News

IT risk management

• August 17, 2017 17 Aug'17

  Developers lack skills needed for secure DevOps, survey shows

  The growing demand for developers with security skills is outpacing supply, but a survey reveals that a lack of formal security education and training by employers is contributing to the growing skills gap

• August 16, 2017 16 Aug'17

  NotPetya attack cost up to $300m, says Maersk

  Danish shipping line Maersk estimates that the NotPetya cyber attack in June cost the company up to $300m

• August 16, 2017 16 Aug'17

  Hackers hit Holyrood with Westminster-style brute-force attack

  The Scottish parliament has been hit by a cyber attack similar to the one that struck Westminster in June

• August 15, 2017 15 Aug'17

  Leaked SMB exploits make malware powerful, warns Cylance

  Four key exploits at the heart of hacking tools leaked by the Shadow Brokers have given malware authors a lot of power, say security researchers

• August 11, 2017 11 Aug'17

  Malicious email spikes in Q2, reports Proofpoint

  Malicious email campaigns saw a spike in volume and increased variety in the second quarter of 2017, a cyber security report reveals

• August 10, 2017 10 Aug'17

  IT pros urged to support ‘WannaCry hero’ Marcus Hutchins

  Computer experts fear chilling effect on security research over US arrest of Marcus Hutchins who halted the spread of the WannaCry ransomware

• August 07, 2017 07 Aug'17

  Gaming apps ‘main source’ of mobile phishing attacks, research shows

  Analysis of 100,000 corporate devices shows more than a quarter of traffic going to phishing domains was from gaming apps

• August 03, 2017 03 Aug'17

  Ransom DDoS attacks on the rise

  The use of distributed denial of service (DDoS) attacks to extort money from organisations is on the rise, warns security firm Kaspersky Lab

• August 01, 2017 01 Aug'17

  Why Facebook’s AI termination raises safety concerns

  Revelations that researchers at Facebook had to switch off two bots that went rogue have raised questions about the safety of artificial intelligence

• July 28, 2017 28 Jul'17

  CIA hacking tools for Mac OS and Linux exposed by WikiLeaks

  WikiLeaks has exposed hacking tools targeting the Mac and Linux operating systems in the latest of its series of leaks allegedly from the US Central Intelligence Agency

• July 25, 2017 25 Jul'17

  Big data means big risk, Swedish Transport Agency leak shows

  The Swedish Transport Agency exposed sensitive information by transferring its databases to a third party cloud provider without following data protection procedures

• July 24, 2017 24 Jul'17

  Tech disruption forces CEOs to rethink leadership

  Headline figures from KPMG’s Outlook 2017 survey of 1500 CEOs shows that 40% expect technology innovation to cause major disruption

• July 20, 2017 20 Jul'17

  Retail data breaches still high as GDPR deadline looms

  As the EU’s General Data Protection Regulation compliance deadline approaches, retail data breaches remain unacceptably high, a data threat report reveals

• July 19, 2017 19 Jul'17

  Newcastle council data leak shows need for security automation

  Leak of child adoption information by Newcastle City Council resulted from accidental email attachment by employee

• July 17, 2017 17 Jul'17

  IBM claims breakthrough in mainframe encryption

  IBM says its new mainframe ushers in a new era of data protection in response to a call to action from chief information security officers and security experts worldwide

• July 13, 2017 13 Jul'17

  Encryption keys too predictable, warn security researchers

  Encryption keys are not as random as most people think, which means encrypting data is often not as secure as it could be, according to security researchers

• July 13, 2017 13 Jul'17

  Verizon denies data loss but admits potentially huge breach

  Verizon has responded to reports of millions of customer records being exposed to the internet by saying no data was accessed by malicious third parties, but the incident raises thorny issues

• July 13, 2017 13 Jul'17

  What Singapore can learn from Israel’s cyber security playbook

  A former Unit 8200 captain from the Israel Defense Forces shares what Singapore can learn from Israel’s approach to cyber security

• July 06, 2017 06 Jul'17

  Kaspersky researcher in Asia develops cyber forensics tool

  The open source tool lets cyber forensics investigators access infected machines remotely to collect malware artefacts without compromising system integrity

• June 30, 2017 30 Jun'17

  Danish shipping giant Maersk recovering from major Petya cyber attack

  Company confirms attack took down its IT system across multiple sites and business units, but has now been contained

• June 29, 2017 29 Jun'17

  Key lessons from ‘Petya’ ransomware attack

  While the cyber security community is still working to understand the latest ransomware attack that has reportedly hit 60 countries, there are key lessons to be learned

• June 28, 2017 28 Jun'17

  Singapore authorities issue alert on Petya ransomware

  The country’s emergency response team has called for users to boost their cyber defences as the Petya ransomware rages through IT systems in Asia and Australia

• June 21, 2017 21 Jun'17

  Microsoft admits Windows 10 disables third-party security software

  Microsoft has admitted Windows 10 disables some third-party security software, but claims this is purely because of compatibility issues

• June 21, 2017 21 Jun'17

  Pirated software used to spread malware in APAC

  A regional study by a Singapore university has found that counterfeit software distributed through discs and file-sharing networks is plagued by malware

• June 20, 2017 20 Jun'17

  Web hosting firm agrees to pay $1m ransomware demand

  South Korean hosting firm Nayana agrees to pay more than $1m to restore data that was encrypted by a ransomware attack on its Linux servers on 10 June 2017

• June 19, 2017 19 Jun'17

  Abu Dhabi uses surveillance tech to protect Grand Prix

  Police use surveillance technology and monitoring software to ensure public safety when Formula One visits the UAE each year

• June 16, 2017 16 Jun'17

  Australia’s decryption plan seen as untenable

  Experts say efforts to get technology and social media firms to cooperate with the authorities in decrypting communications will be hard to achieve

• June 16, 2017 16 Jun'17

  10 ways to prevent breaches and minimise impact

  Attackers are continually adapting to security technologies to fly under the radar, but taking action in 10 key areas can reduce the risk of breaches and minimise their impact, according to a resilience expert

• June 14, 2017 14 Jun'17

  SAP users look to software suppliers to help with fast-approaching GDPR

  An SAP UK and Ireland user group survey has found user organisations crying out for help as GDPR approaches, with cloud delivery a special concern

• June 14, 2017 14 Jun'17

  Microchips implanted in hands could be in use for payments in 20 years

  UK consumers are becoming more accepting that biometric authentication will become the norm for payments

• June 09, 2017 09 Jun'17

  Infosec17: Society needs to address encryption dilemma

  There needs to be a discussion about how to balance the interests of privacy, security and the tech industry, says Infosecurity Europe Hall of Fame inductee

• June 08, 2017 08 Jun'17

  Islamic State supporters shun Tails and Tor encryption for Telegram

  Confidential communications show terror group’s supporters are turning to simple mobile phone messaging apps to exchange messages and distribute propaganda

• June 06, 2017 06 Jun'17

  Mainframe blindspots expose companies to insider threats

  More than three-quarters of CIOs say their mainframe is more secure than other systems, but most admit they are still exposed to insider threats

• June 06, 2017 06 Jun'17

  UK firms stockpiling bitcoins for ransomware attacks

  Large UK firms are prepared to pay out more than £136,000 on average to cyber criminals who launch ransomware attacks, a survey has revealed

• June 01, 2017 01 Jun'17

  Enterprises struggle with emergency patching

  Companies are struggling to maintain emergency patch cycles, despite the fact that enterprise reliance on legacy systems often means emergency patches are an everyday fact of life, a survey shows

• May 31, 2017 31 May'17

  WannaCry shows validity of risk-based security, says RSA head

  WannaCry and other recent cyber attacks underline the importance of adopting a risk-based approach to security, says RSA president

• May 31, 2017 31 May'17

  Shadow Brokers prepares zero-day subscription service

  Businesses may face an onslaught of zero-day attacks soon as the group that leaked the NSA exploits used in the WannaCry ransomware attacks prepares to release more stolen code

• May 26, 2017 26 May'17

  People can be strongest link in cyber security, says NCSC

  People are often seen as the weakest link when it comes to cyber security, but that must change, says the National Cyber Security Centre

• May 26, 2017 26 May'17

  EternalRocks author throws in the towel after media attention

  Security researcher who discovered worm that could have bigger impact than WannaCry says the author seems to have given up

• May 24, 2017 24 May'17

  Singapore government to spend S$2.4bn on technology initiatives

  Funding will go towards building a national sensor platform, boosting the government’s cyber security capabilities and driving the use of robots

• May 24, 2017 24 May'17

  Interview: Nick Bleech, head of information security, Travis Perkins

  Last year, Travis Perkins implemented Splunk to help it to respond more quickly to security threats. Now, the business is looking into machine learning and a single customer view

• May 23, 2017 23 May'17

  Economic and political uncertainty drives organisations to rethink IT strategies

  CIO job satisfaction reaches a three-year high as organisations hire more IT staff and invest in innovative digital technology

• May 23, 2017 23 May'17

  EternalRocks worm combines seven leaked NSA attack tools

  Hard on the heels of the WannaCry ransomware attacks, a researcher has found a worm that combines four NSA exploits and associated attack tools, including EternalBlue used by WannaCry

• May 22, 2017 22 May'17

  Windows 7 accounts for most WannaCry infections

  Statistics show that computers running Windows 7 accounted for the biggest proportion of machines infected with the WannaCry ransomware, while NHS suppliers are blamed for hampering patching by NHS trusts

• May 19, 2017 19 May'17

  Command and control communications key to detecting threats

  Malware command and control (C&C) communications are key to detecting advanced threats, according to a security researcher

• May 18, 2017 18 May'17

  Strong cyber security posture reduces impact of breaches

  There is a direct correlation between data breaches and falls in stock prices, but the impact is lighter on companies with good cyber security, a study has revealed

• May 12, 2017 12 May'17

  Five cyber security imperatives for all companies

  There are five things all companies should ensure they are doing in terms of cyber security

• May 09, 2017 09 May'17

  Cognitive security is the future, says Martin Kuppinger

  Modern computing capabilities combined with cognitive technology has huge potential for tackling unknown attack patterns and addressing the security skills shortage, says Martin Kuppinger

• May 04, 2017 04 May'17

  Testing is key to IoT security, says researcher

  Building an effective testing process across all elements associated with a product is key to securing the internet of things, according to a researcher in the field

• May 02, 2017 02 May'17

  UBS applies data protection for compliance and competitive advantage

  Swiss bank UBS aims to get greater value out of investments in sensitive data protection systems by using its security capabilities as a differentiator