News

Endpoint security

August 04, 2022 04 Aug'22
Financial services regulator opens digital delivery centre in Leeds

The Financial Conduct Authority is increasing the number of tech experts in its workforce through a new digital delivery centre in Leeds
August 03, 2022 03 Aug'22
Shift to remote work sees major rise in cyber crime

Survey finds almost four in five cyber security teams agree that recent changes to working practices have adversely affected their organisation’s cyber security, with one-fifth banning the use of public Wi-Fi by policy
July 28, 2022 28 Jul'22
NCSC startups scheme turns focus to operational technology, SME security

NCSC for Startups initiative turns its focus to supporting innovation around securing operational technology and addressing the challenges facing small businesses
July 28, 2022 28 Jul'22
Cyber criminals pivot away from macros as Microsoft changes bite

As Microsoft resumes blocking macros by default in its Office application suite, reversing a temporary reversal, analysis from Proofpoint suggests the action has had a remarkable effect

July 27, 2022 27 Jul'22
Cyber security training ‘boring’ and largely ignored

Two-thirds of employees don’t bother to pay attention to cyber security training – and the fault does not lie with them
July 26, 2022 26 Jul'22
Ducktail infostealer targets Facebook Business users

Newly uncovered Ducktail operation targets individuals with access to Facebook Business service and tries to steal their accounts
July 25, 2022 25 Jul'22
NCSC seeks community input for Cyber Advisor service

The NCSC is proposing to establish a new Cyber Advisor service to train up experts in security guidance, and is inviting interested parties to come forward
July 25, 2022 25 Jul'22
The Security Interviews: Why you need to protect abandoned digital assets

The war in Ukraine and subsequent boycott of Russia resulted in a swathe of digital infrastructure being abandoned, becoming a potential vulnerability for many organisations, says Cyberpion’s Ran Nahmias
July 21, 2022 21 Jul'22
Buy ‘plug-n-play’ malware for the price of a pint of beer

Three-quarters of malwares and almost 90% of exploits retail on the dark web for about £8.40 or less, according to a report
July 20, 2022 20 Jul'22
(ISC)² expands entry-level cyber programme after UK success

Flush with success from a UK certification programme, reaching 100k in the UK, (ISC)² now wants to provide free security certification to a million people worldwide

July 14, 2022 14 Jul'22
How hostile government APTs target journalists for cyber intrusions

Proofpoint shares data on multiple campaigns of cyber intrusions against journalists originating from threat actors aligned to the governments of China, Iran, North Korea and Turkey
July 13, 2022 13 Jul'22
Digital break-up kit to help women get out of bad relationships safely

Domestic abuse charity Refuge teams up with Avast to equip women with the knowledge to effectively and safely end a relationship digitally
July 13, 2022 13 Jul'22
July Patch Tuesday brings more than 80 fixes, one zero-day

While some admins can put their feet up and let Windows Autopatch do the hard work of updating their Microsoft estates, for the rest of us, the Patch Tuesday bandwagon keeps on keeping on
July 12, 2022 12 Jul'22
Microsoft Windows Autopatch now generally available

Microsoft customers with Windows Enterprise E3 and E5 licences can now take full advantage of its new automated patching service
July 12, 2022 12 Jul'22
Singapore doubles down on OT security

The Cyber Security Agency of Singapore will fund 80 scholarships to groom a talent pool of operational technology security experts, among other efforts to bolster the security of critical infrastructure in the city-state
July 11, 2022 11 Jul'22
Microsoft VBA macro block will return

Microsoft provides more details about its sudden decision to rollback a landmark security policy, and reassures users it is a temporary measure
July 11, 2022 11 Jul'22
SMEs lagging on multifactor authentication

Only 46% of small business owners say they have implemented multifactor authentication, and just 13% mandate its use, according to a report
July 08, 2022 08 Jul'22
Microsoft appears to reverse VBA macro-blocking

Microsoft quietly reverses VBA macro-blocking across its Office portfolio in a move that has left security experts puzzled
July 07, 2022 07 Jul'22
Amid NSO lawsuit, Apple expands spyware protections

Apple previews a new feature called Lockdown Mode to protect iPhone and iPad users from ‘mercenary spyware’
July 06, 2022 06 Jul'22
Plexal seeks new scaleups for next phase of Cyber Runway

Established security startups looking to grow and scale their operations are being invited to join the next phase of Plexal’s Cyber Runway programme
June 27, 2022 27 Jun'22
Commercial cyber products must be used responsibly, says NCSC CEO

NCSC’s Lindy Cameron is to speak out on responsible regulation of cyber capabilities at an event in Tel Aviv, Israel
June 24, 2022 24 Jun'22
US cyber agency in fresh warning over Log4Shell risk to VMware

Many VMware Horizon and UAG servers remain defenceless against Log4Shell, and organisations continue to fall victim to the vulnerability
June 22, 2022 22 Jun'22
How TDCX is building a people-centric business

Every digital tool deployed by the Singapore-based services firm is aimed at augmenting the performance and experience of its employees, says TDCX’s group CIO, Byron Fernandez
June 19, 2022 19 Jun'22
Aussie mobile users most vulnerable to security threats

Australia has the highest percentage of mobile app threats detected on a per-device basis, with iPhone users more likely to download a risky app than an Android user, study finds
June 16, 2022 16 Jun'22
Dundee security research centre opens with support from SBRC

An £18m hub at Abertay University in Dundee forms the centrepiece of Scotland’s first security research cluster
June 16, 2022 16 Jun'22
Office 365 loophole may give ransomware an easy shot at your files

Researchers at Proofpoint have discovered potentially dangerous Microsoft Office 365 functionality that they believe may give ransomware a clear shot at files stored on SharePoint and OneDrive
June 15, 2022 15 Jun'22
Patch Tuesday dogged by concerns over Microsoft vulnerability response

The last Patch Tuesday in its current form is overshadowed by persistent concerns about how Microsoft deals with vulnerability disclosure
June 13, 2022 13 Jun'22
Qatar bolsters cyber security in preparation for World Cup

With hackers honing their cyber weapons to target the upcoming football World Cup, Qatar is busy developing countermeasures and raising awareness
June 10, 2022 10 Jun'22
Researchers find eight CVEs in single building access system

A series of eight vulnerabilities in Carrier LenelS2 building access panels could enable malicious actors to obtain physical access to their targets
June 08, 2022 08 Jun'22
China using top consumer routers to hack Western comms networks

An advisory from US cyber authorities shares details of multiple vulnerabilities exploited by Chinese state actors to hack into Western telecoms networks
June 01, 2022 01 Jun'22
Executive interview: Jeetu Patel, general manager of collaboration and security, Cisco

Anyone with an idea can help solve a problem if geography and distance don’t matter when bringing in talent, says Cisco’s collaboration and security chief
May 31, 2022 31 May'22
Researchers discover zero-day Microsoft vulnerability in Office

Malicious Word documents have been used to invoke a previously undisclosed vulnerability in Microsoft Office without user interaction through Windows utility functions
May 31, 2022 31 May'22
Industrial systems not safe for the future, say Dutch ethical hackers

Ethical hackers in the Netherlands say operational technology and IT networks need to be integrated to prevent cyber attacks penetrating their operations
May 31, 2022 31 May'22
Singapore doubles down on quantum technology

The city-state is shoring up its quantum talent and quantum device manufacturing capabilities in a bid to advance its knowhow in the emerging technology
May 25, 2022 25 May'22
Rubrik charts data security path

Backup and recovery software provider Rubrik now sees itself as a cyber security company that helps organisations recover from ransomware and other data security threats
May 23, 2022 23 May'22
How Ivanti views patch management with a security lens

Bringing development, operations and security teams together will help organisations to improve their visibility of IT assets and vulnerabilities while keeping threat actors at bay
May 20, 2022 20 May'22
Microsoft drops emergency patch after Patch Tuesday screw up

Microsoft fixed a certificate mapping issue that caused server authentication failures on domain controllers for users that had installed the most recent Patch Tuesday updates
May 20, 2022 20 May'22
Chinese cyber spooks exploit western sanctions on Russia

The actor behind an ongoing Chinese espionage campaign targeting Russian defence research bodies is taking advantage of the Ukraine war in their phishing lures
May 19, 2022 19 May'22
Red teaming will be standard in Dutch governmental organisations by 2025

The Dutch government wants to include the testing of the digital security of systems, processes and people – also known as red teaming – in all of its governmental organisations’ test planning and budgeting by 2025 at the latest
May 19, 2022 19 May'22
Singapore opens security testing centre

Joint centre set up by the Cyber Security Agency of Singapore and a local university will facilitate security testing and train security evaluation talent
May 18, 2022 18 May'22
Mastercard biometric programme will allow payment authentication by smile

Mastercard is inviting banks and merchants to join a programme to set standards for biometric payments technology
May 17, 2022 17 May'22
Australian CISOs least prepared for cyber attacks

Australian CISOs are under pressure and feel the least prepared globally to deal with the consequences of a cyber attack, study finds
May 12, 2022 12 May'22
APAC career guide: Becoming a cyber security pro

The region’s burgeoning cyber security industry has attracted more talent last year, but it takes more than just technical knowhow to succeed in the field
May 11, 2022 11 May'22
Emotet has commanding lead on Check Point monthly threat chart

Emotet remains by some margin the most prevalent malware, according to Check Point’s latest monthly statistics
May 11, 2022 11 May'22
Microsoft fixes three zero-days on May Patch Tuesday

It’s the second-to-last Patch Tuesday as we know it, and Microsoft has fixed a total of 75 bugs, including three zero-days
May 09, 2022 09 May'22
CyberUK 22: NCSC’s ACD programme blocks 2.7 million scams

On the opening day of its annual CyberUK event, the NCSC reveals how organisations around the country have used its Active Cyber Defence programme to their advantage
May 04, 2022 04 May'22
Intellectual property theft operation attributed to Winnti group

Winnti conducted a prolonged cyber espionage campaign that went undetected for years, allowing it to exfiltrate massive amounts of corporate data and intellectual property
May 04, 2022 04 May'22
UK government puts pressure on IT sector to clean up app security

Apps can be exploited to carry malicious payloads that steal personal information and cause financial loss – and not enough is being done to secure them
April 28, 2022 28 Apr'22
Manufacturer sues JPMorgan after cyber criminals stole $272m

Manufacturer files lawsuit alleging that US bank failed to inform it of suspicious transaction activity
April 27, 2022 27 Apr'22
Log4Shell, ProxyLogon, ProxyShell among most exploited bugs of 2021

These 15 CVEs were the most commonly exploited last year, and if you haven’t mitigated against them, now is the time