals

  US Justice Department reveals successful court-authorised effort to clamp down on ProxyLogon exploitation

• April 14, 2021 14 Apr'21

  NSA unearths more MS Exchange vulnerabilities

  Microsoft patches more critical vulnerabilities in Exchange Server a month after the ProxyLogon incident, after being warned by the US National Security Agency

• April 13, 2021 13 Apr'21

  MP told to ditch official email over hacking fears

  MP Tom Tugendhat claims the intelligence services advised him to switch to the Gmail service due to concerns his parliamentary email could be hacked

• April 13, 2021 13 Apr'21

  Millions of devices at risk from NAME:WRECK DNS bugs

  Newly disclosed set of nine DNS vulnerabilities puts over 100 million consumer, enterprise and industrial IoT devices at risk

• April 13, 2021 13 Apr'21

  EncroChat lawyers raise questions over use of PII secrecy orders on UK decryption capabilities

  Lawyers claim that public interest immunity certificates may have been used to withhold information on UK intelligence agencies’ ability to decrypt encrypted communications

• April 09, 2021 09 Apr'21

  Cring ransomware hits ICS through two-year-old bug

  A long-disclosed vulnerability in Fortinet’s Fortigate VPN servers is being exploited to distribute Cring ransomware

• March 31, 2021 31 Mar'21

  Cyber Security Council to champion UK security pros

  A new cyber security professional body has launched with the aim of developing and promoting UK cyber security excellence globally and growing the skills base

• March 30, 2021 30 Mar'21

  Ransomware attack on London schools highlights warnings

  Ransomware attack on Harris Federation comes just days after a fresh NCSC alert for the education sector

• March 30, 2021 30 Mar'21

  The Security Interviews: How to secure an F1 team in a pandemic

  A multi-year digital transformation programme paid off for F1 team Williams Racing when the 2020 season was abruptly postponed thanks to Covid-19. Learn how the team’s CIO has been supporting remote working and protecting data

• March 29, 2021 29 Mar'21

  Cyber attack takes Channel Nine off-air

  The Australian broadcaster was hit by an alleged ransomware attack that disrupted broadcasting operations in its Sydney studio

• March 26, 2021 26 Mar'21

  Leading Israeli IoT firm lands in US as worldwide malware attacks surge

  With US end-user internet of things devices expected to grow to $1.6tn by 2025 and with more than 5.4 billion IoT connected devices in North America alone, tech firms and the black hat community are weighing up the potential

• March 25, 2021 25 Mar'21

  Four in five UK businesses seek new security suppliers

  Decision-makers are ready to buy new security technology, but suppliers must pay close attention to how they present themselves

• March 25, 2021 25 Mar'21

  Facebook disrupts Chinese espionage operation

  Social media giant’s in-house security team has tracked down and disrupted a long-running Chinese campaign targeting the Uighur Muslim minority

• March 23, 2021 23 Mar'21

  NCSC beefs up support for education sector after spate of attacks

  Refreshed guidance from the NCSC recommends a defence-in-depth strategy as schools and universities face a renewed wave of cyber attacks