News

Endpoint security

• April 05, 2022 05 Apr'22

  Triple-threat Borat malware no joke for victims

  Unlike its namesake, the newly discovered Borat malware won’t raise a smile for IT security pros

• April 04, 2022 04 Apr'22

  How remote browser isolation can mitigate cyber threats

  Remote browser isolation can help to mitigate browser-based attacks by separating a user’s browsing activity from the device

• April 01, 2022 01 Apr'22

  Apple drops emergency patches for two zero-days

  Apple has fixed two zero-day vulnerabilities that appear to have been actively exploited in the wild

• March 31, 2022 31 Mar'22

  Bank fraud prevention scheme blocked £60m in fraud last year

  Scheme to catch fraudsters, including online scammers, before they commit their crimes has reported a significant increase in crimes prevented

• March 30, 2022 30 Mar'22

  Australia to spend A$9.9bn on intelligence and cyber capabilities

  The Morrison government is investing in a landmark package of measures to shore up the intelligence and cyber security capabilities of the Australian Signals Directorate

• March 29, 2022 29 Mar'22

  Singapore rolls out cyber security certification scheme

  Two new cyber security marks are expected to provide an edge for Singapore businesses with good cyber security practices

• March 25, 2022 25 Mar'22

  European Commission proposes new cyber security regulations

  New cyber and information security regulations have been proposed by the European Commission to create a minimum set of standards in both areas

• March 25, 2022 25 Mar'22

  How Lapsus$ exploited the failings of multifactor authentication

  Attacks on Nvidia and Okta highlight weak MFA and the risk of employees being bribed or falling victim to social engineering

• March 24, 2022 24 Mar'22

  How India organisations can mitigate cyber threats

  Organisations in India will need to invest more in cloud security, gain more visibility into their systems and improve security awareness among employees to fend off cyber attacks

• March 22, 2022 22 Mar'22

  Biden issues warning about Russian cyber attacks

  President Biden has said that US companies running critical infrastructure should immediately harden their defences in anticipation of potential cyber attacks from Russia

• March 22, 2022 22 Mar'22

  Details of Conti ransomware affiliate released

  Information about a new Conti affiliate has been released by eSentire and BreakPoint Lab after a joint investigation into the group’s indicators of compromise

• March 17, 2022 17 Mar'22

  Kaspersky CEO: Ukraine war must end through diplomacy

  Eugene Kaspersky speaks out on the war in Ukraine, and rebuffs Germany’s BSI, branding its warnings over his company’s trustworthiness as insulting

• March 17, 2022 17 Mar'22

  Value of contactless transactions doubles in two years

  Almost £166bn was spent in the UK last year using contactless technology, compared with £80.5bn in 2019

• March 10, 2022 10 Mar'22

  Government to force tech firms to stop fraudsters using their platforms for scams

  Changes to legislation will make social media and search engine firms responsible for preventing fraudsters using their platforms to commit crimes

• March 09, 2022 09 Mar'22

  Microsoft serves up three zero-days on March Patch Tuesday

  Three zero-days pop up in Microsoft’s March update, along with a number of other noteworthy concerns for defenders

• March 02, 2022 02 Mar'22

  Cyber companies step up support for Ukraine

  Security companies Bitdefender and Vectra AI are both to offer products and services in support of Ukraine

• March 02, 2022 02 Mar'22

  SunSeed malware hits those involved in Ukraine refugee relief

  European governments involved in managing the logistics of hundreds of thousands of people fleeing Ukraine have been targeted by a suspected state-backed actor

• March 01, 2022 01 Mar'22

  BBC blasted with millions of malicious emails

  Responding to an FoI request, the BBC has revealed it receives more than 300,000 malicious email attacks every day

• March 01, 2022 01 Mar'22

  ESET details new IsaacWiper malware used on Ukraine

  Having been among the first to report on the HermeticWiper malware used against Ukraine last week, ESET has now identified another destructive malware called IsaacWiper

• February 28, 2022 28 Feb'22

  Cloudflare: Our network is our product

  Cloudflare’s chief product officer explains why its network is its product and how it protects organisations against cyber threats

• February 24, 2022 24 Feb'22

  KnowBe4 cyber drama tackles Colonial Pipeline in fourth season

  KnowBe4’s ongoing cyber security training drama, The Inside Man, reaches its fourth season with a plot drawing inspiration from one of the most impactful cyber attacks of 2021

• February 24, 2022 24 Feb'22

  New cyber guidelines to safeguard construction sector

  NCSC launches sector-specific security guidance for organisations in the construction industry, with input from the Chartered Institute of Building

• February 24, 2022 24 Feb'22

  Russia behind dangerous Cyclops Blink malware

  Joint NCSC CISA advisory attributes a dangerous malware, dubbed Cyclops Blink, to Russia’s Sandworm APT, likely a GRU unit, with WatchGuard users at particular risk

• February 23, 2022 23 Feb'22

  IBM opens cyber security hub in India

  Big Blue’s new cyber security hub, comprising a cyber range, software development facilities and a security operations centre, will serve enterprises across the Asia-Pacific region

• February 21, 2022 21 Feb'22

  Zoom gains NCSC Cyber Essentials Plus and NHS security badges

  Video platform Zoom has added a number of UK-specific cyber certifications to help it demonstrate its platform is safeguarded against common threats

• February 18, 2022 18 Feb'22

  Lawyers say ‘unprecedented’ secrecy deprived EncroChat defendants of fair trials

  Lawyers from seven countries say it is impossible for their clients to challenge the accuracy, authenticity, reliability and legality of the evidence against them

• February 17, 2022 17 Feb'22

  Red Cross cyber attack the work of nation-state actors

  The International Committee of the Red Cross now believes the January 2022 attack on its systems to have been the work of an undisclosed nation state

• February 16, 2022 16 Feb'22

  2021 another record year for UK cyber investment

  Total revenue generated by the UK’s cyber sector was up 14% last year, and UK-registered security firms raised over £1bn in investment

• February 16, 2022 16 Feb'22

  Retrospect Backup refines anomaly detection in ransomware battle

  StorCentric backup software brand allows customer fine-tuning of anomaly detection in struggle against ransomware, and adds immutable copies via object locking in Azure

• February 11, 2022 11 Feb'22

  Lack of knowledge disastrous for effective security strategy within Dutch companies

  Most Dutch companies still haven’t realised that security is an integral part of their IT and company strategy

• February 08, 2022 08 Feb'22

  Microsoft to start blocking macros to thwart malware

  Microsoft is making changes to web macro permissions across multiple Office apps to help improve user security

• February 08, 2022 08 Feb'22

  The Security Interviews: Building the UK’s future cyber ecosystem

  As the government lays out the next iteration of its Cyber Security Strategy, we speak to Plexal and Lorca’s Saj Huq about his work building a cyber ecosystem to support the UK’s future ambitions

• February 04, 2022 04 Feb'22

  Check Point looks to plug ASEAN’s cyber security gap

  Check Point is shoring up its sales force and partner ecosystem to address the cyber security needs of small and mid-sized businesses in a region that is highly targeted by threat actors

• February 03, 2022 03 Feb'22

  BlackCat crew supposedly behind OilTanking ransomware heist

  Preliminary reports from Germany’s national cyber authority indicate the recent OilTanking ransomware attack may have been the work of the BlackCat group

• February 02, 2022 02 Feb'22

  Zero-trust to soar in 2022, but dogged by implementation challenges

  IT leaders are keen to invest in zero-trust, but face issues around a lack of expertise, and selling the concept into the C-suite

• January 28, 2022 28 Jan'22

  Korean researchers invent silk-based security device

  Experts from the Gwangju Institute of Science have built a digital security device based on natural silk fibres that they claim is practically unbreachable

• January 26, 2022 26 Jan'22

  MPs to debate landmark IoT security law

  Proposed bill mandates tighter protections for connected products, and adds new rules for broadband roll-out into the bargain

• January 25, 2022 25 Jan'22

  Cyber Essentials programme gets biggest update since launch

  NCSC implements a thorough revision of its Cyber Essentials scheme to reflect the changing security landscape

• January 24, 2022 24 Jan'22

  India’s cyber security industry doubles in size amid pandemic

  Revenues from cyber security products and services reached $9.85bn in 2021 thanks to rapid digitalisation and regulatory attention on data and privacy

• January 21, 2022 21 Jan'22

  Scam losses in Australia hit record high

  Australians lost a record A$323.7m to scams last year, with investment and romance scams accounting for the bulk of their losses

• January 20, 2022 20 Jan'22

  MoonBounce firmware bootkit shows advances in malicious implants

  MoonBounce firmware bootkit shows evident technical improvements over others, making it a more dangerous threat to organisations. It is being used by Chinese state-backed actors

• January 19, 2022 19 Jan'22

  Investigators find Beijing 2022 app riddled with security flaws

  Security flaws in Olympic app may put personal health data at risk of compromise in a man-in-the-middle attack

• January 19, 2022 19 Jan'22

  Trellix looks to democratise access to XDR in APAC

  The company formed from the merger of FireEye Enterprise and McAfee will team up with managed service providers, among other efforts, to democratise access to extended detection and response capabilities in the region

• January 19, 2022 19 Jan'22

  Trellix XDR platform forged out of McAfee, FireEye union

  The private equity owners of McAfee Enterprise and FireEye are merging the companies into a new entity to ‘define the future’ of cyber security through XDR technology

• January 12, 2022 12 Jan'22

  MEPs demand EU probe into Pegasus spyware abuse

  A group of European Parliament Members has called for an EU-wide investigation into NSO Group’s Pegasus spyware after it emerged EU member states may have used it

• January 11, 2022 11 Jan'22

  Banks accused of neglecting customer security measures

  Which? singles out Metro Bank, Virgin Money and TSB over insecure online banking processes

• January 11, 2022 11 Jan'22

  IT departments struggling to secure printer endpoints

  Printers are at risk of attack, just as any other endpoint device, but many IT leaders are struggling to secure their print infrastructure

• January 09, 2022 09 Jan'22

  Singapore retailer hit by data breach

  The personal data of OG’s basic and gold members stored in a database managed by a third-party service provider was reportedly compromised

• January 03, 2022 03 Jan'22

  How APAC firms can stay ahead of cyber threats

  Organisations will need to develop behavioural detection, machine learning and threat hunting capabilities to keep pace with the onslaught of cyber attacks

• December 23, 2021 23 Dec'21

  Top 10 cyber security stories of 2021

  Cyber security dominated the headlines in 2021, making it hard to gain a clear picture of what to pay attention to. What is an IT buyer to do?