News

Endpoint security

• December 21, 2023 21 Dec'23

  Top 10 cyber crime stories of 2023

  Ransomware gangs dominated the cyber criminal underworld in 2023, a year that will prove notable for significant evolutionary trends in their tactics

• December 14, 2023 14 Dec'23

  Cisco eyes opportunities in AI, sustainability in Australia

  Cisco is looking to tap opportunities in sustainability, AI and cyber security as it navigates Australia’s economic headwinds

• November 22, 2023 22 Nov'23

  CISA reveals how LockBit hacked Boeing via Citrix Bleed

  As alarm grows around the world about the impact of the so-called Citrix Bleed vulnerability, Boeing has shared details of its experience at the hands of the LockBit ransomware crew

• November 15, 2023 15 Nov'23

  BlackCat affiliate seen using malvertising to spread ransomware

  Researchers at eSentire identified a wave activity from an ALPHV/BlackCat ransomware affiliate which has adopted a somewhat unusual approach to delivering its locker

• November 15, 2023 15 Nov'23

  Russian cyber criminal pleads guilty to running IPStorm botnet

  Sergey Manikin faces years in jail after his illicit proxy botnet service was taken down by US law enforcement

• November 15, 2023 15 Nov'23

  How Gigamon is making its mark in deep observability

  Gigamon CEO Shane Buckley talks up the company’s ability to inspect encrypted network traffic for malicious activity, how it stands out with its deep observability capabilities and the tailwinds that are fuelling its growth

• November 13, 2023 13 Nov'23

  Lloyds Bank warns over rising threat of crypto scams

  Report by Lloyds Banking Group finds there has been a 23% increase in cryptocurrency scams in 2023 compared with last year, targeting mostly younger investors

• November 09, 2023 09 Nov'23

  Revealed: How Russia’s Sandworm ramped up attacks on Ukraine’s critical infrastructure

  New Mandiant intelligence reveals how the APT known as Sandworm has been evolving its playbook, twisting legitimate executables known as LoLBins into malicious tools as it seeks to disrupt daily life in Ukraine

• November 07, 2023 07 Nov'23

  Researchers ‘break’ rule designed to guard against Barracuda vulnerability

  Vectra AI researchers found that a Suricata rule designed to detect exploitation of a dangerous Barracuda Email Security Gateway flaw was not entirely effective

• November 06, 2023 06 Nov'23

  Shadow IT use at Okta behind series of damaging breaches

  Okta now believes the initial access vector in a series of damaging breaches was one of its own employees who used a corporate device to sign into their personal Google account

• November 06, 2023 06 Nov'23

  How Trellix’s CISO keeps threat actors at bay

  Trellix’s chief information security officer, Harold Rivas, outlines how the company mitigates security threats through containment and by helping security analysts to respond faster to cyber incidents

• October 27, 2023 27 Oct'23

  How Elastic manages cyber security threats

  Mandy Andress, CISO at Elastic, highlights the company’s approach to tackling evolving cyber threats through the use of AI tools and enhanced security measures while strengthening the capabilities of its security offerings

• October 25, 2023 25 Oct'23

  Demystifying the top five OT security myths

  Goh Eng Choon, president of ST Engineering’s cyber business, outlines the common myths around OT security in a bid to raise awareness of the security challenges confronting OT systems

• October 24, 2023 24 Oct'23

  Kaspersky opens up over spyware campaign targeting its staffers

  Kaspersky has shared more details of the TriangleDB spyware that was used against its own workforce by an unknown APT group

• October 19, 2023 19 Oct'23

  Sellafield local authority unsure if data was stolen six years on from North Korea ransomware attack

  Senior managers at an ‘Achilles heel’ local authority for Europe’s biggest nuclear site ‘still don’t know what was lost’ in a 2017 cyber attack, according to a council source

• October 19, 2023 19 Oct'23

  Loughborough Uni to create five cyber AI research posts

  Supported by Darktrace, Loughborough University is to recruit five doctoral researchers focusing on cross-disciplinary research in AI and cyber security

• October 17, 2023 17 Oct'23

  Alert sounded over dangerous Cisco IOS XE zero-day

  Cisco warns customers using its IOS XE software of a newly discovered vulnerability that could enable a threat actor to take over their systems

• October 03, 2023 03 Oct'23

  CIISec scores DSIT funding to expand successful CyberEPQ scheme

  DSIT has committed to enhanced funding to expand CIISec’s CyberEPQ education programme after recording excellent results to date

• September 28, 2023 28 Sep'23

  Security and risk management spending to grow 14% next year

  Growth in public cloud services will stand out over the next 12 months, as Gartner projects an overall 14% increase in cyber spending in 2024

• September 25, 2023 25 Sep'23

  Apple fixes three vulnerabilities found by spyware researchers

  Apple has patched three more vulnerabilities uncovered by spyware and surveillance researchers at The Citizen Lab

• September 22, 2023 22 Sep'23

  Cyber experts set out plan to secure future US elections

  A group of experts are setting out to enhance election cyber security in the United States, and restore public faith in a process tainted by interference and misinformation in the past

• September 14, 2023 14 Sep'23

  As vehicle safety regulations loom, carmakers fret over cyber risks

  Global, UN-backed car safety and security regulations come into force next year, and automotive bosses say they are not only unprepared, but “swamped” by a tide of compliance and security risks

• September 13, 2023 13 Sep'23

  Storm-0324 gathers over Microsoft Teams

  An initial access broker associated with several different ransomware operations is now conducting Microsoft Teams phishing attacks

• September 11, 2023 11 Sep'23

  Polish election questioned after Pegasus spyware used to smear opposition, investigation finds

  Senate committee alerts prosecutors over potential crimes by public officials involved in purchasing Pegasus spyware used to monitor and smear political opponents

• September 08, 2023 08 Sep'23

  Apple patches Blastpass exploit abused by spyware makers

  Apple has patched two vulnerabilities that formed an exploit chain which has been allegedly abused by spyware company NSO

• September 07, 2023 07 Sep'23

  Finnish government to bolster spending on cyber-AI defences

  Finland’s government will increase spending on cyber security amid heightened threats from artificial intelligence-based attacks

• September 06, 2023 06 Sep'23

  French supreme court dismisses legal challenge to EncroChat cryptophone evidence

  Defence lawyers plan to appeal to the European Court of Human Rights after the French supreme court disallowed an appeal over the legality of EncroChat evidence

• September 06, 2023 06 Sep'23

  German court unclear whether intercepted EncroChat cryptophone messages are legally admissible

  Germany’s Federal Constitutional Court is waiting to hear five complaints that could decide whether data from the hacked EncroChat phone network can be lawfully used in German courts, but situation remains unclear for now

• September 05, 2023 05 Sep'23

  Plymouth Uni spearheads research into wind farm cyber resilience

  Project hosted at the University of Plymouth in Devon aims to develop cyber security measures to protect the UK’s increasingly important offshore wind farm assets

• September 01, 2023 01 Sep'23

  IT experts issue new warnings over Online Safety Bill plans to weaken end-to-end encryption

  BCS, The Chartered Institute for IT, argues the government is seeking a technical fix to terrorism and child abuse without understanding the risks and implications

• August 31, 2023 31 Aug'23

  Sandworm attacks Ukraine with Infamous Chisel malware

  The UK and its allies have attributed a novel malware campaign against Ukrainian state targets to the Russian intelligence-backed Sandworm APT

• August 29, 2023 29 Aug'23

  Zero-day that forced Barracuda users to bin kit was exploited by China

  Mandiant has published details of how a Chinese threat actor targeted high-profile users of Barracuda Networks' Email Security Gateway appliances, including government agencies of interest to Beijing's intelligence goals

• August 22, 2023 22 Aug'23

  Singapore to bolster OT security capabilities

  Cyber Security Agency of Singapore teams up with Dragos and the US Cybersecurity and Infrastructure Security Agency to bolster the country’s OT security capabilities

• August 21, 2023 21 Aug'23

  Police worker could have put investigation into EncroChat encrypted phone network at risk

  A police intelligence analyst admitted tipping-off a criminal contact that police had infiltrated the EncroChat encrypted phone network

• August 17, 2023 17 Aug'23

  Researchers demo fake airplane mode exploit that tricks iPhone users

  Exploit chain that tricks a victim into believing their iOS device is offline in airplane mode when it is not could open the door to grave privacy concerns

• August 16, 2023 16 Aug'23

  CyberArk eyes growth beyond PAM

  CyberArk is seeing exponential growth in the broader identity security market as the company expands its capabilities beyond privileged access management

• August 16, 2023 16 Aug'23

  ITAM influence on cyber risk becoming a factor in credit ratings

  Credit agency S&P Global Ratings warns that organisations that pay inadequate attention to IT asset management as a factor in their cyber risk management processes may find their creditworthiness takes a dive

• August 07, 2023 07 Aug'23

  NHS trust suspends two governors as whistleblower email dispute continues

  Governors at an NHS trust have been suspended after asking questions about emails used to bring a General Medical Council investigation against a whistleblower

• August 02, 2023 02 Aug'23

  Ivanti MDM users told to patch against two dangerous flaws

  Users of Ivanti’s mobile device management platform have been warned to act now to patch two vulnerabilities that were chained by a threat actor in a series of cyber attacks on the Norwegian government

• July 28, 2023 28 Jul'23

  Lancaster Uni lends cyber support to nuclear decommissioning body

  Lancaster University’s cyber team has joined with the Nuclear Decommissioning Authority to help support and protect its 300-year mission, while enhancing its own capabilities in the process

• July 28, 2023 28 Jul'23

  How Indian organisations are keeping pace with cyber security

  Indian organisations are shoring up their defences to improve their cyber resilience amid intensifying cyber threats targeted at key sectors such as healthcare and logistics

• July 24, 2023 24 Jul'23

  CIO interview: Sean Green, University of East Anglia

  In his role as director of digital and data at the University of East Anglia, Sean Green provides high-performance computing to researchers and manages the diverse needs of a campus with the characteristics of a small town, all while finding the ...

• July 24, 2023 24 Jul'23

  Citrix NetScaler users told to patch new zero-day urgently

  A vulnerability disclosed and patched last week by Citrix appears to be being exploited by China-backed threat actors as a zero-day, prompting warnings from government cyber bodies

• July 21, 2023 21 Jul'23

  Government boosts protection for encryption in Online Safety Bill but civil society groups concerned

  House of Lords adopts amendment to require Ofcom to commission a report before requiring technology companies to scan encrypted messages, but drops proposals for judicial oversight

• July 12, 2023 12 Jul'23

  Hackers: We won’t let artificial intelligence get the better of us

  AI is changing how ethical hackers go about their work, and will continue to do so, but the community is convinced the technology will never be able to replicate the creativity of a flesh-and-blood hacker

• July 11, 2023 11 Jul'23

  Apple pushes Rapid Response patch to fix WebKit zero-day

  Apple deployed an emergency patch under its Rapid Security Response update programme, but had to temporarily suspend delivery after it caused problems for users of the Safari browser

• July 07, 2023 07 Jul'23

  Suspicious email reported every five seconds in UK

  National Cyber Security Centre report reveals a suspicious email was reported by UK citizens and organisations every five seconds last year

• June 27, 2023 27 Jun'23

  WithSecure forges ahead with green coding initiative

  WithSecure’s W/Sustainability programme kickstarts a number of initiatives, including a commitment to green coding the security supplier hopes will set an example for others to follow

• June 23, 2023 23 Jun'23

  Phishing and ransomware dominate Singapore’s cyber threat landscape

  Phishing and ransomware attacks continued apace in Singapore last year amid signs of improving cyber hygiene

• June 19, 2023 19 Jun'23

  How Fastly thinks differently about CDNs and the edge

  Fastly is counting on its developer chops and different approaches towards security and other areas to compete with its rivals