News
Endpoint security
-
April 19, 2023
19
Apr'23
How organisations can succeed with zero trust
By starting small, taking a long-term view and prioritising the most critical assets in their zero-trust implementations, organisations will be able to reap returns from their investments in the security paradigm
-
April 17, 2023
17
Apr'23
Restaurants hit by IT problems after BlackCat attack on supplier NCR
Ransomware attack on systems of payments giant causing service outages for restaurants around the world
-
April 13, 2023
13
Apr'23
UK joins key allies to launch secure-by-design guidelines
The UK has joined international partners in sharing new advice to help technology companies embed security into the product design and development process
-
April 12, 2023
12
Apr'23
April Patch Tuesday fixes zero-day used to deliver ransomware
A zero-day in the Microsoft Common Log File System that has been abused by the operator of the Nokoyawa ransomware is among 97 vulnerabilities fixed in April’s Patch Tuesday update
-
April 06, 2023
06
Apr'23
Prioritise automated hardening over traditional cyber controls, says report
A report from strategic risk specialist Marsh McLennan advises security buyers to funnel their budgets towards automated cyber security hardening techniques, saying they have a much better chance of reducing risk in a meaningful way
-
March 30, 2023
30
Mar'23
Reactive approach to cyber procurement risks damaging businesses
Too many organisations are following a reactive approach to cyber security, which WithSecure believes is stifling security teams ability to demonstrate value and align with business outcomes
-
March 30, 2023
30
Mar'23
3CX unified comms users hit by supply chain attacks
Ongoing supply chain attacks against customers of UC firm 3CX appear to be linked to North Korean threat actors
-
March 28, 2023
28
Mar'23
Apple security updates fix 33 iPhone vulnerabilities
A larger-than-usual update to Apple’s mobile operating system fixes more than 30 distinct vulnerabilities, including two serious issues that may potentially affect device kernels
-
March 28, 2023
28
Mar'23
Inside Group-IB’s cyber security playbook
A focus on threat intelligence, fraud protection and its work with Interpol has enabled Group-IB to compete against bigger rivals in the market
-
March 27, 2023
27
Mar'23
JP Morgan pilots palm and face-recognition technology in US
JP Morgan is testing out its biometric payment technology in selected retailer stores and at the upcoming Formula 1 Grand Prix in Miami
-
March 21, 2023
21
Mar'23
Nordics move towards common cyber defence strategy
Nordic countries agree to work together to improve their cyber defences amid increasing threat
-
March 21, 2023
21
Mar'23
How Mimecast thinks differently about email security
Mimecast CEO Peter Bauer believes the company’s comprehensive approach towards email security has enabled it to remain relevant to customers for two decades
-
March 20, 2023
20
Mar'23
NCSC launches cyber check-up tools for SMEs
The NCSC has launched two new security services aimed at SMEs that lack the resources to address cyber issues, and may underestimate their vulnerability to attack
-
March 17, 2023
17
Mar'23
UK TikTok ban gives us all cause to consider social media security
The UK government’s ban on TikTok should give all organisations cause to look into what information social media platforms are collecting on us, and what they are using it for
-
March 07, 2023
07
Mar'23
Dutch hospitals underestimate impact of cyber attack
IT failures in acute care organisations in the Netherlands have increased considerably since 2010, affecting patient care and stressing the need to improve IT security in hospitals
-
March 02, 2023
02
Mar'23
WH Smith staff data accessed in cyber attack
The retailer has said that customer data has not been affected by the incident as it is held in different systems, and that investigations into the attack are ongoing
-
March 01, 2023
01
Mar'23
Data breaches in Australia on the rise, says OAIC
Cyber security incidents were the cause of most data breaches, which rose by 26% in the second half of 2022, according to the Office of the Australian Information Commissioner
-
February 23, 2023
23
Feb'23
WithSecure proposes ‘undo’ button for ransomware
WithSecure’s Activity Monitor technology supposedly overcomes the shortcomings of sandbox test environments, and may be able to stop ransomware attacks from ever happening
-
February 20, 2023
20
Feb'23
Singapore organisations struggle to operationalise threat intelligence
Organisations in the city-state were satisfied with the quality of their threat intelligence, but they struggled to operationalise the information due to talent shortages and other challenges
-
February 20, 2023
20
Feb'23
Twitter 2FA changes bring more risks than benefits
Twitter’s approach to nudging users away from insecure SMS-based 2FA is being questioned over its logic
-
February 20, 2023
20
Feb'23
Why CIOs need to revisit desktop virtualisation
Cloud computing is the next revolution in infrastructure, but desktop IT is still very much on-premise
-
February 15, 2023
15
Feb'23
Multi-purpose malwares can use more than 20 MITRE ATT&CK TTPs
Report warns of the development of increasingly sophisticated, multi-purpose malwares, and calls on defenders to play close attention to the MITRE ATT&CK framework to ward them off
-
February 09, 2023
09
Feb'23
Banking regulatory body wants a ‘tripwire’ to flag APP fraud
Banking code of practice organisation wants banks to monitor where authorised push payment scammers are sending stolen money
-
February 09, 2023
09
Feb'23
How Check Point is keeping pace with the cyber security landscape
Check Point Software CEO Gil Shwed talks up the company’s growth areas, its approach to cloud security and the impact of generative AI on cyber security
-
February 07, 2023
07
Feb'23
APP fraud reimbursement proposal is ‘fundamentally flawed’, say MPs
MPs claim the involvement of a bank-sponsored organisation in reimbursing victims of APP fraud would be a conflict of interest
-
February 01, 2023
01
Feb'23
Malware variant can block contactless payments
Kaspersky warns that the latest variant of the Prilex malware can block contactless payments to force people to insert cards, enabling criminals to steal money
-
January 26, 2023
26
Jan'23
Zero-trust implementations remain work in progress
Just one in 10 large enterprises are expected to have mature and measurable zero-trust programmes in place by 2026, study finds
-
January 25, 2023
25
Jan'23
NCSC exposes Iranian, Russian spear-phishing campaign targeting UK
Spear-phishing campaigns likely linked to Iranian and Russian espionage activity are targeting persons of interest in the UK, warns the NCSC
-
January 25, 2023
25
Jan'23
Japan researchers develop new data encryption method
Researchers from Tokyo University of Science have combined the best of homomorphic encryption and secret sharing in a new method to handle encrypted data
-
January 19, 2023
19
Jan'23
Fraudsters and cyber criminals stole more than £4bn in the UK through 2022
The amount of money stolen by fraudsters and cybercriminals in the UK saw a huge increase in 2022
-
January 15, 2023
15
Jan'23
Thai enterprises spend more on software amid growing digitalisation
The majority of software spending in Thailand during the first half of 2022 went into applications followed by infrastructure software and development tools, according to IDC
-
January 12, 2023
12
Jan'23
Chrome vulnerability could have led to widespread data theft
A dangerous vulnerability in Google Chrome and Chromium-based browsers could have put billions of users’ files at risk of being stolen
-
January 10, 2023
10
Jan'23
New APT group targets ASEAN governments and militaries
The Dark Pink advanced persistent threat group used custom malware to exfiltrate data from high-profile targets through spear-phishing emails last year, according to Group-IB
-
January 08, 2023
08
Jan'23
Vulnerable organisations to get free Cyber Essentials support
Charities and legal aid firms are among those to be offered free security checks and certifications from the National Cyber Security Centre
-
January 02, 2023
02
Jan'23
China and India governments among top targets for cyber attackers
Chinese and Indian governments targeted by hacktivists and ransomware groups out to make statement or expose flaws in their respective security postures
-
December 22, 2022
22
Dec'22
Mitiga researchers disclose AWS Elastic IP hijacking vulnerability
Cloud incident response supplier Mitiga has said a new AWS feature has led to a vulnerability that could allow hackers to access and steal Elastic IP addresses and gain control over AWS accounts
-
December 22, 2022
22
Dec'22
Top 10 cyber security stories of 2022
The war in Ukraine loomed large over the cyber security news agenda, but 2022 also saw growing awareness of open source security, discussion around cyber insurance, and more besides
-
December 21, 2022
21
Dec'22
Top 10 ANZ IT stories of 2022
We recap the top 10 stories in Australia and New Zealand, including the opportunities and challenges that organisations in the region have faced over the past year
-
December 14, 2022
14
Dec'22
Microsoft fixes two zero-days in final Patch Tuesday of 2022
December’s Patch Tuesday is typically a light month for Microsoft, and this year proved no exception, but there are still several critical issues worth addressing, and two zero-days for defenders to pore over
-
December 14, 2022
14
Dec'22
New cyber approaches ease Registers of Scotland’s AWS migration
As the holder of the oldest national public land register in the world, Registers of Scotland has a storied history dating back centuries. Find out how Palo Alto Networks is keeping its processes and data secure as it goes all-in on Amazon Web ...
-
December 13, 2022
13
Dec'22
Finnish government launches information security voucher scheme
Finland’s government is offering businesses financial support to help them improve their cyber security
-
December 11, 2022
11
Dec'22
How Zscaler is cracking APAC’s cloud security market
Zscaler’s head in Asia-Pacific and Japan talks up the company’s growth momentum in the region and what it is doing to address areas where it can do better
-
December 08, 2022
08
Dec'22
Apple to tap third party for physical security keys
Apple is launching a number of new security protections, including the addition of third-party-provided hardware security keys
-
December 08, 2022
08
Dec'22
Australia to develop new cyber security strategy
New strategy to be developed by top cyber security experts aims to turn Australia into a global cyber leader, among other goals
-
November 30, 2022
30
Nov'22
Latest LockBit ransomware versions have wormable capabilities
Sophos researchers have reverse-engineered the Lockbit 3.0 ransomware, shedding new light on its evolving capabilities and firming up links with BlackMatter
-
November 27, 2022
27
Nov'22
Plexal inducts six into cyber leadership scheme
Tech innovation hub Plexal is expanding its Cyber Runway programme with a new Ignite strand dedicated to supporting high-potential security leaders
-
November 24, 2022
24
Nov'22
Not-for-profit aims to encourage 1,300 girls into cyber careers
CyNam, a not-for-profit cyber security initiative, is collaborating with industry, education providers and government to encourage young women into cyber
-
November 14, 2022
14
Nov'22
How Google and Mandiant are forging synergies in cyber security
Google’s AI smarts and Mandiant’s intelligence on new and emerging threats could lay the foundation of proactive security
-
November 09, 2022
09
Nov'22
Optus earmarks A$140m to cover cost of data breach
Optus sets aside A$140m as an exceptional expense for a customer remediation programme following a massive data breach that affected 10 million customers
-
November 09, 2022
09
Nov'22
Why Sophos is bullish on managed security services
Sophos has grown its managed detection and response business to more than $100m over the last three years as more organisations grapple with the increasingly complex cyber security landscape