News

IT risk management

• July 12, 2019 12 Jul'19

  New FinSpy versions extend surveillance capabilities

  New versions of the FinSpy malware for iOS and Android smartphones have extended targeted surveillance capabilities, warn security researchers

• July 12, 2019 12 Jul'19

  Windows 10 to enable passwordless sign-in

  Windows 10 users will soon be able to sign in to devices without using a password to encourage the use of two-factor authentication methods to improve security

• July 11, 2019 11 Jul'19

  Attacks against AI systems are a growing concern

  European research group says attacks against AI systems are already occurring, difficult to identify, and could be far more common than currently understood

• July 11, 2019 11 Jul'19

  RiskIQ uncovers new Magecart campaign

  A fresh Magecart campaign is breaching websites on a massive scale using indiscriminate attacks exploiting misconfigured Amazon S3 buckets, say researchers

• July 10, 2019 10 Jul'19

  Agent Smith mobile malware hits millions of devices

  New mobile malware that exploits Android vulnerabilities has infected millions of devices, security researchers have discovered

• July 09, 2019 09 Jul'19

  Nearly half of firms fear cloud apps make them insecure

  Survey shows more than one-third of global companies appoint a CISO in the face of data breaches, and the UK is giving CISOs more power despite making fewer appointments

• July 08, 2019 08 Jul'19

  IISP gains Royal Charter status

  The UK finally has its first national professional body for cyber security that will be responsible for setting the standards for skills and knowledge in the industry to reduce the skills gap and increase diversity

• July 05, 2019 05 Jul'19

  St John Ambulance praised for response to ransomware attack

  Charity’s response to ransomware attack demonstrates that it is possible to ensure minimal disruption if properly prepared

• July 04, 2019 04 Jul'19

  Security and privacy key to smart buildings and cities

  Security and privacy capabilities are essential for stakeholders if they are to realise the benefits of smart buildings and cities, says expert whitepaper

• July 04, 2019 04 Jul'19

  FireEye ties Microsoft Outlook exploit to Iranian hackers

  US Cyber Command has issued a warning that a patched Microsoft Outlook vulnerability is being exploited by unnamed threat actors, and recommended immediate patching

• July 04, 2019 04 Jul'19

  Email still top security vulnerability, survey shows

  Email is still the top security vulnerability, a survey shows, but security researchers caution that switching to instant messaging is not necessarily a solution in the longer term

• July 04, 2019 04 Jul'19

  APAC experts weigh in on cyber security trends

  The onslaught of cyber attacks being reported each day has been a wake-up call, but experts say businesses need to be mindful of the limitations of certain security measures

• July 03, 2019 03 Jul'19

  Sodin ransomware exploiting Windows zero-day, Kaspersky warns

  Security researchers are warning that a recently discovered type of ransomware is now exploiting a zero-day Windows vulnerability, and does not require user interaction to trigger an infection

• July 03, 2019 03 Jul'19

  Top VPNs secretly owned by Chinese firms

  Nearly a third of top VPNs are secretly owned by Chinese companies, while other owners are based in countries with weak or no privacy laws, potentially putting users at risk, security researchers warn

• July 02, 2019 02 Jul'19

  Sweden’s Protective Security Act targets cyber risks

  IT suppliers must comply with tighter cyber security requirements, but are being offered help from government agencies

• July 02, 2019 02 Jul'19

  Orvibo data leak puts security spotlight on IoT back end

  The security of devices that make up the internet of things (IoT) is a top concern for many in the industry, but leaks from an IoT database highlights the importance of back-end security too

• July 02, 2019 02 Jul'19

  Singapore to beef up police tech capabilities

  Singapore government singles out biometrics, data analytics and digital forensics as promising areas to boost crime-fighting efforts

• July 02, 2019 02 Jul'19

  Few UK firms are cyber insured despite financial losses

  More than one-fifth of UK firms have been impacted financially by cyber attacks, yet potentially more than three-quarters of companies polled have never been insured for cyber-related losses

• July 01, 2019 01 Jul'19

  Huge jump in cyber incidents reported by finance sector

  The number of cyber incidents reported by financial services firms increased nearly 12-fold in 2018 from 2017, mainly due to third-party failures, highlighting several key areas that need improvement

• June 28, 2019 28 Jun'19

  TIN coalition calls for industry action against cyber fraud

  An industry group aimed at improving cyber security by tackling enduring challenges has called for collaboration in the fight against cyber fraud

• June 28, 2019 28 Jun'19

  Cyber crime reporting crucial, say UK police

  UK police are gearing up to make it easier for business to report cyber crime, saying that under-reporting continues to be a challenge

• June 26, 2019 26 Jun'19

  Fido Alliance announces new standards

  Fido Alliance announces new identity verification and IoT initiatives to expand the reach and impact of Fido authentication, which seeks to eliminate the world’s dependence on password-based security

• June 26, 2019 26 Jun'19

  Commercial interests put customer security at risk, survey shows

  Firms are bypassing security to push products and services into the market, increasing security risks for the organisation and its customers, a poll of information security professionals shows

• June 26, 2019 26 Jun'19

  Wider threat campaign behind Wipro breach

  A sophisticated, far-ranging threat campaign was behind the breach at Indian IT services firm Wipro in April, which was not an isolated incident, RiskIQ report reveals

• June 26, 2019 26 Jun'19

  Singapore government forms digital industry office

  New office will help local tech firms grow their regional footprint and build new capabilities in order to thrive in APAC’s booming digital economy

• June 26, 2019 26 Jun'19

  UK cyber security progress stalled, says report

  UK firms rank cyber attacks as a top business issue, but are stalling in cyber security best practice, lagging behind top performers in India

• June 25, 2019 25 Jun'19

  AI will drive reskilling in problem solving, creativity and collaboration

  A study from the Economist Intelligence Unit has found that executives do not believe that artificial intelligence will lead to job losses, but staff will need retraining

• June 25, 2019 25 Jun'19

  APT attack on telcos highlights need for comprehensive defence

  A global cyber attack against multiple telecommunications firms underlines need for comprehensive approach to cyber defence, say researchers and industry commentators

• June 25, 2019 25 Jun'19

  Cyber attackers using wider range of threats

  Businesses need to ensure they are able to defend against a wide range of threats in the face of increased malicious Office documents, Mac malware and web application exploits, report shows

• June 25, 2019 25 Jun'19

  UK firms downloading vulnerable open source software

  Vulnerable open source software components are posing a security threat to UK firms, according to a report that also shows how best practice, including automation, can reduce the risk

• June 24, 2019 24 Jun'19

  Hospitality industry at highest risk of phishing

  Benchmarking report shows average phish-prone percentage across all industries and sizes of organisations at 29.6% – up 2.6% since 2018

• June 21, 2019 21 Jun'19

  UK takes world lead in surveillance camera security

  Although the UK is sometimes referred to as “the most surveilled country” in the world, it has taken the lead in setting minimum security requirements for surveillance cameras. But how will this make a difference internationally?

• June 21, 2019 21 Jun'19

  Nominations open for UK’s security unsung heroes

  The Security Serious cyber awareness campaign has opened nominations for the fourth annual cyber security Unsung Heroes awards

• June 21, 2019 21 Jun'19

  Small business not necessarily weakest security link

  Small businesses may not be the weakest link in the supply chain after all, with a lack of skills and best practices being bigger factors, a study by (ISC)² reveals

• June 20, 2019 20 Jun'19

  Enterprises challenged with security basics

  Visibility, security tool overload and manual reporting are cited as top concerns by UK security leaders, a report reveals

• June 20, 2019 20 Jun'19

  UK to launch security standard for surveillance cameras

  The UK is launching the world’s first voluntary cyber security standard and compliance certification mark for the manufacturers of surveillance cameras

• June 20, 2019 20 Jun'19

  Most mobile apps vulnerable to malware

  iOS and Android apps equally vulnerable to being exploited remotely by malware, report reveals

• June 19, 2019 19 Jun'19

  Lloyds Bank uses community effort to push out DevOps

  The developers and IT operations teams were once separate. Now they are one. The challenge is getting this to scale across the business

• June 19, 2019 19 Jun'19

  IoT Security Foundation publishes smart building whitepaper

  The IoT Security Foundation has published a guide on security for smart buildings to highlight key issues and gather feedback to inform future guidance for industry stakeholders

• June 19, 2019 19 Jun'19

  Converged security takes centre stage at IFSEC

  The importance and benefits of combining physical and cyber security was underlined in the opening session of the 2019 IFSEC security conference

• June 19, 2019 19 Jun'19

  UK government pushes data-driven agenda

  A smart data report has been published with consultations under way, while an open call for evidence has been launched to help shape the national data plan

• June 18, 2019 18 Jun'19

  Singapore faced fewer cyber threats in 2018

  Despite the fall in the number of common cyber threats last year, Singapore will continue to face advanced persistent threats, CSA warns

• June 17, 2019 17 Jun'19

  DevSecOps is key to uniting opposing forces

  Unifying DevOps and security teams with the aid of automation will bring harmony and added business benefits, says systems engineer

• June 17, 2019 17 Jun'19

  Asco breaks silence on ransomware attack

  A week after reportedly being hit by a ransomware attack, Belgium-based mechanical equipment manufacturer Asco has finally provided some details

• June 17, 2019 17 Jun'19

  Inside F5’s cyber security playbook

  F5 Networks' CISO talks up measures that the application delivery and security specialist is employing to fend off cyber attackers that come knocking on its doors

• June 13, 2019 13 Jun'19

  UK firms need to address risky user habits

  McAfee calls for companies to ramp up their security culture and improve the integration of technical security controls to minimise exposure from workers

• June 13, 2019 13 Jun'19

  AI-enabled cyber attacks a reality soon, warns Mikko Hypponen

  Technology continues to shape human conflict and artificial intelligence will be no exception, so business needs to up its ability to detect attacks and respond, says security expert

• June 12, 2019 12 Jun'19

  Operational technology security improving, but attack surface continues to grow

  Critical national infrastructure providers and others are improving cyber security capabilities around industrial control systems, but the cyber threat remains high and continues to evolve, a study shows

• June 11, 2019 11 Jun'19

  In a cyber data breach, preparation is key

  The importance of preparation was strongly emphasised at a breach response workshop hosted by DAC Beachcroft as part of London Tech Week

• June 11, 2019 11 Jun'19

  Most code-signing processes insecure, study shows

  The majority of organisations are failing to enforce security for code-signing processes, providing opportunities for cyber criminals, a survey reveals