News

Endpoint security

August 28, 2024 28 Aug'24
Iranian APT Peach Sandstorm teases new Tickler malware

Peach Sandstorm, an Iranian state threat actor, has developed a dangerous new malware strain that forms a key element of a rapidly evolving attack sequence
August 28, 2024 28 Aug'24
Global cyber spend to rise 15% in 2025, pushed along by AI

Security spending will increase at pace in 2025, with artificial intelligence, cloud and consultancy services all pushing outlay to new highs, according to Gartner
August 28, 2024 28 Aug'24
How Kaspersky is driving growth in APAC

Kaspersky is leveraging its threat intelligence capabilities and local market knowledge to navigate geopolitical tensions and expand its footprint across the Asia-Pacific region
August 27, 2024 27 Aug'24
Palo Alto Networks bets on ‘precision AI’

Palo Alto Networks’ regional leader, Steven Scheurmann, explains how machine learning, neural networks and generative AI can help to prevent breaches in what it calls ‘precision AI’

August 22, 2024 22 Aug'24
New Qilin tactics a ‘bonus multiplier’ for ransomware chaos

Sophos X-Ops caught the Qilin ransomware gang stealing credentials stored by victims' employees in Google Chrome, heralding further cyber attacks and breaches down the line.
August 20, 2024 20 Aug'24
Helsinki braced for elevated cyber attacks

The City of Helsinki is increasing its collaboration with cyber security and crime investigators following a major attack on its systems
August 19, 2024 19 Aug'24
Challenges of deploying PQC globally

Quantum computers will eventually be powerful and reliable enough to crack strong encryption. PQC is the answer, but it could take years to deploy
August 19, 2024 19 Aug'24
Popular Microsoft apps for Mac at risk of code injection attacks

Researchers at Cisco Talos turn up evidence suggesting that Microsoft apps running on the Apple macOS operating system are not as secure as they seem
August 14, 2024 14 Aug'24
August Patch Tuesday proves busy with six zero-days to fix

Microsoft patches six actively exploited zero-days among over 100 issues during its regular monthly update
August 05, 2024 05 Aug'24
Chinese cyber attack sparks alert over six-year-old MS vuln

After a proof-of-concept for a six-year-old Microsoft vulnerability emerged in a Chinese APT attack chain, defenders should be on the look-out for exploitation of CVE-2018-0824

August 02, 2024 02 Aug'24
How CrowdStrike is leveraging AI to empower security teams

CrowdStrike CTO Elia Zaitsev explains how the company’s multi-agent AI architecture can help to enhance analyst efficiency and tackle cyber security challenges
August 01, 2024 01 Aug'24
CrowdStrike shareholders sue, alleging false security claims

A US pension fund is lining up a lawsuit against CrowdStrike, claiming the cyber company lied about the integrity of its systems, leading to failings that caused a worldwide IT outage
July 24, 2024 24 Jul'24
CrowdStrike chaos: Enterprises urged to take protective action in wake of botched software update

Enterprises that emerged unscathed from the roll-out of the botched CrowdStrike software update are being urged to view it as a wake-up call rather than a lucky escape
July 21, 2024 21 Jul'24
CrowdStrike update snafu affected 8.5 million Windows devices

About 8.5 million devices globally were hit by the botched CrowdStrike update, with a significant number now back online and operational
July 18, 2024 18 Jul'24
Netscout expands network observability for the digital edge

Network performance management firm announces business edge observability for networks, applications and user experience to mitigate risk and reduce mean time to respond
July 17, 2024 17 Jul'24
How iProov is fending off deepfake fraud

Facial biometrics and controlled illumination can detect liveness, verify identities and help prevent deepfake attacks
July 16, 2024 16 Jul'24
Incubator Plexal heads to Singapore for CyberBoost

Cyber startup hub Plexal expands its presence to Singapore through a new initiative, and sets its sights on helping new UK businesses break into the booming Asia-Pacific market
July 15, 2024 15 Jul'24
How Snowflake is tackling AI challenges

Snowflake’s regional leader Sanjay Deshmukh outlines how the company is helping customers to tackle the security, skills and cost challenges of AI implementations
July 11, 2024 11 Jul'24
Dutch research firm TNO pictures the SOC of the future

In only a few years, security operations centres will have a different design and layout, and far fewer will remain
July 09, 2024 09 Jul'24
Chinese spies target vulnerable home office kit to run cyber attacks

China’s APT40 is ramping up targeting of victims using vulnerable small and home office networking kit as command and control infrastructure, according to an international alert
July 09, 2024 09 Jul'24
Lessons from war: How Israel is fighting Iranian state-backed hacking

The general director of the Israel National Cyber Directorate talks about the rise in cyber attacks and what lessons the country has gleaned to defend against hacking from foreign parties
June 26, 2024 26 Jun'24
Israel’s cyber chief calls for international front against Iranian hackers

Israel’s cyber chief has called for international action against Iran over state-backed hacking
June 21, 2024 21 Jun'24
Kaspersky says it can continue to sell cyber threat intelligence in spite of US ban

The US government is stopping Kaspersky Lab from offering its antivirus software and cyber security tools to US firms and citizens
June 12, 2024 12 Jun'24
RCE flaw and DNS zero-day top list of Patch Tuesday bugs

An RCE vulnerability in a Microsoft messaging feature and a third-party flaw in a DNS authentication protocol are the most pressing issues to address in Microsoft’s latest Patch Tuesday
June 07, 2024 07 Jun'24
Sophos uncovers Chinese state-sponsored campaign in Southeast Asia

Sophos found three distinct clusters of activity targeted at a high-level government organisation that appeared to be tied to Chinese interests in the South China Sea
May 22, 2024 22 May'24
Rockwell urges users to disconnect ICS equipment

ICS systems maker Rockwell Automation calls on users to take steps to secure their equipment, and reminds them there is no reason to ever have its hardware connected to the public internet, as it tracks an increase in global threat activity
May 15, 2024 15 May'24
GCHQ to protect politicians and election candidates from cyber attacks

The National Cyber Security Centre, part of GCHQ, to protect election candidates from hostile state cyber attacks
May 06, 2024 06 May'24
Microsoft beefs up cyber initiative after hard-hitting US report

Microsoft is expanding its recently launched Secure Future Initiative in the wake of a hard-hitting US government report on recent nation state intrusions into its systems
April 30, 2024 30 Apr'24
Bad bot traffic in Australia grew 23% in 2023

Traffic from bad bots that perform malicious tasks accounted for 30.2% of Australia’s internet traffic in 2023
April 29, 2024 29 Apr'24
UK’s long-awaited device security law kicks in

The Product Security and Telecommunications Infrastructure Act has become law across the UK, enforcing basic cyber security standards across connected products sold to the public
April 25, 2024 25 Apr'24
Zero trust is a strategy, not a technology

Zero-trust security should be seen as a strategy to protect high-value assets and is not tied to a specific technology or product, says the model’s creator John Kindervag
April 24, 2024 24 Apr'24
Cyber training leader KnowBe4 to buy email security firm Egress

Security awareness training and phishing simulation specialist KnowBe4 is to buy email security expert Egress
April 23, 2024 23 Apr'24
GooseEgg proves golden for Fancy Bear, says Microsoft

Microsoft’s threat researchers have uncovered GooseEgg, a never-before-seen tool being used by Forest Blizzard, or Fancy Bear, in conjunction with vulnerabilities in Windows Print Spooler
April 18, 2024 18 Apr'24
CSA warns of emerging security risks with cloud and AI

Few users appreciate the security risks of cloud and have the expertise to implement the complex security controls, says CSA chief executive David Koh
April 16, 2024 16 Apr'24
CW Innovation Awards: Balancing security and user experience

The National University of Singapore’s Safe initiative has strengthened the security of IT systems and end-user devices while prioritising user experience through passwordless access
April 12, 2024 12 Apr'24
Apple iPhone security alert renews spyware concerns

An Apple security alert received by users in 92 countries raises fresh fears over ongoing campaigns by users of mercenary spyware products
April 10, 2024 10 Apr'24
Breakthrough may herald secure home quantum computing

An emerging approach to quantum security dubbed blind quantum computing may one day help spur mass adoption of quantum computing safely and securely, using technology that is already available today
April 10, 2024 10 Apr'24
Patch Tuesday: Windows Server 2008 receives emergency security patch

Support for the OS ended in 2020, but four years on and there's a live exploit of a security flaw that impacts all Windows users
April 08, 2024 08 Apr'24
What Cisco’s Splunk acquisition means for APAC customers

APAC organisations can expect better visibility and insights into their networks and applications along with automation and response capabilities to improve their digital resilience
April 05, 2024 05 Apr'24
How Oracle Red Bull Racing guards against cyber threats

The F1 team is tapping managed security services, conducting penetration tests and improving security awareness among employees to fend off cyber threats such as phishing and ransomware
April 03, 2024 03 Apr'24
RDP abused in over 90% of cyber attacks, Sophos finds

Threat actors continue to see great success using simple, tried and tested methods, and many defenders are failing to do the basics
April 03, 2024 03 Apr'24
Ransomware kill switch may save 99% of files from encryption

MDR specialist Adlumin says its new features will help customers stop in-progress ransomware attacks before they can cause significant damage
March 28, 2024 28 Mar'24
UK plc going backwards on cyber maturity, Cisco report claims

Fewer UK organisations believe their cyber security postures have reached a mature level than did so 12 months ago, as they struggle to keep up with new challenges and a fast-evolving threat landscape
March 28, 2024 28 Mar'24
Counter-eavesdropping agency unlawfully used surveillance powers to identify journalist’s source

More than 750 journalists had their communications data accessed by law enforcement and government agencies between 2018 and 2022
March 26, 2024 26 Mar'24
WikiLeaks founder Julian Assange given temporary reprieve over extradition

Court seeks assurances from the US that Assange will be given First Amendment Rights, will not prejudiced at trial because of his nationality, and will not be subject to the death penalty
March 19, 2024 19 Mar'24
Australia’s cyber security spending to grow 11.5% this year

Highly publicised cyber attacks and growing regulatory obligations are keeping security and risk top of mind for Australian organisations this year, says Gartner
March 12, 2024 12 Mar'24
More DDoS attacks launched against APAC financial firms

The financial sector in Asia-Pacific saw more DDoS attacks in 2023, but no notable impact was reported, according to a report by Akamai and FS-ISAC
March 06, 2024 06 Mar'24
Apple patches zero-days amid ‘foundational’ post-quantum update

Apple’s iOS 17.4 update not only fixes zero-day flaws that are being actively exploited, but includes important new security protocols to safeguard users against future attacks
March 06, 2024 06 Mar'24
Nation states buying hacking tools from underground Russian cyber forums

State-sponsored hacking groups, posing as hacktivists, are using Russian cyber crime forums to stock up on cyber weapons, says Check Point Software’s threat analyst, Sergey Shykevich
March 05, 2024 05 Mar'24
American Express customers exposed through third-party breach

US card giant warns customers that their personal details may have been exposed after a third party experienced a systems breach