News

Endpoint security

• July 12, 2022 12 Jul'22

  Microsoft Windows Autopatch now generally available

  Microsoft customers with Windows Enterprise E3 and E5 licences can now take full advantage of its new automated patching service

• July 12, 2022 12 Jul'22

  Singapore doubles down on OT security

  The Cyber Security Agency of Singapore will fund 80 scholarships to groom a talent pool of operational technology security experts, among other efforts to bolster the security of critical infrastructure in the city-state

• July 11, 2022 11 Jul'22

  Microsoft VBA macro block will return

  Microsoft provides more details about its sudden decision to rollback a landmark security policy, and reassures users it is a temporary measure

• July 11, 2022 11 Jul'22

  SMEs lagging on multifactor authentication

  Only 46% of small business owners say they have implemented multifactor authentication, and just 13% mandate its use, according to a report

• July 08, 2022 08 Jul'22

  Microsoft appears to reverse VBA macro-blocking

  Microsoft quietly reverses VBA macro-blocking across its Office portfolio in a move that has left security experts puzzled

• July 07, 2022 07 Jul'22

  Amid NSO lawsuit, Apple expands spyware protections

  Apple previews a new feature called Lockdown Mode to protect iPhone and iPad users from ‘mercenary spyware’

• July 06, 2022 06 Jul'22

  Plexal seeks new scaleups for next phase of Cyber Runway

  Established security startups looking to grow and scale their operations are being invited to join the next phase of Plexal’s Cyber Runway programme

• June 27, 2022 27 Jun'22

  Commercial cyber products must be used responsibly, says NCSC CEO

  NCSC’s Lindy Cameron is to speak out on responsible regulation of cyber capabilities at an event in Tel Aviv, Israel

• June 24, 2022 24 Jun'22

  US cyber agency in fresh warning over Log4Shell risk to VMware

  Many VMware Horizon and UAG servers remain defenceless against Log4Shell, and organisations continue to fall victim to the vulnerability

• June 22, 2022 22 Jun'22

  How TDCX is building a people-centric business

  Every digital tool deployed by the Singapore-based services firm is aimed at augmenting the performance and experience of its employees, says TDCX’s group CIO, Byron Fernandez

• June 19, 2022 19 Jun'22

  Aussie mobile users most vulnerable to security threats

  Australia has the highest percentage of mobile app threats detected on a per-device basis, with iPhone users more likely to download a risky app than an Android user, study finds

• June 16, 2022 16 Jun'22

  Dundee security research centre opens with support from SBRC

  An £18m hub at Abertay University in Dundee forms the centrepiece of Scotland’s first security research cluster

• June 16, 2022 16 Jun'22

  Office 365 loophole may give ransomware an easy shot at your files

  Researchers at Proofpoint have discovered potentially dangerous Microsoft Office 365 functionality that they believe may give ransomware a clear shot at files stored on SharePoint and OneDrive

• June 15, 2022 15 Jun'22

  Patch Tuesday dogged by concerns over Microsoft vulnerability response

  The last Patch Tuesday in its current form is overshadowed by persistent concerns about how Microsoft deals with vulnerability disclosure

• June 13, 2022 13 Jun'22

  Qatar bolsters cyber security in preparation for World Cup

  With hackers honing their cyber weapons to target the upcoming football World Cup, Qatar is busy developing countermeasures and raising awareness

• June 10, 2022 10 Jun'22

  Researchers find eight CVEs in single building access system

  A series of eight vulnerabilities in Carrier LenelS2 building access panels could enable malicious actors to obtain physical access to their targets

• June 08, 2022 08 Jun'22

  China using top consumer routers to hack Western comms networks

  An advisory from US cyber authorities shares details of multiple vulnerabilities exploited by Chinese state actors to hack into Western telecoms networks

• June 01, 2022 01 Jun'22

  Executive interview: Jeetu Patel, general manager of collaboration and security, Cisco

  Anyone with an idea can help solve a problem if geography and distance don’t matter when bringing in talent, says Cisco’s collaboration and security chief

• May 31, 2022 31 May'22

  Researchers discover zero-day Microsoft vulnerability in Office

  Malicious Word documents have been used to invoke a previously undisclosed vulnerability in Microsoft Office without user interaction through Windows utility functions

• May 31, 2022 31 May'22

  Industrial systems not safe for the future, say Dutch ethical hackers

  Ethical hackers in the Netherlands say operational technology and IT networks need to be integrated to prevent cyber attacks penetrating their operations

• May 31, 2022 31 May'22

  Singapore doubles down on quantum technology

  The city-state is shoring up its quantum talent and quantum device manufacturing capabilities in a bid to advance its knowhow in the emerging technology

• May 25, 2022 25 May'22

  Rubrik charts data security path

  Backup and recovery software provider Rubrik now sees itself as a cyber security company that helps organisations recover from ransomware and other data security threats

• May 23, 2022 23 May'22

  How Ivanti views patch management with a security lens

  Bringing development, operations and security teams together will help organisations to improve their visibility of IT assets and vulnerabilities while keeping threat actors at bay

• May 20, 2022 20 May'22

  Microsoft drops emergency patch after Patch Tuesday screw up

  Microsoft fixed a certificate mapping issue that caused server authentication failures on domain controllers for users that had installed the most recent Patch Tuesday updates

• May 20, 2022 20 May'22

  Chinese cyber spooks exploit western sanctions on Russia

  The actor behind an ongoing Chinese espionage campaign targeting Russian defence research bodies is taking advantage of the Ukraine war in their phishing lures

• May 19, 2022 19 May'22

  Red teaming will be standard in Dutch governmental organisations by 2025

  The Dutch government wants to include the testing of the digital security of systems, processes and people – also known as red teaming – in all of its governmental organisations’ test planning and budgeting by 2025 at the latest

• May 19, 2022 19 May'22

  Singapore opens security testing centre

  Joint centre set up by the Cyber Security Agency of Singapore and a local university will facilitate security testing and train security evaluation talent

• May 18, 2022 18 May'22

  Mastercard biometric programme will allow payment authentication by smile

  Mastercard is inviting banks and merchants to join a programme to set standards for biometric payments technology

• May 17, 2022 17 May'22

  Australian CISOs least prepared for cyber attacks

  Australian CISOs are under pressure and feel the least prepared globally to deal with the consequences of a cyber attack, study finds

• May 12, 2022 12 May'22

  APAC career guide: Becoming a cyber security pro

  The region’s burgeoning cyber security industry has attracted more talent last year, but it takes more than just technical knowhow to succeed in the field

• May 11, 2022 11 May'22

  Emotet has commanding lead on Check Point monthly threat chart

  Emotet remains by some margin the most prevalent malware, according to Check Point’s latest monthly statistics

• May 11, 2022 11 May'22

  Microsoft fixes three zero-days on May Patch Tuesday

  It’s the second-to-last Patch Tuesday as we know it, and Microsoft has fixed a total of 75 bugs, including three zero-days

• May 09, 2022 09 May'22

  CyberUK 22: NCSC’s ACD programme blocks 2.7 million scams

  On the opening day of its annual CyberUK event, the NCSC reveals how organisations around the country have used its Active Cyber Defence programme to their advantage

• May 04, 2022 04 May'22

  Intellectual property theft operation attributed to Winnti group

  Winnti conducted a prolonged cyber espionage campaign that went undetected for years, allowing it to exfiltrate massive amounts of corporate data and intellectual property

• May 04, 2022 04 May'22

  UK government puts pressure on IT sector to clean up app security

  Apps can be exploited to carry malicious payloads that steal personal information and cause financial loss – and not enough is being done to secure them

• April 28, 2022 28 Apr'22

  Manufacturer sues JPMorgan after cyber criminals stole $272m

  Manufacturer files lawsuit alleging that US bank failed to inform it of suspicious transaction activity

• April 27, 2022 27 Apr'22

  Log4Shell, ProxyLogon, ProxyShell among most exploited bugs of 2021

  These 15 CVEs were the most commonly exploited last year, and if you haven’t mitigated against them, now is the time

• April 26, 2022 26 Apr'22

  Coralogix makes foray into cyber security with Snowbit

  Observability platform supplier Coralogix has set up a cyber security venture and a global security resource centre in India to tap the growth opportunities in the subcontinent

• April 25, 2022 25 Apr'22

  Mimecast makes deeper push into ASEAN

  Mimecast opens regional office in Singapore and is looking at setting up a datacentre in Southeast Asia as it makes a deeper push into the region

• April 22, 2022 22 Apr'22

  How Adnovum is leveraging its Swiss roots

  Software company Adnovum is leveraging its strengths in identity and access management and its Swiss heritage as it expands into new markets and areas such as zero-trust security

• April 22, 2022 22 Apr'22

  UAE bolsters cyber security

  The United Arab Emirates has successfully improved its security posture amid mounting cyber threats

• April 21, 2022 21 Apr'22

  Zoom adds new round of cyber security enhancements

  Videoconferencing platform Zoom adds multiple third-party security certifications and service enhancements

• April 20, 2022 20 Apr'22

  One-third of scams that hit TSB are impersonation fraud

  TSB reports an increase in fraudsters impersonating trusted organisations to trick consumers into making payments to them

• April 19, 2022 19 Apr'22

  Hammers sign Acronis as backup and security in one

  West Ham United set to replace separate backup from Veeam and a variety of security products with Acronis Cyber Protect to have backup, data protection and file share on a single platform

• April 19, 2022 19 Apr'22

  Windows 7 and XP still more popular than Windows 11

  Lansweeper audit of Windows devices finds more people are running unsupported Windows operating systems than the newest release

• April 14, 2022 14 Apr'22

  Lack of expertise hurting UK government’s cyber preparedness

  UK government bodies and critical infrastructure owners cite a lack of staff resources, and internal and external expertise, as hampering factors when it comes to cyber readiness, according to a report

• April 13, 2022 13 Apr'22

  Microsoft patches two zero-days, 10 critical bugs

  Patch Tuesday is here once again. This month, security teams must fix two privilege escalation zero-days in the Windows Common Log File System Driver and the Windows User Profile Service

• April 11, 2022 11 Apr'22

  Singapore to start licensing cyber security service providers

  Those providing penetration testing and SOC services will need to apply for a licence under a new licensing regime that is expected to safeguard consumer interests and improve service standards

• April 11, 2022 11 Apr'22

  Raspberry Pi Foundation ditches default username policy

  Raspberry Pi owners will no longer be able to use the default ‘pi’ username, as the Raspberry Pi Foundation clamps down on insecure practices

• April 06, 2022 06 Apr'22

  Apple criticised over unpatched CVEs in Catalina, Big Sur

  Apple patched two zero-days in macOS Monterey last week, but did not address the same issue in Catalina or Big Sur, raising questions