News

Endpoint security

• March 01, 2024 01 Mar'24

  Fancy Bear sniffs out Ubiquiti router users

  The authorities have warned users of Ubiquiti EdgeRouter products to take remedial action after a number of devices were hijacked into a malicious botnet by a Russian cyber espionage unit

• February 27, 2024 27 Feb'24

  Black Basta and Bl00dy ransomware gangs exploiting ConnectWise vulns

  More ransomware gangs have been observed exploiting two dangerous vulnerabilities in ConnectWise ScreenConnect software, prompting new warnings for users to get patching

• February 26, 2024 26 Feb'24

  Storage and backup spend in 2024 targets risk and resilience

  The TechTarget and ESG spending intentions survey finds big bias towards averting risk and building organisational resilience, but on-premise storage a significant planned outlay

• February 22, 2024 22 Feb'24

  Toshiba and Orange test quantum encryption on traditional network

  Researchers used QKD on a fibre-optic network spanning 184km to show how the technology could be used to secure networks cost-effectively

• February 15, 2024 15 Feb'24

  Security-by-design push prompts new ISC2 accreditations

  Security-by-design has become a hot-button regulatory issue. ISC2 has decided now is the time to upskill cyber pros around these vital software and hardware development principles

• February 01, 2024 01 Feb'24

  US government disrupts Chinese botnet containing hundreds of end-of-life Cisco and Netgear routers

  The US government has succeeded in halting a botnet comprised of hundreds of end-of-life routers that posed a threat to critical national infrastructure (CNI) organisations in multiple countries

• January 24, 2024 24 Jan'24

  WebKit vulnerability sparks Apple’s first major security update of 2024

  A zero-day in the open source WebKit browser engine that powers Safari has sparked Apple’s first major patch roll-out of the new year

• January 24, 2024 24 Jan'24

  Inside Cisco’s security platform strategy

  Raj Chopra, senior vice-president of Cisco’s security business, outlines the company’s security platform strategy and how it brought different products together into a single platform

• January 23, 2024 23 Jan'24

  SEC bitcoin hack was result of SIM-swapping

  A cyber attack on the US financial regulator earlier in January 2024 occurred after hackers took over one of its mobile phone accounts in a so-called SIM-swapping attack

• January 16, 2024 16 Jan'24

  Kaspersky shares Pegasus spyware-hunting tool

  Kaspersky has developed a way of easily exposing the presence of Pegasus spyware on iOS devices and believes its methodology may also help users identify other such surveillance malware

• January 15, 2024 15 Jan'24

  Russia hacked ex-MI6 chief’s emails – what they reveal is more Dad’s Army than deep state

  A Russian hacking group that published emails of ex-MI6 chief Richard Dearlove claimed to have uncovered a conspiracy, but it was more Dad’s Army than the ‘deep state’, Computer Weekly and Byline Times reveal

• January 15, 2024 15 Jan'24

  NCA director sacked after WhatsApp and email security breaches

  Nikki Holland, former director of investigations at the NCA, was sacked for “misconduct” after sending sensitive NCA information over personal email and WhatsApp

• January 11, 2024 11 Jan'24

  Cisco fixes high-impact flaw in unified comms platform

  Cisco unified comms customers are urged to patch a critical vulnerability in Unity Connection, a messaging and voicemail product

• January 09, 2024 09 Jan'24

  Study reveals cyber risks to US elections

  With the 2024 US presidential election cycle beginning, a study produced by Arctic Wolf has highlighted big gaps in preparedness and resourcing at government bodies across the US

• January 04, 2024 04 Jan'24

  Celona and Palo Alto partner to enhance private 5G network security

  Wireless services specialist Celona and security firm Palo Alto Networks are coming together to enhance device protection for organisations operating private mobile networks

• January 02, 2024 02 Jan'24

  Cloudflare eyes GenAI workloads with Workers AI

  Cloudflare’s Workers developer platform is touted to make it easier for organisations to deploy GenAI capabilities at the edge to speed up inferencing

• December 27, 2023 27 Dec'23

  Top 10 ASEAN IT stories of 2023

  Organisations across the region have continued to shore up their cyber security posture while investing in infrastructure to pave the way for emerging technologies like GenAI

• December 21, 2023 21 Dec'23

  Top 10 cyber crime stories of 2023

  Ransomware gangs dominated the cyber criminal underworld in 2023, a year that will prove notable for significant evolutionary trends in their tactics

• December 14, 2023 14 Dec'23

  Cisco eyes opportunities in AI, sustainability in Australia

  Cisco is looking to tap opportunities in sustainability, AI and cyber security as it navigates Australia’s economic headwinds

• November 22, 2023 22 Nov'23

  CISA reveals how LockBit hacked Boeing via Citrix Bleed

  As alarm grows around the world about the impact of the so-called Citrix Bleed vulnerability, Boeing has shared details of its experience at the hands of the LockBit ransomware crew

• November 15, 2023 15 Nov'23

  BlackCat affiliate seen using malvertising to spread ransomware

  Researchers at eSentire identified a wave activity from an ALPHV/BlackCat ransomware affiliate which has adopted a somewhat unusual approach to delivering its locker

• November 15, 2023 15 Nov'23

  Russian cyber criminal pleads guilty to running IPStorm botnet

  Sergey Manikin faces years in jail after his illicit proxy botnet service was taken down by US law enforcement

• November 15, 2023 15 Nov'23

  How Gigamon is making its mark in deep observability

  Gigamon CEO Shane Buckley talks up the company’s ability to inspect encrypted network traffic for malicious activity, how it stands out with its deep observability capabilities and the tailwinds that are fuelling its growth

• November 13, 2023 13 Nov'23

  Lloyds Bank warns over rising threat of crypto scams

  Report by Lloyds Banking Group finds there has been a 23% increase in cryptocurrency scams in 2023 compared with last year, targeting mostly younger investors

• November 09, 2023 09 Nov'23

  Revealed: How Russia’s Sandworm ramped up attacks on Ukraine’s critical infrastructure

  New Mandiant intelligence reveals how the APT known as Sandworm has been evolving its playbook, twisting legitimate executables known as LoLBins into malicious tools as it seeks to disrupt daily life in Ukraine

• November 07, 2023 07 Nov'23

  Researchers ‘break’ rule designed to guard against Barracuda vulnerability

  Vectra AI researchers found that a Suricata rule designed to detect exploitation of a dangerous Barracuda Email Security Gateway flaw was not entirely effective

• November 06, 2023 06 Nov'23

  Shadow IT use at Okta behind series of damaging breaches

  Okta now believes the initial access vector in a series of damaging breaches was one of its own employees who used a corporate device to sign into their personal Google account

• November 06, 2023 06 Nov'23

  How Trellix’s CISO keeps threat actors at bay

  Trellix’s chief information security officer, Harold Rivas, outlines how the company mitigates security threats through containment and by helping security analysts to respond faster to cyber incidents

• October 27, 2023 27 Oct'23

  How Elastic manages cyber security threats

  Mandy Andress, CISO at Elastic, highlights the company’s approach to tackling evolving cyber threats through the use of AI tools and enhanced security measures while strengthening the capabilities of its security offerings

• October 25, 2023 25 Oct'23

  Demystifying the top five OT security myths

  Goh Eng Choon, president of ST Engineering’s cyber business, outlines the common myths around OT security in a bid to raise awareness of the security challenges confronting OT systems

• October 24, 2023 24 Oct'23

  Kaspersky opens up over spyware campaign targeting its staffers

  Kaspersky has shared more details of the TriangleDB spyware that was used against its own workforce by an unknown APT group

• October 19, 2023 19 Oct'23

  Sellafield local authority unsure if data was stolen six years on from North Korea ransomware attack

  Senior managers at an ‘Achilles heel’ local authority for Europe’s biggest nuclear site ‘still don’t know what was lost’ in a 2017 cyber attack, according to a council source

• October 19, 2023 19 Oct'23

  Loughborough Uni to create five cyber AI research posts

  Supported by Darktrace, Loughborough University is to recruit five doctoral researchers focusing on cross-disciplinary research in AI and cyber security

• October 17, 2023 17 Oct'23

  Alert sounded over dangerous Cisco IOS XE zero-day

  Cisco warns customers using its IOS XE software of a newly discovered vulnerability that could enable a threat actor to take over their systems

• October 03, 2023 03 Oct'23

  CIISec scores DSIT funding to expand successful CyberEPQ scheme

  DSIT has committed to enhanced funding to expand CIISec’s CyberEPQ education programme after recording excellent results to date

• September 28, 2023 28 Sep'23

  Security and risk management spending to grow 14% next year

  Growth in public cloud services will stand out over the next 12 months, as Gartner projects an overall 14% increase in cyber spending in 2024

• September 25, 2023 25 Sep'23

  Apple fixes three vulnerabilities found by spyware researchers

  Apple has patched three more vulnerabilities uncovered by spyware and surveillance researchers at The Citizen Lab

• September 22, 2023 22 Sep'23

  Cyber experts set out plan to secure future US elections

  A group of experts are setting out to enhance election cyber security in the United States, and restore public faith in a process tainted by interference and misinformation in the past

• September 14, 2023 14 Sep'23

  As vehicle safety regulations loom, carmakers fret over cyber risks

  Global, UN-backed car safety and security regulations come into force next year, and automotive bosses say they are not only unprepared, but “swamped” by a tide of compliance and security risks

• September 13, 2023 13 Sep'23

  Storm-0324 gathers over Microsoft Teams

  An initial access broker associated with several different ransomware operations is now conducting Microsoft Teams phishing attacks

• September 11, 2023 11 Sep'23

  Polish election questioned after Pegasus spyware used to smear opposition, investigation finds

  Senate committee alerts prosecutors over potential crimes by public officials involved in purchasing Pegasus spyware used to monitor and smear political opponents

• September 08, 2023 08 Sep'23

  Apple patches Blastpass exploit abused by spyware makers

  Apple has patched two vulnerabilities that formed an exploit chain which has been allegedly abused by spyware company NSO

• September 07, 2023 07 Sep'23

  Finnish government to bolster spending on cyber-AI defences

  Finland’s government will increase spending on cyber security amid heightened threats from artificial intelligence-based attacks

• September 06, 2023 06 Sep'23

  French supreme court dismisses legal challenge to EncroChat cryptophone evidence

  Defence lawyers plan to appeal to the European Court of Human Rights after the French supreme court disallowed an appeal over the legality of EncroChat evidence

• September 06, 2023 06 Sep'23

  German court unclear whether intercepted EncroChat cryptophone messages are legally admissible

  Germany’s Federal Constitutional Court is waiting to hear five complaints that could decide whether data from the hacked EncroChat phone network can be lawfully used in German courts, but situation remains unclear for now

• September 05, 2023 05 Sep'23

  Plymouth Uni spearheads research into wind farm cyber resilience

  Project hosted at the University of Plymouth in Devon aims to develop cyber security measures to protect the UK’s increasingly important offshore wind farm assets

• September 01, 2023 01 Sep'23

  IT experts issue new warnings over Online Safety Bill plans to weaken end-to-end encryption

  BCS, The Chartered Institute for IT, argues the government is seeking a technical fix to terrorism and child abuse without understanding the risks and implications

• August 31, 2023 31 Aug'23

  Sandworm attacks Ukraine with Infamous Chisel malware

  The UK and its allies have attributed a novel malware campaign against Ukrainian state targets to the Russian intelligence-backed Sandworm APT

• August 29, 2023 29 Aug'23

  Zero-day that forced Barracuda users to bin kit was exploited by China

  Mandiant has published details of how a Chinese threat actor targeted high-profile users of Barracuda Networks' Email Security Gateway appliances, including government agencies of interest to Beijing's intelligence goals

• August 22, 2023 22 Aug'23

  Singapore to bolster OT security capabilities

  Cyber Security Agency of Singapore teams up with Dragos and the US Cybersecurity and Infrastructure Security Agency to bolster the country’s OT security capabilities