News

Network security management

July 25, 2022 25 Jul'22
NCSC seeks community input for Cyber Advisor service

The NCSC is proposing to establish a new Cyber Advisor service to train up experts in security guidance, and is inviting interested parties to come forward
July 25, 2022 25 Jul'22
The Security Interviews: Why you need to protect abandoned digital assets

The war in Ukraine and subsequent boycott of Russia resulted in a swathe of digital infrastructure being abandoned, becoming a potential vulnerability for many organisations, says Cyberpion’s Ran Nahmias
July 21, 2022 21 Jul'22
Buy ‘plug-n-play’ malware for the price of a pint of beer

Three-quarters of malwares and almost 90% of exploits retail on the dark web for about £8.40 or less, according to a report
July 21, 2022 21 Jul'22
Russia-linked APTs targeted fleeing Ukrainian civilians

Mandiant and the US authorities have shared details of a phishing campaign that spoofed humanitarian information on evacuation procedures to target Ukrainians fleeing Russian bombardment

July 20, 2022 20 Jul'22
(ISC)² expands entry-level cyber programme after UK success

Flush with success from a UK certification programme, reaching 100k in the UK, (ISC)² now wants to provide free security certification to a million people worldwide
July 20, 2022 20 Jul'22
Cato aims to bust cyber myths as it extends network protections

Cato Networks is beefing up its platform’s security features with ransomware and data loss protections, and the firm’s security strategy lead Etay Maor is using the occasion – and his unique access to billions of data points from the firm’s network ...
July 20, 2022 20 Jul'22
Russia’s Cozy Bear abusing Dropbox, Google Drive to target victims

Russian APT known as Cozy Bear has become adept at quickly incorporating popular cloud storage services into its attack chain to avoid detection
July 15, 2022 15 Jul'22
NHS trust ‘deliberately’ deleted up to 90,000 emails before tribunal hearing

A high-profile case brought by NHS whistleblower Chris Day raises questions about the adequacy of information governance practices in NHS hospital trusts
July 14, 2022 14 Jul'22
Videogame maker Bandai Namco confirms cyber attack

Bandai Namco, developer of videogames including Pac-Man, Tekken and Dark Souls, has broken days of silence to confirm it has been hit by a cyber attack
July 13, 2022 13 Jul'22
July Patch Tuesday brings more than 80 fixes, one zero-day

While some admins can put their feet up and let Windows Autopatch do the hard work of updating their Microsoft estates, for the rest of us, the Patch Tuesday bandwagon keeps on keeping on

July 12, 2022 12 Jul'22
Singapore doubles down on OT security

The Cyber Security Agency of Singapore will fund 80 scholarships to groom a talent pool of operational technology security experts, among other efforts to bolster the security of critical infrastructure in the city-state
July 07, 2022 07 Jul'22
Latest Marriott data breach not as serious as others

Questions are again being raised over Marriott’s cyber security practices following yet another incident, but fortunately it seems limited in its scope, and the company is responding appropriately
July 06, 2022 06 Jul'22
Plexal seeks new scaleups for next phase of Cyber Runway

Established security startups looking to grow and scale their operations are being invited to join the next phase of Plexal’s Cyber Runway programme
July 05, 2022 05 Jul'22
LogRhythm bullish on growth in APAC

LogRhythm expects its business in the region to grow by over 20% this year thanks to demand from emerging economies where cyber security investments have not kept pace with cyber threats
July 05, 2022 05 Jul'22
NCSC CEO: Why we should run towards crises to elevate cyber security

National Cyber Security Centre CEO Lindy Cameron, the 2022 Computer Weekly UKtech50 Most Influential Person in UK IT, reflects on a career immersed in crisis management, and how she is using this to elevate cyber security standards across the country
June 29, 2022 29 Jun'22
New cyber extortion op appears to have hit AMD

Semiconductor specialist AMD has confirmed it is investigating reports that a ‘bad actor’ has stolen hundreds of gigabytes of its data
June 28, 2022 28 Jun'22
Russia-aligned hacktivists behind Lithuania DDoS attack

Killnet hacktivist collective targeted Lithuania with distributed denial of service attacks after its government angered the Kremlin
June 27, 2022 27 Jun'22
Commercial cyber products must be used responsibly, says NCSC CEO

NCSC’s Lindy Cameron is to speak out on responsible regulation of cyber capabilities at an event in Tel Aviv, Israel
June 24, 2022 24 Jun'22
US cyber agency in fresh warning over Log4Shell risk to VMware

Many VMware Horizon and UAG servers remain defenceless against Log4Shell, and organisations continue to fall victim to the vulnerability
June 23, 2022 23 Jun'22
Ukraine cyber agency enlists Radware to protect government networks

Ukraine’s State Service of Special Communications and Information Protection is using Radware cloud DDoS protection and web application firewall services to protect the government from persistent Russian attacks
June 22, 2022 22 Jun'22
How TDCX is building a people-centric business

Every digital tool deployed by the Singapore-based services firm is aimed at augmenting the performance and experience of its employees, says TDCX’s group CIO, Byron Fernandez
June 21, 2022 21 Jun'22
CNI leaders’ attitude to ransomware lackadaisical at best

A survey of security decision-makers in sectors regarded as critical national infrastructure reveals a disappointing attitude to ransomware threats
June 20, 2022 20 Jun'22
Complex Russian cyber threat requires we go back to basics

The situation in Russia is anything but simple, but it is the fundamentals of cyber security hygiene that pose the best defence against the country’s digital threat, as Mandiant’s Jamie Collier explains
June 16, 2022 16 Jun'22
TalkTalk hacker Daniel Kelley gives up his black hat for good

After serving a four-year prison sentence for his role in the 2015 TalkTalk hack and other cyber offences, Daniel Kelley now wants to pursue a legitimate cyber security career
June 16, 2022 16 Jun'22
Dundee security research centre opens with support from SBRC

An £18m hub at Abertay University in Dundee forms the centrepiece of Scotland’s first security research cluster
June 16, 2022 16 Jun'22
Office 365 loophole may give ransomware an easy shot at your files

Researchers at Proofpoint have discovered potentially dangerous Microsoft Office 365 functionality that they believe may give ransomware a clear shot at files stored on SharePoint and OneDrive
June 15, 2022 15 Jun'22
$2k to access your organisation on the dark web

Dark web brokers will sell access to company networks and systems for an average of $2,000 to $4,000
June 15, 2022 15 Jun'22
Patch Tuesday dogged by concerns over Microsoft vulnerability response

The last Patch Tuesday in its current form is overshadowed by persistent concerns about how Microsoft deals with vulnerability disclosure
June 13, 2022 13 Jun'22
New warning over tech suppliers in thrall to hostile governments

Ukraine war could lead to shakeup of dual-use tech exports, says former UK intelligence officer
June 13, 2022 13 Jun'22
Qatar bolsters cyber security in preparation for World Cup

With hackers honing their cyber weapons to target the upcoming football World Cup, Qatar is busy developing countermeasures and raising awareness
June 08, 2022 08 Jun'22
China using top consumer routers to hack Western comms networks

An advisory from US cyber authorities shares details of multiple vulnerabilities exploited by Chinese state actors to hack into Western telecoms networks
June 08, 2022 08 Jun'22
ProxyLogon, ProxyShell may have driven increase in dwell times

The median network intruder dwell time was up 36% to 15 days last year, thanks to massive exploitation of the ProxyLogon and ProxyShell vulnerabilities by IABs, according to new Sophos data
June 01, 2022 01 Jun'22
Executive interview: Jeetu Patel, general manager of collaboration and security, Cisco

Anyone with an idea can help solve a problem if geography and distance don’t matter when bringing in talent, says Cisco’s collaboration and security chief
May 31, 2022 31 May'22
Researchers discover zero-day Microsoft vulnerability in Office

Malicious Word documents have been used to invoke a previously undisclosed vulnerability in Microsoft Office without user interaction through Windows utility functions
May 31, 2022 31 May'22
Singapore doubles down on quantum technology

The city-state is shoring up its quantum talent and quantum device manufacturing capabilities in a bid to advance its knowhow in the emerging technology
May 26, 2022 26 May'22
Consultation launched on datacentre, cloud security

The government is seeking views on how to boost the security and resilience of the UK’s datacentres and online cloud platforms
May 24, 2022 24 May'22
Bad bots make up a quarter of APAC’s web traffic

Bots that run automated tasks have been responsible for stealing personal information among other malicious activities in the Asia-Pacific region, study finds
May 20, 2022 20 May'22
Chinese cyber spooks exploit western sanctions on Russia

The actor behind an ongoing Chinese espionage campaign targeting Russian defence research bodies is taking advantage of the Ukraine war in their phishing lures
May 19, 2022 19 May'22
Defensive cyber attacks may be justified, says attorney general

Speaking ahead of a speech at the Chatham House think tank, the UK’s attorney general has suggested defensive cyber attacks against hostile countries may be legally justifiable
May 19, 2022 19 May'22
Top cyber criminal earnings outpace those of business leaders

Cyber crime can pay significantly better than leading a FTSE 100 organisation, according to a report
May 19, 2022 19 May'22
Nature of cyber war evolving in real time, says Microsoft president

The past three months have seen the rapid evolution of the very nature warfare to incorporate cyber attacks, Microsoft’s Brad Smith tells the audience at its Envision conference in London
May 19, 2022 19 May'22
Red teaming will be standard in Dutch governmental organisations by 2025

The Dutch government wants to include the testing of the digital security of systems, processes and people – also known as red teaming – in all of its governmental organisations’ test planning and budgeting by 2025 at the latest
May 17, 2022 17 May'22
Australian CISOs least prepared for cyber attacks

Australian CISOs are under pressure and feel the least prepared globally to deal with the consequences of a cyber attack, study finds
May 12, 2022 12 May'22
APAC career guide: Becoming a cyber security pro

The region’s burgeoning cyber security industry has attracted more talent last year, but it takes more than just technical knowhow to succeed in the field
May 11, 2022 11 May'22
CyberUK 22: Five Eyes focuses on MSP security

The western intelligence community has set out practical steps IT service providers and their customers can take to protect themselves
May 11, 2022 11 May'22
CyberUK 22: Data-sharing service to protect public from scams

A new data-sharing service set up by the NCSC and industry partners will give ISPs access to real-time threat data that they can use to block fraudulent websites
May 11, 2022 11 May'22
Analysts confirm return of REvil ransomware gang

Secureworks CTU analysis has found that the REvil ransomware is undergoing active development, possibly heralding a new campaign of cyber attacks
May 11, 2022 11 May'22
Cyber accreditation body Crest forges new training partnerships

Crest says partnerships with Hack The Box and Immersive Labs will enhance its members’ defensive and offensive security skills
May 11, 2022 11 May'22
Microsoft fixes three zero-days on May Patch Tuesday

It’s the second-to-last Patch Tuesday as we know it, and Microsoft has fixed a total of 75 bugs, including three zero-days
May 10, 2022 10 May'22
CyberUK 22: Cyber leaders affirm UK’s whole-of-society strategy

On the opening day of CyberUK 2022, GCHQ director Jeremy Fleming and NCSC CEO Lindy Cameron have spoken of their commitment to the government’s ambition for a whole-of-society cyber strategy