News
Network security management
-
April 28, 2022
28
Apr'22
Russia plumbs new depths in cyber war on Ukraine
Microsoft details cyber attacks on Ukrainian civilian communications, nuclear safety authorities, and the exploitation of the destruction of Mariupol in a phishing campaign
-
April 27, 2022
27
Apr'22
Log4Shell, ProxyLogon, ProxyShell among most exploited bugs of 2021
These 15 CVEs were the most commonly exploited last year, and if you haven’t mitigated against them, now is the time
-
April 27, 2022
27
Apr'22
Leeds Beckett’s ethical hacking platform wins Innovate UK backing
An ethical hacking and cyber education platform developed at Leeds Beckett University has received a major funding boost to help it launch commercially
-
April 27, 2022
27
Apr'22
BT, Toshiba team on first commercial trial of quantum secured network with EY
Revolutionary computer infrastructure to be used in trial of management consultancy’s aim to connect quantum secure data transmission between its major London offices
-
April 26, 2022
26
Apr'22
Coralogix makes foray into cyber security with Snowbit
Observability platform supplier Coralogix has set up a cyber security venture and a global security resource centre in India to tap the growth opportunities in the subcontinent
-
April 25, 2022
25
Apr'22
US mobile network emerges as latest Lapsus$ victim
Lapsus$ extortion gang hit T-Mobile and attempted to perform SIM-swapping attacks and code theft
-
April 25, 2022
25
Apr'22
Sophos soaks up SOC.OS
Sophos says acquisition of BAE spinout SOC.OS will enhance its managed threat and extended detection and response services
-
April 22, 2022
22
Apr'22
What’s up with Conti and REvil, and should we be worrying?
New intelligence on some of the world’s most prolific ransomware gangs suggests recent disruption to their activities was like water off a duck’s back
-
April 22, 2022
22
Apr'22
How Adnovum is leveraging its Swiss roots
Software company Adnovum is leveraging its strengths in identity and access management and its Swiss heritage as it expands into new markets and areas such as zero-trust security
-
April 22, 2022
22
Apr'22
UAE bolsters cyber security
The United Arab Emirates has successfully improved its security posture amid mounting cyber threats
-
April 21, 2022
21
Apr'22
Zoom adds new round of cyber security enhancements
Videoconferencing platform Zoom adds multiple third-party security certifications and service enhancements
-
April 21, 2022
21
Apr'22
Five Eyes in new Russia cyber warning
Latest cross-body alert warns of Russian threat to utilities and other core elements of national infrastructure
-
April 21, 2022
21
Apr'22
Impact of Lapsus$ attack on Okta less than feared
Okta’s investigation into Lapsus$ breach of its systems via a Sitel workstation has concluded that the impact was significantly less than the maximum potential
-
April 20, 2022
20
Apr'22
AWS fixes vulnerabilities in Log4Shell hot patch
AWS issues fixes for a series of Log4Shell hot patches after they turned out to leave its services vulnerable to further exploitation
-
April 19, 2022
19
Apr'22
Median threat actor ‘dwell time’ dropped during 2021
Security teams appear to be getting better at detecting attackers within their networks, according to a report
-
April 14, 2022
14
Apr'22
Zhadnost DDoS botnet deployed against Finland
A coordinated DDoS attack hit two government ministries in Finland at the same time as Ukrainian president Volodymyr Zelensky delivered a virtual address to the Finnish parliament
-
April 14, 2022
14
Apr'22
Incontroller ICS malware has ‘rare, dangerous’ capabilities, says Mandiant
Mandiant joins a growing chorus of warnings over novel nation state threats to ICS systems
-
April 13, 2022
13
Apr'22
WatchGuard firewall users urged to patch Cyclops Blink vulnerability
The US authorities have seen fit to add the WatchGuard vulnerability used by Sandworm to build the Cyclops Blink botnet to its list of must-patch vulnerabilities
-
April 13, 2022
13
Apr'22
Criminals researched hacking TTPs post-breach in ‘messy’ cyber attack
Sophos shares details of a cyber attack that saw attackers hang out in their victim environment for five months while they prepared to sow further mischief
-
April 12, 2022
12
Apr'22
Sandworm rolls out Industroyer2 malware against Ukraine
A second generation of the Sandworm-linked Industroyer malware has been identified by ESET researchers and Ukraine’s national CERT
-
April 11, 2022
11
Apr'22
Singapore to start licensing cyber security service providers
Those providing penetration testing and SOC services will need to apply for a licence under a new licensing regime that is expected to safeguard consumer interests and improve service standards
-
April 11, 2022
11
Apr'22
Open source CMS platform Directus patches XSS bug
A stored cross-site scripting vulnerability in the Directus platform could have enabled malicious actors to gain access to valuable data
-
April 11, 2022
11
Apr'22
Nordic countries discuss joint cyber defence capability
Nordic countries are in talks to increase their cyber defences in the face of the threat from Russia
-
April 08, 2022
08
Apr'22
Ukrainian cyber criminal gets five years in jail
A US court has sentenced Denys Iarmak, who worked as a penetration tester for the FIN7 cyber crime group, to a five-year prison sentence
-
April 07, 2022
07
Apr'22
US shuts down Russia’s Cyclops Blink botnet operation
Operation by US authorities has taken the Russia-attributed Cyclops Blink botnet ‘off the board’
-
April 05, 2022
05
Apr'22
Discount retailer The Works hit by cyber attack
A small number of The Works’ bricks-and-mortar stores were forced to close amid a cyber attack of an undisclosed nature
-
April 04, 2022
04
Apr'22
How remote browser isolation can mitigate cyber threats
Remote browser isolation can help to mitigate browser-based attacks by separating a user’s browsing activity from the device
-
April 01, 2022
01
Apr'22
Two teenagers charged with Lapsus$ cyber attacks
City of London Police have charged two teenagers in connection with the Lapsus$ cyber crime spree
-
April 01, 2022
01
Apr'22
Four moves to ‘checkmate’ critical assets thanks to lax cloud security
Malicious actors can compromise 94% of critical assets within four steps of the initial breach point, according to a report
-
March 29, 2022
29
Mar'22
Wave of Log4j-linked attacks targeting VMware Horizon
Sophos issues a new warning to organisations that have so far failed to patch their VMware Horizon servers against Log4Shell
-
March 29, 2022
29
Mar'22
Singapore rolls out cyber security certification scheme
Two new cyber security marks are expected to provide an edge for Singapore businesses with good cyber security practices
-
March 28, 2022
28
Mar'22
IT professionals wary of government campaign to limit end-to-end encryption
Members of the Chartered Institute of IT, the professional body for technology professionals in the UK, warn against limiting end-to-end encryption
-
March 25, 2022
25
Mar'22
European Commission proposes new cyber security regulations
New cyber and information security regulations have been proposed by the European Commission to create a minimum set of standards in both areas
-
March 24, 2022
24
Mar'22
Ransomware demands and payments increase with use of leak sites
Ransomware demands and payments continue to climb as gangs increasingly turn to Dark Web leak sites to add pressure on victims
-
March 22, 2022
22
Mar'22
Details of Conti ransomware affiliate released
Information about a new Conti affiliate has been released by eSentire and BreakPoint Lab after a joint investigation into the group’s indicators of compromise
-
March 18, 2022
18
Mar'22
Ukrainian cyber defences prove resilient
Thanks to a combination of prior experience and global support, Ukraine’s defences against cyber incidents are holding strong in the face of Russian attacks
-
March 17, 2022
17
Mar'22
Alarm raised over ‘trickster’ LokiLocker ransomware
The new LokiLocker ransomware is, like its namesake, adept at tricks and misdirection, say BlackBerry researchers
-
March 17, 2022
17
Mar'22
Windstream claims North America’s ‘first and only comprehensive’ managed SASE
Managed communications service provider sees new bundle enabling convergence of networking and security as addressing modern-day challenges of digital business transformation, cyber security and workforce mobility
-
March 16, 2022
16
Mar'22
SentinelOne adds Attivo Networks to identity portfolio
SentinelOne adds identity threat detection and response technology to its cyber portfolio, saying it will benefit zero-trust adoption among its customers
-
March 16, 2022
16
Mar'22
CaddyWiper is fourth new malware linked to Ukraine war
ESET’s cyber security analysts have identified yet another destructive wiper malware being used against targets in Ukraine
-
March 09, 2022
09
Mar'22
Microsoft serves up three zero-days on March Patch Tuesday
Three zero-days pop up in Microsoft’s March update, along with a number of other noteworthy concerns for defenders
-
March 08, 2022
08
Mar'22
Google buys Mandiant for £4bn
Acquisition will see cyber defence and threat intelligence specialist folded into Google Cloud’s security suite
-
March 07, 2022
07
Mar'22
Ukraine joins Nato cyber knowledge hub
Ukraine is to become a contributing participant in Nato’s Cooperative Cyber Defence Centre of Excellence
-
March 04, 2022
04
Mar'22
Microsoft stops sales of products and services to Russia
Citing sanctions and cyber security concerns, Microsoft has become the latest company to withdraw from the Russian market
-
March 03, 2022
03
Mar'22
Nato Cyber Security unit tests post-quantum VPN
Nato’s Cyber Security Centre has successfully tested secure communication flows in a post-quantum world using a UK-designed VPN
-
March 03, 2022
03
Mar'22
Direct action is a risky business for Ukraine's volunteer hackers
Hackers have been responding to Ukraine’s call to create an IT army, but there are many reasons why taking direct action in a kinetic conflict is a bad idea
-
March 02, 2022
02
Mar'22
Cyber companies step up support for Ukraine
Security companies Bitdefender and Vectra AI are both to offer products and services in support of Ukraine
-
March 01, 2022
01
Mar'22
BBC blasted with millions of malicious emails
Responding to an FoI request, the BBC has revealed it receives more than 300,000 malicious email attacks every day
-
March 01, 2022
01
Mar'22
DCMS opens consultation on telecoms cyber standards
Proposed rules will set out the specific measures telecoms providers need to take to fulfil their legal duties under the Telecommunications Security Act
-
March 01, 2022
01
Mar'22
ESET details new IsaacWiper malware used on Ukraine
Having been among the first to report on the HermeticWiper malware used against Ukraine last week, ESET has now identified another destructive malware called IsaacWiper