News

Hackers and cybercrime prevention

June 24, 2022 24 Jun'22
Developers grapple with open source software security

Software developers are taking longer to fix vulnerabilities and many do not know about the dependencies of open source software components they are using, study finds
June 23, 2022 23 Jun'22
Ukraine cyber agency enlists Radware to protect government networks

Ukraine’s State Service of Special Communications and Information Protection is using Radware cloud DDoS protection and web application firewall services to protect the government from persistent Russian attacks
June 22, 2022 22 Jun'22
How TDCX is building a people-centric business

Every digital tool deployed by the Singapore-based services firm is aimed at augmenting the performance and experience of its employees, says TDCX’s group CIO, Byron Fernandez
June 21, 2022 21 Jun'22
CNI leaders’ attitude to ransomware lackadaisical at best

A survey of security decision-makers in sectors regarded as critical national infrastructure reveals a disappointing attitude to ransomware threats

June 20, 2022 20 Jun'22
Lords move to protect cyber researchers from prosecution

A cross-party group in the House of Lords has proposed an amendment to the Product Security and Telecommunications Infrastructure Bill that would address concerns about security researchers or ethical hackers being prosecuted in the course of their ...
June 20, 2022 20 Jun'22
Complex Russian cyber threat requires we go back to basics

The situation in Russia is anything but simple, but it is the fundamentals of cyber security hygiene that pose the best defence against the country’s digital threat, as Mandiant’s Jamie Collier explains
June 19, 2022 19 Jun'22
Aussie mobile users most vulnerable to security threats

Australia has the highest percentage of mobile app threats detected on a per-device basis, with iPhone users more likely to download a risky app than an Android user, study finds
June 16, 2022 16 Jun'22
TalkTalk hacker Daniel Kelley gives up his black hat for good

After serving a four-year prison sentence for his role in the 2015 TalkTalk hack and other cyber offences, Daniel Kelley now wants to pursue a legitimate cyber security career
June 16, 2022 16 Jun'22
Dundee security research centre opens with support from SBRC

An £18m hub at Abertay University in Dundee forms the centrepiece of Scotland’s first security research cluster
June 16, 2022 16 Jun'22
Office 365 loophole may give ransomware an easy shot at your files

Researchers at Proofpoint have discovered potentially dangerous Microsoft Office 365 functionality that they believe may give ransomware a clear shot at files stored on SharePoint and OneDrive

June 16, 2022 16 Jun'22
Interpol arrests thousands in global cyber fraud crackdown

A two-month operation saw law enforcement agencies in 76 countries crack down on organised cyber fraud
June 15, 2022 15 Jun'22
$2k to access your organisation on the dark web

Dark web brokers will sell access to company networks and systems for an average of $2,000 to $4,000
June 13, 2022 13 Jun'22
UK, US prepare to launch PET project

A transatlantic prize challenge to accelerate development of privacy-enhancing technologies is set to begin
June 13, 2022 13 Jun'22
Government recommits to UK’s cyber future in Digital Strategy

New strategy leans heavily on cyber security but stops short of announcing any initiatives that have not already been launched or heavily trailed
June 13, 2022 13 Jun'22
New warning over tech suppliers in thrall to hostile governments

Ukraine war could lead to shakeup of dual-use tech exports, says former UK intelligence officer
June 13, 2022 13 Jun'22
Qatar bolsters cyber security in preparation for World Cup

With hackers honing their cyber weapons to target the upcoming football World Cup, Qatar is busy developing countermeasures and raising awareness
June 10, 2022 10 Jun'22
Snake Keylogger climbing malware charts, says Check Point

Cyber criminals behind Snake Keylogger campaigns have been switching up their tactics in the past few weeks, say researchers
June 10, 2022 10 Jun'22
Researchers find eight CVEs in single building access system

A series of eight vulnerabilities in Carrier LenelS2 building access panels could enable malicious actors to obtain physical access to their targets
June 09, 2022 09 Jun'22
SolarWinds CEO offers to commit staffers to government cyber agencies

A new proposal from SolarWinds’ outspoken CEO, Sudhakar Ramakrishna, could see software companies commit key staff to work with government cyber agencies to improve cooperation and incident response
June 09, 2022 09 Jun'22
Cyber researchers step in to fill Patch Tuesday’s shoes

Afraid you’ll miss Patch Tuesday when it’s gone? You’re not alone, but security analysts at Recorded Future are taking action to help the community come to terms with its loss
June 08, 2022 08 Jun'22
China using top consumer routers to hack Western comms networks

An advisory from US cyber authorities shares details of multiple vulnerabilities exploited by Chinese state actors to hack into Western telecoms networks
June 08, 2022 08 Jun'22
ProxyLogon, ProxyShell may have driven increase in dwell times

The median network intruder dwell time was up 36% to 15 days last year, thanks to massive exploitation of the ProxyLogon and ProxyShell vulnerabilities by IABs, according to new Sophos data
June 07, 2022 07 Jun'22
Weak IT and SecOps collaboration in ANZ opens doors to cyber attacks

The weak collaboration between IT and security teams in Australia and New Zealand is exposing their organisations to data loss, business disruption and other potential consequences of cyber attacks
June 01, 2022 01 Jun'22
EU must stand ground on cyber security, says Finland’s WithSecure

Russian threat is serving to focus minds on cyber security across Europe, say executives at enterprise security company’s inaugural conference
May 31, 2022 31 May'22
Researchers discover zero-day Microsoft vulnerability in Office

Malicious Word documents have been used to invoke a previously undisclosed vulnerability in Microsoft Office without user interaction through Windows utility functions
May 31, 2022 31 May'22
Industrial systems not safe for the future, say Dutch ethical hackers

Ethical hackers in the Netherlands say operational technology and IT networks need to be integrated to prevent cyber attacks penetrating their operations
May 26, 2022 26 May'22
Two-thirds of UK organisations defrauded since start of pandemic

Nearly two out of three UK companies say they have experienced some form of fraud or economic crime in the past two years, according to a report
May 26, 2022 26 May'22
Most CFOs being left out of ransomware conversations

Barely a tenth of CFOs are actively involved in planning for cyber attacks, according to a report
May 25, 2022 25 May'22
New inquiry looks at the state of UK chips

Foreign Affairs Committee is fishing for evidence in a new inquiry assessing skills, security and end-to-end semiconductor supply chain concerns
May 25, 2022 25 May'22
Rubrik charts data security path

Backup and recovery software provider Rubrik now sees itself as a cyber security company that helps organisations recover from ransomware and other data security threats
May 24, 2022 24 May'22
Ransomware volumes grew faster than ever in 2021

Verizon’s annual DBIR assessment of the security landscape highlights an unprecedented boom in ransomware volumes, to the surprise of nobody
May 24, 2022 24 May'22
Bad bots make up a quarter of APAC’s web traffic

Bots that run automated tasks have been responsible for stealing personal information among other malicious activities in the Asia-Pacific region, study finds
May 23, 2022 23 May'22
Did the Conti ransomware crew orchestrate its own demise?

Analysts examining the shutdown of the Conti ransomware syndicate suggest the cyber crime collective orchestrated its own demise
May 23, 2022 23 May'22
How Ivanti views patch management with a security lens

Bringing development, operations and security teams together will help organisations to improve their visibility of IT assets and vulnerabilities while keeping threat actors at bay
May 20, 2022 20 May'22
Applying international law to cyber will be a tall order

Many in the security community have voiced their support for the UK government’s ambitions to work towards agreement with other countries on the application of international law to cyber space, but not without some reservations
May 20, 2022 20 May'22
Microsoft drops emergency patch after Patch Tuesday screw up

Microsoft fixed a certificate mapping issue that caused server authentication failures on domain controllers for users that had installed the most recent Patch Tuesday updates
May 20, 2022 20 May'22
Chinese cyber spooks exploit western sanctions on Russia

The actor behind an ongoing Chinese espionage campaign targeting Russian defence research bodies is taking advantage of the Ukraine war in their phishing lures
May 19, 2022 19 May'22
Defensive cyber attacks may be justified, says attorney general

Speaking ahead of a speech at the Chatham House think tank, the UK’s attorney general has suggested defensive cyber attacks against hostile countries may be legally justifiable
May 19, 2022 19 May'22
Top cyber criminal earnings outpace those of business leaders

Cyber crime can pay significantly better than leading a FTSE 100 organisation, according to a report
May 19, 2022 19 May'22
Nature of cyber war evolving in real time, says Microsoft president

The past three months have seen the rapid evolution of the very nature warfare to incorporate cyber attacks, Microsoft’s Brad Smith tells the audience at its Envision conference in London
May 19, 2022 19 May'22
Red teaming will be standard in Dutch governmental organisations by 2025

The Dutch government wants to include the testing of the digital security of systems, processes and people – also known as red teaming – in all of its governmental organisations’ test planning and budgeting by 2025 at the latest
May 19, 2022 19 May'22
Singapore opens security testing centre

Joint centre set up by the Cyber Security Agency of Singapore and a local university will facilitate security testing and train security evaluation talent
May 18, 2022 18 May'22
Mastercard biometric programme will allow payment authentication by smile

Mastercard is inviting banks and merchants to join a programme to set standards for biometric payments technology
May 17, 2022 17 May'22
Veeam outlines data protection vision

Veeam is looking to achieve an “outsized market leading position” by tapping its strengths in data protection and doubling down on innovation to help enterprises secure emerging workloads
May 17, 2022 17 May'22
Australian CISOs least prepared for cyber attacks

Australian CISOs are under pressure and feel the least prepared globally to deal with the consequences of a cyber attack, study finds
May 12, 2022 12 May'22
APAC career guide: Becoming a cyber security pro

The region’s burgeoning cyber security industry has attracted more talent last year, but it takes more than just technical knowhow to succeed in the field
May 11, 2022 11 May'22
Nerbian RAT enjoys using Covid-19 phishing lures

The world is slowly coming to terms with Covid-19, but fear of the coronavirus is no less useful to cyber criminals because of it, as Proofpoint researchers have discovered
May 11, 2022 11 May'22
Emotet has commanding lead on Check Point monthly threat chart

Emotet remains by some margin the most prevalent malware, according to Check Point’s latest monthly statistics
May 11, 2022 11 May'22
CyberUK 22: Five Eyes focuses on MSP security

The western intelligence community has set out practical steps IT service providers and their customers can take to protect themselves
May 11, 2022 11 May'22
CyberUK 22: Data-sharing service to protect public from scams

A new data-sharing service set up by the NCSC and industry partners will give ISPs access to real-time threat data that they can use to block fraudulent websites