News

Endpoint security

• August 04, 2021 04 Aug'21

  Initial access brokers unaffected by ransomware content bans

  Banning ransomware content from cyber crime forums has done little to prevent initial access brokers from advertising their services, with the number of access listings increasing in the second quarter of 2021

• August 03, 2021 03 Aug'21

  Destruction and integrity cyber attacks on the rise

  Cyber security professionals have reported a sharp rise in debilitating attacks aimed at destroying or manipulating data

• July 30, 2021 30 Jul'21

  Hospitality firms must accelerate digital transformation to secure long-term recovery

  Key retail sector must respond quickly to new post-pandemic digital-first demands and consumer behaviours to regain competitive edge, says study

• July 27, 2021 27 Jul'21

  US lawmakers call for probe into ‘arrogant’ spyware firm

  US members of Congress have called for an investigation into NSO Group, the spyware supplier at the centre of a massive surveillance scandal

• July 27, 2021 27 Jul'21

  How IBM is solving the data privacy problem

  IBM’s fully homomorphic encryption technology lets enterprises apply analytics and machine learning to encrypted data without compromising data privacy

• July 21, 2021 21 Jul'21

  France’s Macron among alleged Pegasus targets

  Data relating to devices used by French president Emmanuel Macron and the head of the World Health Organization, among others, has been uncovered in a dataset linked to government use of spyware

• July 16, 2021 16 Jul'21

  Legacy SonicWall kit exploited in ransom campaign

  Users of older versions of SonicWall Secure Mobile Access 100 and Secure Remote Access products are at risk from a new ransomware campaign

• July 14, 2021 14 Jul'21

  Multiple Microsoft bugs being actively exploited

  Microsoft’s July Patch Tuesday update fixes 117 vulnerabilities, 13 rated as critical and four already being actively exploited

• July 13, 2021 13 Jul'21

  Dutch prosecutor ordered to give evidence on EncroChat hack

  Netherlands court rules that a public prosecutor should give evidence about the role of the Dutch in the EncroChat cryptophone hack which has led to arrests of organised gangs worldwide

• July 12, 2021 12 Jul'21

  NSW department of education hit by cyber attack

  Australia’s New South Wales department of education takes some systems offline as a precautionary measure in response to a cyber attack last Thursday

• July 11, 2021 11 Jul'21

  Ransomware and botnets among top cyber threats in Singapore

  The city-state saw more ransomware threats and command-and-control servers hosted out of its highly connected network infrastructure last year, as threat actors capitalised on the pandemic

• July 08, 2021 08 Jul'21

  PrintNightmare haunts Microsoft as patch may miss mark

  Microsoft dropped an out-of-band patch to fix PrintNightmare, but there are concerns it may not be totally effective. This does not mean it shouldn’t be applied

• July 02, 2021 02 Jul'21

  Should I be worried about PrintNightmare?

  The accidental publication of proof of concept code for a Windows vulnerability, and the reclassification of said bug from low to critical severity, has the cyber community concerned. Is it right to be?

• July 02, 2021 02 Jul'21

  Cyber attackers up the ante on embattled IT teams

  Opportunistic threat actors are pouncing on embattled IT teams that are under pressure to expand remote work arrangements

• July 01, 2021 01 Jul'21

  NCSC joins US authorities to expose Russian brute force campaign

  A joint attribution by the British and American authorities accuses Russia’s GRU intelligence services of conducting a campaign of brute force attacks on enterprise and cloud environments

• July 01, 2021 01 Jul'21

  Cyber espionage campaign targeted central Asian states

  The Afghan, Kyrgyz and Uzbek governments are all thought to have been targeted by the same APT

• July 01, 2021 01 Jul'21

  Nominations open for 2021 Security Serious Unsung Heroes Awards

  Nominations are now open for this year’s edition of the Unsung Heroes Awards for cyber professionals and educators

• June 30, 2021 30 Jun'21

  Half of mobile phones sold in the UK at risk of security issues

  Lengthy mobile phone contracts leave buyers at risk of their devices losing support for security updates

• June 29, 2021 29 Jun'21

  New Nobelium attacks a reminder to attend to cyber basics

  A new campaign from the same threat group that broke into SolarWinds serves as a reminder that cyber crime gangs will try to exploit any avenue they can, even if technically unsophisticated

• June 29, 2021 29 Jun'21

  Video game industry under relentless cyber attacks

  Web application attacks against the global video game industry grew by 340% in 2020 as more people turn to gaming during pandemic lockdowns

• June 28, 2021 28 Jun'21

  Lazada rolls out public bug bounty programme

  Regional e-commerce giant Lazada is looking to uncover more vulnerabilities that could compromise data security in a public bug bounty programme that offers up to $10,000 per bounty

• June 24, 2021 24 Jun'21

  Stalkerware apps becoming normalised among young people

  Data in a new report appears to show that dangerous stalkerware apps are becoming normalised in younger age groups

• June 23, 2021 23 Jun'21

  Time to patch increases significantly during pandemic

  New data from US-based endpoint management specialist Automox reveals some of the challenges security teams face in keeping up with endpoint security

• June 22, 2021 22 Jun'21

  Innova and RISE drive node development in Sweden

  Swedish cyber security project, National Node, opens its doors to the country’s security firms

• June 21, 2021 21 Jun'21

  Parliamentary devices left in taxis, buses, trains and pubs

  Nearly 100 devices belonging to parliamentary staffers, including MPs and peers, were lost or stolen over the course of 2019 and 2020

• June 18, 2021 18 Jun'21

  Lorca Ignite programme targets breakout cyber talent

  Six of the most successful companies to have come through Lorca’s existing accelerators are being inducted into an intensive programme

• June 17, 2021 17 Jun'21

  UnitingCare Queensland restores IT systems after cyber attack

  Australian healthcare service provider has restored key corporate systems and integrations between applications following a cyber attack earlier this year

• June 10, 2021 10 Jun'21

  Australian organisations face heightened cyber attacks

  Nearly three in four Australian organisations experienced cyber attacks that largely resulted from a growing remote workforce in 2020

• June 04, 2021 04 Jun'21

  HSBC offers all businesses scam awareness app

  HSBC is sharing information on the latest scams and how to defend against them thorough its latest app, available to all businesses

• June 04, 2021 04 Jun'21

  Secrecy around EncroChat cryptophone hack breaches French constitution, court hears

  French lawyers claim that investigators are unlawfully withholding details of a cryptophone hacking operation in a case that could impact UK prosecutions

• June 03, 2021 03 Jun'21

  Norway’s auditor general lifts lid on energy industry’s cyber security risks

  Auditor General’s Office questions the security posture of Norway’s energy industry

• June 03, 2021 03 Jun'21

  FireEye sold to private equity, Mandiant regains independence

  FireEye has agreed to sell its products business and name to a private equity consortium, while Mandiant will spin out as an independent threat intel business

• May 25, 2021 25 May'21

  CyberSprinters game gives kids a head start, says NCSC

  An online game for primary schools, clubs and youth organisations will teach children aged seven to 11 the fundamentals of staying safe online

• May 25, 2021 25 May'21

  McAfee to change terms of auto-renewing consumer plans

  Consumers who found their McAfee antivirus contracts auto-renewed will be able to get out of their contracts and get their money back

• May 25, 2021 25 May'21

  Legacy vulnerabilities may be biggest enterprise cyber risk

  While high-profile cyber attacks and zero-days grab headlines, statistics gathered by network security specialists Cato suggest CISOs should be addressing legacy threats

• May 24, 2021 24 May'21

  Dutch researchers build security software to mimic human immune system

  Software could help IT systems develop immunity to some cyber attacks in a similar way to how the body fights infection

• May 24, 2021 24 May'21

  Why the security stack needs to move to the edge

  Akamai’s chief technology officer Robert Blumofe makes the case for a decentralised security model to address cyber threats that are emanating from the network edge

• May 20, 2021 20 May'21

  Malicious scans for at-risk systems start minutes after disclosure

  Statistics collated by Palo Alto Networks reveal malicious actors begin scanning the internet for systems at risk of new CVEs within minutes

• May 20, 2021 20 May'21

  HP taps micro virtual machines in endpoint security

  HP’s Wolf Security technology stack uses an endpoint security controller to run computing tasks in micro virtual machines so that any potential malware can be isolated and contained

• May 19, 2021 19 May'21

  Barclays first bank to publish online scam refund details

  All banks must be transparent about the proportion of victims of authorised push payment fraud they refund, says consumer rights organisation Which?

• May 19, 2021 19 May'21

  Flexxon bakes AI into SSDs to fight unknown threats

  Singapore-based Flexxon has developed a solid-state drive that uses artificial intelligence to fend off malware and other unknown threats

• May 18, 2021 18 May'21

  Cisco acquires Kenna Security amid security expansion

  Cisco announces a new acquisition alongside service enhancements around XDR and SASE in support of its security customers

• May 17, 2021 17 May'21

  Government seeks input on supply chain security

  Amid concerns that too few companies are addressing vulnerabilities in their supply chain, DCMS is opening a consultation on new measures to enhance security

• May 14, 2021 14 May'21

  Okta and Auth0 to expand APAC coverage

  Okta’s acquisition of rival Auth0 will enable both companies to expand their footprint in the Asia-Pacific region as demand for identity management services soars amid the pandemic

• May 13, 2021 13 May'21

  Refuge launches tech safety site for domestic abuse victims

  Created with the help of survivors, Refuge’s resource site offers guidance on protecting yourself from tech-enabled domestic abuse

• May 12, 2021 12 May'21

  Microsoft fixes four critical bugs on lighter Patch Tuesday

  Four critical RCE vulnerabilities put users of various Microsoft products at risk, and should be patched right away

• May 11, 2021 11 May'21

  Collaboration key to success of UK’s Cyber Security Council

  The founders of the UK’s Cyber Security Council have been setting out their plans to professionalise the cyber sector at the NCSC’s CyberUK 2021 event

• May 07, 2021 07 May'21

  NCSC publishes smart city security guidelines

  Guidance for local authorities, IT and cyber professionals aims to ensure the security of connected, smart city projects

• May 07, 2021 07 May'21

  Ransomware, supply chain attacks show no sign of abating

  Security experts at Black Hat Asia 2021 discuss the state of ransomware and supply chain attacks, two of the most common attack vectors that offer high returns for threat actors

• May 06, 2021 06 May'21

  Google to introduce mandatory MFA for users

  In future, holders of Google accounts will have no option but to use multifactor authentication if they want to use the firm’s services