News

Endpoint security

• December 09, 2020 09 Dec'20

  Patch Tuesday: Microsoft presents just 58 CVEs for Christmas

  The final Patch Tuesday of 2020 contains 58 fixes, a minnow compared to some recent drops, but many are still of high importance

• December 09, 2020 09 Dec'20

  There’s no going back to pre-pandemic security approaches

  The cyber security world will probably never return to its pre-pandemic state, and different approaches to security will come to the fore in 2021

• December 09, 2020 09 Dec'20

  Top IT predictions in APAC in 2021

  The Asia-Pacific region will continue to be a cradle for technology innovation in the new year, whether it is 5G services, artificial intelligence, cloud computing or cyber security

• December 08, 2020 08 Dec'20

  Multiple D-Link routers found vulnerable to attack

  Digital Defense discloses a remotely exploitable root command injection flaw in a number of D-Link wireless router devices

• December 08, 2020 08 Dec'20

  Russian state actors exploiting VMware bug to hijack data, users warned

  Russian APT groups are actively exploiting a vulnerability in VMware products to access protected data, according to latest warnings

• December 07, 2020 07 Dec'20

  HMRC referred 11 data security incidents to ICO in 2019-20

  HM Revenue & Customs shares details of a number of data security incidents that occurred during the 2019-20 financial year in its annual report

• December 07, 2020 07 Dec'20

  Grindr and others patch critical Android bug

  Fixes for CVE-2020-8913 deployed as app developers shore up their defences against a disclosed Google Play vulnerability

• December 04, 2020 04 Dec'20

  Opportunistic Egregor ransomware is an emerging and active threat

  Researchers at Recorded Future’s Insikt Group highlight links between the emerging Egregor ransomware and other strains, and offer guidance on defending against it

• December 04, 2020 04 Dec'20

  Avast and Borsetta to support Intel’s AI security project

  Security firm Avast and AI security specialist Borsetta have signed up to support an Intel-led artificial intelligence security research project

• December 03, 2020 03 Dec'20

  Lax Android app developers putting millions of users at risk

  Eight months after Google patched a critical vulnerability, developers have failed to update their apps, putting millions of users of apps such as dating services Bumble and Grindr at risk

• December 03, 2020 03 Dec'20

  Dangerous Trickbot evolves to target UEFI/BIOS firmware

  Dubbed Trickboot by researchers, Trickbot’s new features enable malicious actors to read, write or even erase UEFI/BIOS firmware

• November 26, 2020 26 Nov'20

  APAC plagued by APT, ransomware attacks

  The Asia-Pacific region was a primary target of advanced persistent threat groups, mostly from China, Iran, North Korea and Russia, that carried out 34 campaigns between June 2019 to June 2020

• November 25, 2020 25 Nov'20

  Use of abusive stalkerware against women skyrocketed in 2020

  Rise in the use of malicious stalkerware correlates closely to increased domestic violence during lockdown

• November 24, 2020 24 Nov'20

  Belgian security researcher hacks Tesla with Raspberry Pi

  Belgian security researcher Lennert Wouters once again succeeds in hacking a Tesla vehicle, this time by exploiting the Bluetooth Low Energy standard

• November 23, 2020 23 Nov'20

  Finnish finance giant pilots fingerprint payments

  OP Financial introduces biometric security technology to enable higher-value payments to be made safely using contactless cards

• November 23, 2020 23 Nov'20

  MPs subjected to over 22 million malicious email attacks in 2020

  Members of Parliament are targeted by millions of spam and phishing emails every month, according to a Freedom of Information disclosure

• November 18, 2020 18 Nov'20

  2021 the year of commodity ransomware, says Sophos

  Sophos researchers anticipate a trickle-down effect in the cyber criminal underground

• November 18, 2020 18 Nov'20

  How Aarogya Setu is addressing scale and security challenges

  India’s contact-tracing platform leverages microservices, encryption techniques and cloud-based visibility tools to address scale and security requirements

• November 12, 2020 12 Nov'20

  IT Priorities 2020: Budgets rejigged to support 2021 recovery

  IT has been essential in helping organisations remain operational. IT chiefs are now considering the IT to drive a sustained business recovery

• November 11, 2020 11 Nov'20

  What businesses can learn from GovTech’s digital strategy

  Modernising its infrastructure and putting digital at its core has given Singapore’s Government Technology Agency the agility it needs to respond to the Covid-19 pandemic

• November 11, 2020 11 Nov'20

  Security pros coped admirably with remote working transition

  Despite facing tight timescales at the onset of the pandemic, security professionals have come through the transition to remote working remarkably well, according to a report

• November 11, 2020 11 Nov'20

  Gartner: IT spending to focus on fast time to value

  There are no surprises in Gartner’s latest forecast. IT budgets are being spent on supporting remote workers, but CIOs have new metrics

• November 11, 2020 11 Nov'20

  Microsoft drops fix for serious zero-day among 112 Patch Tuesday updates

  November’s Patch Tuesday contains fixes for 112 bugs, including a potentially serious zero-day exploit that malicious actors are already taking advantage of

• November 10, 2020 10 Nov'20

  Intel and AMD processors affected by another side-channel exploit

  Two years after Spectre and Meltdown, the x86 processor faces another side-channel exploit – only this time, it is based on sensing temperature

• November 10, 2020 10 Nov'20

  IT Priorities 2020: After Covid-19, security goes back to basics

  This year’s transition to remote working highlighted big gaps in the fundamentals of security, as updated TechTarget/Computer Weekly data reveals

• November 09, 2020 09 Nov'20

  EU moves closer to encryption ban after Austria, France attacks

  Draft resolution document setting up an EU-wide ban on end-to-end encryption is set to be waved through this week

• November 05, 2020 05 Nov'20

  Microsoft to support next generation of security startups

  Tech giant lends its support to the NCSC Cyber Accelerator scheme, which is seeking its seventh cohort of startups

• November 05, 2020 05 Nov'20

  Consumer rights organisation warns of computer takeover scams

  Consumers warned to be on guard against criminals pretending to be IT support staff to gain access to personal banking information

• November 05, 2020 05 Nov'20

  Singapore government rolls out digital signature service

  Individuals and businesses will soon be able to sign documents digitally using a new service on the Singapore government’s SingPass digital identity platform

• November 04, 2020 04 Nov'20

  India and Japan report stronger concern over cyber threats

  Security operations teams in the two Asian giants see the increased volume of cyber threats as their biggest challenge amid the Covid-19 pandemic

• October 28, 2020 28 Oct'20

  Barracuda eyes Indochina markets

  Barracuda is looking to expand its local presence and headcount in fast-growing emerging markets of Vietnam, Cambodia and Laos

• October 27, 2020 27 Oct'20

  APAC CISOs warm up to zero trust

  Security leaders in Asia-Pacific are adopting zero-trust security, but challenges stand in their way of reaping the full potential of the security model

• October 22, 2020 22 Oct'20

  Protecting remote workers an opportunity to do security better

  Securing the fully remote workforce has been a challenge for IT teams, but it presents an opportunity to commit to a higher standard of cyber security, according to a Cisco report

• October 21, 2020 21 Oct'20

  NSA’s top CVE list a timely reminder to patch

  Many of the CVEs detailed on the NSA’s top 25 chart are golden oldies

• October 14, 2020 14 Oct'20

  Microsoft fixes 87 bugs in October 2020 Patch Tuesday

  Smaller October Patch Tuesday update includes fixes for critical bugs in Windows 10 and Windows Server 2019

• October 12, 2020 12 Oct'20

  Trickbot forced offline in major cyber security victory

  Coalition led by Microsoft obtained a court order enabling them to take down the infamous Trickbot botnet’s back-end server infrastructure

• October 12, 2020 12 Oct'20

  Five Eyes spy group again demands access to private messages

  Spooks are once again calling for the tech industry to break end-to-end encryption in messaging platforms

• October 12, 2020 12 Oct'20

  Cyber security skills ad branded ‘crass’ by minister

  Security skills campaign advert depicting a ballet dancer comes in for criticism as the arts sector struggles in the pandemic

• October 12, 2020 12 Oct'20

  Making sense of zero-trust security

  Implementing zero-trust security is not an easy feat, but enterprises can still get it right if they approach it from a process perspective and get a handle on their infrastructure footprint

• October 08, 2020 08 Oct'20

  NCSC relaunches SME security guide with home working focus

  The NCSC is issuing an updated version of its guide to security for SMEs, reflecting the long-lasting changes to the world of work seen in 2020

• October 08, 2020 08 Oct'20

  Threat of GDPR fines increasingly driving security buying decisions

  Scaring the people who hold the purse strings may be the best option for CISOs who need a little extra budget

• October 06, 2020 06 Oct'20

  EU’s top court questions legality of UK phone and internet data surveillance

  European Court of Justice rules that the UK and EU member states must comply with EU privacy laws when harvesting people’s sensitive communications data from telecoms and internet companies

• October 06, 2020 06 Oct'20

  CISOs struggle to keep up with MITRE ATT&CK framework

  Despite its proven benefits for security, the MITRE ATT&CK framework is proving difficult for many, according to a joint study from McAfee and UC Berkeley

• October 05, 2020 05 Oct'20

  MosaicRegressor APT campaign using rare malware variant

  Kaspersky researchers have shared details of a APT campaign utilising a rarely seen and hard-to-stop variety of malware

• September 29, 2020 29 Sep'20

  NCSC expands schools programme to north-east England and Northern Ireland

  Following an initial roll-out in Gloucestershire and Wales, the NCSC’s CyberFirst Schools programme is being extended to north-east England and Northern Ireland

• September 29, 2020 29 Sep'20

  NatWest offers online banking customers free security services

  Bank responds to a surge in cyber crime targeting users of online banking services

• September 28, 2020 28 Sep'20

  Security now main driving force behind digital transformation

  Organisations are urgently remodelling their core technology stack in the light of the Covid-19 pandemic, and this is pushing security to the top of the agenda

• September 24, 2020 24 Sep'20

  Third-party code bug left Instagram users at risk of account takeover

  A critical vulnerability in Instagram’s image processing could have allowed attackers to take over not just their victim’s account, but their entire device

• September 24, 2020 24 Sep'20

  NHS whistleblower privacy concerns passed on to regulator, but campaigners not holding their breath

  NHS Improvement chair Dido Harding acknowledges receiving concerns raised about the anonymity of whistleblowers, but campaigners have little faith that anything will be done

• September 24, 2020 24 Sep'20

  Government blasted over ‘reckless’ contact-tracing security

  The Open Rights Group and Big Brother Watch accuse the government of endangering public health with a reckless attitude to contact-tracing data security