News

Endpoint security

October 04, 2024 04 Oct'24
UK telcos including BT at risk from DrayTek router vulnerabilities

A series of vulnerabilities in DrayTek's Vigor router product lines affects multiple comms service providers in the UK, according to new analysis
October 01, 2024 01 Oct'24
Post Office ditches MoneyGram after cyber attack

The Post Office offered a short extension to enable it to asses the impact of the MoneyGram cyber incident, but the contract has now expired and MoneyGram services are no longer available in Post Office branches
September 26, 2024 26 Sep'24
Racist Network Rail Wi-Fi hack was work of malicious insider

Police have revealed that this week’s racist cyber attack on public Wi-Fi networks at stations across the UK appears to have been the work of a malicious insider, after arresting an employee of one of the service providers
September 25, 2024 25 Sep'24
Splunk and Cisco integration moving apace

Splunk is rapidly integrating with Cisco’s technology to enable seamless transitions between their platforms while delivering advanced threat detection capabilities

September 23, 2024 23 Sep'24
Microsoft shares progress on Secure Future Initiative

Microsoft has published a progress report on its Secure Future Initiative, launched last year in the wake of multiple security incidents, and made a series of commitments to improve its internal cyber culture
September 23, 2024 23 Sep'24
UK, US and Canada to collaborate on AI and cyber security

International collaboration agreement will see the governments of Canada, the UK and the US work together to research, evaluate and test new defence technologies
September 18, 2024 18 Sep'24
NCSC exposes Chinese company running malicious Mirai botnet

The NCSC and its Five Eyes allies have published details of the activities of a China-based cyber security company that is operating a Mirai IoT botnet in the service of government-backed intrusions
September 17, 2024 17 Sep'24
First CyberBoost Catalyse startup cohort named

The first group of companies named to a cyber incubator programme run by Plexal and the National University of Singapore includes two growing UK businesses
September 13, 2024 13 Sep'24
Cyber workforce must almost double to meet global talent need

Research from ISC2 finds global cyber workforce needs additional 4.8 million people to fully secure businesses
September 11, 2024 11 Sep'24
September Patch Tuesday: Update before 1 October

Four critical remote code execution bugs in Windows and three critical elevated privileges vulnerabilities will keep admins busy

August 28, 2024 28 Aug'24
Iranian APT Peach Sandstorm teases new Tickler malware

Peach Sandstorm, an Iranian state threat actor, has developed a dangerous new malware strain that forms a key element of a rapidly evolving attack sequence
August 28, 2024 28 Aug'24
Global cyber spend to rise 15% in 2025, pushed along by AI

Security spending will increase at pace in 2025, with artificial intelligence, cloud and consultancy services all pushing outlay to new highs, according to Gartner
August 28, 2024 28 Aug'24
How Kaspersky is driving growth in APAC

Kaspersky is leveraging its threat intelligence capabilities and local market knowledge to navigate geopolitical tensions and expand its footprint across the Asia-Pacific region
August 27, 2024 27 Aug'24
Palo Alto Networks bets on ‘precision AI’

Palo Alto Networks’ regional leader, Steven Scheurmann, explains how machine learning, neural networks and generative AI can help to prevent breaches in what it calls ‘precision AI’
August 22, 2024 22 Aug'24
New Qilin tactics a ‘bonus multiplier’ for ransomware chaos

Sophos X-Ops caught the Qilin ransomware gang stealing credentials stored by victims' employees in Google Chrome, heralding further cyber attacks and breaches down the line.
August 20, 2024 20 Aug'24
Helsinki braced for elevated cyber attacks

The City of Helsinki is increasing its collaboration with cyber security and crime investigators following a major attack on its systems
August 19, 2024 19 Aug'24
Challenges of deploying PQC globally

Quantum computers will eventually be powerful and reliable enough to crack strong encryption. PQC is the answer, but it could take years to deploy
August 19, 2024 19 Aug'24
Popular Microsoft apps for Mac at risk of code injection attacks

Researchers at Cisco Talos turn up evidence suggesting that Microsoft apps running on the Apple macOS operating system are not as secure as they seem
August 14, 2024 14 Aug'24
August Patch Tuesday proves busy with six zero-days to fix

Microsoft patches six actively exploited zero-days among over 100 issues during its regular monthly update
August 05, 2024 05 Aug'24
Chinese cyber attack sparks alert over six-year-old MS vuln

After a proof-of-concept for a six-year-old Microsoft vulnerability emerged in a Chinese APT attack chain, defenders should be on the look-out for exploitation of CVE-2018-0824
August 02, 2024 02 Aug'24
How CrowdStrike is leveraging AI to empower security teams

CrowdStrike CTO Elia Zaitsev explains how the company’s multi-agent AI architecture can help to enhance analyst efficiency and tackle cyber security challenges
August 01, 2024 01 Aug'24
CrowdStrike shareholders sue, alleging false security claims

A US pension fund is lining up a lawsuit against CrowdStrike, claiming the cyber company lied about the integrity of its systems, leading to failings that caused a worldwide IT outage
July 24, 2024 24 Jul'24
CrowdStrike chaos: Enterprises urged to take protective action in wake of botched software update

Enterprises that emerged unscathed from the roll-out of the botched CrowdStrike software update are being urged to view it as a wake-up call rather than a lucky escape
July 21, 2024 21 Jul'24
CrowdStrike update snafu affected 8.5 million Windows devices

About 8.5 million devices globally were hit by the botched CrowdStrike update, with a significant number now back online and operational
July 18, 2024 18 Jul'24
Netscout expands network observability for the digital edge

Network performance management firm announces business edge observability for networks, applications and user experience to mitigate risk and reduce mean time to respond
July 17, 2024 17 Jul'24
How iProov is fending off deepfake fraud

Facial biometrics and controlled illumination can detect liveness, verify identities and help prevent deepfake attacks
July 16, 2024 16 Jul'24
Incubator Plexal heads to Singapore for CyberBoost

Cyber startup hub Plexal expands its presence to Singapore through a new initiative, and sets its sights on helping new UK businesses break into the booming Asia-Pacific market
July 15, 2024 15 Jul'24
How Snowflake is tackling AI challenges

Snowflake’s regional leader Sanjay Deshmukh outlines how the company is helping customers to tackle the security, skills and cost challenges of AI implementations
July 11, 2024 11 Jul'24
Dutch research firm TNO pictures the SOC of the future

In only a few years, security operations centres will have a different design and layout, and far fewer will remain
July 09, 2024 09 Jul'24
Chinese spies target vulnerable home office kit to run cyber attacks

China’s APT40 is ramping up targeting of victims using vulnerable small and home office networking kit as command and control infrastructure, according to an international alert
July 09, 2024 09 Jul'24
Lessons from war: How Israel is fighting Iranian state-backed hacking

The general director of the Israel National Cyber Directorate talks about the rise in cyber attacks and what lessons the country has gleaned to defend against hacking from foreign parties
June 26, 2024 26 Jun'24
Israel’s cyber chief calls for international front against Iranian hackers

Israel’s cyber chief has called for international action against Iran over state-backed hacking
June 21, 2024 21 Jun'24
Kaspersky says it can continue to sell cyber threat intelligence in spite of US ban

The US government is stopping Kaspersky Lab from offering its antivirus software and cyber security tools to US firms and citizens
June 12, 2024 12 Jun'24
RCE flaw and DNS zero-day top list of Patch Tuesday bugs

An RCE vulnerability in a Microsoft messaging feature and a third-party flaw in a DNS authentication protocol are the most pressing issues to address in Microsoft’s latest Patch Tuesday
June 07, 2024 07 Jun'24
Sophos uncovers Chinese state-sponsored campaign in Southeast Asia

Sophos found three distinct clusters of activity targeted at a high-level government organisation that appeared to be tied to Chinese interests in the South China Sea
May 22, 2024 22 May'24
Rockwell urges users to disconnect ICS equipment

ICS systems maker Rockwell Automation calls on users to take steps to secure their equipment, and reminds them there is no reason to ever have its hardware connected to the public internet, as it tracks an increase in global threat activity
May 15, 2024 15 May'24
GCHQ to protect politicians and election candidates from cyber attacks

The National Cyber Security Centre, part of GCHQ, to protect election candidates from hostile state cyber attacks
May 06, 2024 06 May'24
Microsoft beefs up cyber initiative after hard-hitting US report

Microsoft is expanding its recently launched Secure Future Initiative in the wake of a hard-hitting US government report on recent nation state intrusions into its systems
April 30, 2024 30 Apr'24
Bad bot traffic in Australia grew 23% in 2023

Traffic from bad bots that perform malicious tasks accounted for 30.2% of Australia’s internet traffic in 2023
April 29, 2024 29 Apr'24
UK’s long-awaited device security law kicks in

The Product Security and Telecommunications Infrastructure Act has become law across the UK, enforcing basic cyber security standards across connected products sold to the public
April 25, 2024 25 Apr'24
Zero trust is a strategy, not a technology

Zero-trust security should be seen as a strategy to protect high-value assets and is not tied to a specific technology or product, says the model’s creator John Kindervag
April 24, 2024 24 Apr'24
Cyber training leader KnowBe4 to buy email security firm Egress

Security awareness training and phishing simulation specialist KnowBe4 is to buy email security expert Egress
April 23, 2024 23 Apr'24
GooseEgg proves golden for Fancy Bear, says Microsoft

Microsoft’s threat researchers have uncovered GooseEgg, a never-before-seen tool being used by Forest Blizzard, or Fancy Bear, in conjunction with vulnerabilities in Windows Print Spooler
April 18, 2024 18 Apr'24
CSA warns of emerging security risks with cloud and AI

Few users appreciate the security risks of cloud and have the expertise to implement the complex security controls, says CSA chief executive David Koh
April 16, 2024 16 Apr'24
CW Innovation Awards: Balancing security and user experience

The National University of Singapore’s Safe initiative has strengthened the security of IT systems and end-user devices while prioritising user experience through passwordless access
April 12, 2024 12 Apr'24
Apple iPhone security alert renews spyware concerns

An Apple security alert received by users in 92 countries raises fresh fears over ongoing campaigns by users of mercenary spyware products
April 10, 2024 10 Apr'24
Breakthrough may herald secure home quantum computing

An emerging approach to quantum security dubbed blind quantum computing may one day help spur mass adoption of quantum computing safely and securely, using technology that is already available today
April 10, 2024 10 Apr'24
Patch Tuesday: Windows Server 2008 receives emergency security patch

Support for the OS ended in 2020, but four years on and there's a live exploit of a security flaw that impacts all Windows users
April 08, 2024 08 Apr'24
What Cisco’s Splunk acquisition means for APAC customers

APAC organisations can expect better visibility and insights into their networks and applications along with automation and response capabilities to improve their digital resilience
April 05, 2024 05 Apr'24
How Oracle Red Bull Racing guards against cyber threats

The F1 team is tapping managed security services, conducting penetration tests and improving security awareness among employees to fend off cyber threats such as phishing and ransomware