News
Network security management
-
November 23, 2023
23
Nov'23
Expereo on tap for Carlsberg to deliver connectivity in 40 countries
SD-WAN/SASE and internet provider brings brewing giant ‘unrivalled’ connectivity in global network
-
November 23, 2023
23
Nov'23
North Korean APTs go all in on supply chain attacks, warns NCSC
Threat actors linked to the North Korean regime are becoming more adept at targeting software supply chains in the service of their cyber attacks
-
November 23, 2023
23
Nov'23
Australia ups ante on cyber security
Australia’s new cyber security strategy will focus on building threat-blocking capabilities, protecting critical infrastructure and improving the cyber workforce, among other priorities
-
November 22, 2023
22
Nov'23
CISA reveals how LockBit hacked Boeing via Citrix Bleed
As alarm grows around the world about the impact of the so-called Citrix Bleed vulnerability, Boeing has shared details of its experience at the hands of the LockBit ransomware crew
-
November 21, 2023
21
Nov'23
Over half of SME cyber incidents now ‘malware-free’
The age of malware-driven cyber attacks may have peaked, at least when it comes to incidents affecting small and medium sized enterprises
-
November 20, 2023
20
Nov'23
Defence lawyers seek appeal of tribunal ruling on police EncroChat cryptophone hack
Defence lawyers are seeking leave to appeal against a tribunal ruling that found the National Crime Agency had lawfully obtained warrants to access messages from 9,000 cryptophones used in the UK
-
November 15, 2023
15
Nov'23
BlackCat affiliate seen using malvertising to spread ransomware
Researchers at eSentire identified a wave activity from an ALPHV/BlackCat ransomware affiliate which has adopted a somewhat unusual approach to delivering its locker
-
November 15, 2023
15
Nov'23
Russian cyber criminal pleads guilty to running IPStorm botnet
Sergey Manikin faces years in jail after his illicit proxy botnet service was taken down by US law enforcement
-
November 15, 2023
15
Nov'23
November Patch Tuesday heralds five new MS zero-days
Microsoft pushes fixes for five new zero-days in its latest monthly update
-
November 15, 2023
15
Nov'23
US government reinforces ICBC hack link to Citrix Bleed
US Treasury adds weight to reports that a ransomware gang gained access to the systems of Chinese bank ICBC by exploiting a critical Citrix flaw
-
November 15, 2023
15
Nov'23
How Gigamon is making its mark in deep observability
Gigamon CEO Shane Buckley talks up the company’s ability to inspect encrypted network traffic for malicious activity, how it stands out with its deep observability capabilities and the tailwinds that are fuelling its growth
-
November 14, 2023
14
Nov'23
Fast-acting cyber gangs increasingly disabling telemetry logs
Sophos guidance for security practitioners and defenders highlights a growing trend for threat actors to disable or wipe telemetry logs to cover their tracks
-
November 07, 2023
07
Nov'23
Researchers ‘break’ rule designed to guard against Barracuda vulnerability
Vectra AI researchers found that a Suricata rule designed to detect exploitation of a dangerous Barracuda Email Security Gateway flaw was not entirely effective
-
November 06, 2023
06
Nov'23
How Trellix’s CISO keeps threat actors at bay
Trellix’s chief information security officer, Harold Rivas, outlines how the company mitigates security threats through containment and by helping security analysts to respond faster to cyber incidents
-
November 02, 2023
02
Nov'23
Admins told to take action over F5 Big-IP platform flaws
Two vulnerabilities in the widely used F5 Networks Big-IP platform are now being exploited in the wild
-
October 31, 2023
31
Oct'23
British Library falls victim to cyber attack
The British Library is experiencing a major IT outage following a cyber incident of an undisclosed nature
-
October 31, 2023
31
Oct'23
SEC sues SolarWinds, alleging serious security failures
SolarWinds and its CISO have been charged with fraud and internal control failures by the US authorities amid allegations of a series of cyber security failings leading up to the 2020 Sunburst attacks
-
October 27, 2023
27
Oct'23
Microsoft warns over growing threat from Octo Tempest gang
The English-speaking Octo Tempest extortion gang – which became an ALPHV/BlackCat affiliate recently – presents one of the most significant and rapidly growing threats to large organisations at this time, says Microsoft
-
October 27, 2023
27
Oct'23
How Elastic manages cyber security threats
Mandy Andress, CISO at Elastic, highlights the company’s approach to tackling evolving cyber threats through the use of AI tools and enhanced security measures while strengthening the capabilities of its security offerings
-
October 26, 2023
26
Oct'23
Exploitation of Citrix NetScaler vulns reaching dangerous levels
Observed activity exploiting two new Citrix NetScaler vulnerabilities disclosed earlier this month is ramping up, and users may be running out of time to patch lest they be attacked
-
October 25, 2023
25
Oct'23
Demystifying the top five OT security myths
Goh Eng Choon, president of ST Engineering’s cyber business, outlines the common myths around OT security in a bid to raise awareness of the security challenges confronting OT systems
-
October 24, 2023
24
Oct'23
Customers speak out over Okta’s response to latest breach
Customers of identity specialist Okta have been attacked via a compromise of its systems, and are claiming Okta’s response leaves something to be desired
-
October 23, 2023
23
Oct'23
Cisco pushes update to stop exploitation of two IOS XE zero-days
Cisco releases updates to thwart exploitation of two flaws affecting users of its IOS XE software
-
October 20, 2023
20
Oct'23
RagnarLocker cyber gang that pioneered double extortion busted
Europol and the FBI have taken down the RagnarLocker ransomware crew, a long-standing gang that helped pioneer some now common tactics, taking its dark web negotiation and data leak sites offline
-
October 19, 2023
19
Oct'23
Fears grow over extent of Cisco IOS XE zero-day
Researchers have identified spiking numbers of victims of a recently disclosed Cisco zero-day, as users of the networking supplier’s IOS XE software are urged to take defensive measures
-
October 19, 2023
19
Oct'23
Loughborough Uni to create five cyber AI research posts
Supported by Darktrace, Loughborough University is to recruit five doctoral researchers focusing on cross-disciplinary research in AI and cyber security
-
October 18, 2023
18
Oct'23
What are the cyber risks from the latest Middle Eastern conflict?
The outbreak of war between Hamas and Israel in October 2023 has seen a wide variety of accompanying cyber attacks from hacktivists and other groups. We look at the risks to organisations
-
October 18, 2023
18
Oct'23
Networking and security teams converging
Study finds more than 80% of IT leaders are consolidating security and networking teams or have a management directive to improve collaboration, with 75% believing using one platform for both purposes would provide benefits across the board
-
October 17, 2023
17
Oct'23
Five Eyes issues five tips on thwarting nation state threats
Intelligence chiefs from the UK, Australia, Canada, New Zealand and the US have published guidance on building resilience against nation state cyber threats
-
October 17, 2023
17
Oct'23
Alert sounded over dangerous Cisco IOS XE zero-day
Cisco warns customers using its IOS XE software of a newly discovered vulnerability that could enable a threat actor to take over their systems
-
October 10, 2023
10
Oct'23
MGM faces £100m loss from cyber attack on its casinos
MGM Resorts has provided further details on the fallout of the hack targeting its casinos in early September, confirming that a range of personal information has been stolen and that it will likely cost the firm around $100m
-
October 05, 2023
05
Oct'23
Ransomware dwell times now measured in hours, says Secureworks
Ransomware payloads are now being deployed and executed within 24 hours in more than 50% of cases, according to Secureworks’ annual report
-
October 03, 2023
03
Oct'23
RSA and other crypto systems vulnerable to side-channel attack
A researcher has found that a flaw in RSA is still vulnerable – a quarter of a century after it was first discovered
-
October 03, 2023
03
Oct'23
CIISec scores DSIT funding to expand successful CyberEPQ scheme
DSIT has committed to enhanced funding to expand CIISec’s CyberEPQ education programme after recording excellent results to date
-
September 28, 2023
28
Sep'23
How Akamai is driving growth in APAC
Akamai's managing director for the region outlines the company’s growth journey, how it sets itself apart from competitors, and its strategies to drive the next phase of growth
-
September 28, 2023
28
Sep'23
Security and risk management spending to grow 14% next year
Growth in public cloud services will stand out over the next 12 months, as Gartner projects an overall 14% increase in cyber spending in 2024
-
September 27, 2023
27
Sep'23
City of Las Vegas masters cyber incident response with Darktrace
The high-rolling city of Las Vegas experiences unique cyber security challenges rarely seen elsewhere. CIO Mike Sherwood reveals how he turned to Darktrace to help address incidents quicker and with confidence
-
September 19, 2023
19
Sep'23
New revelations from the Snowden archive surface
A decade after Snowden exposed NSA’s mass surveillance in cooperation with the British GCHQ, only about 1% of the documents have been published – but three major facts can finally be revealed thanks to a doctoral thesis in applied cryptography by ...
-
September 19, 2023
19
Sep'23
Nominet and European counterparts link up on intelligence sharing
The new European TLD ISAC, a collaborative project between top-level domain providers across Europe, aims to enhance their collective security posture to better protect internet users
-
September 15, 2023
15
Sep'23
Las Vegas mainstay Caesars Palace likely paid off ransomware crew
Caesars Entertainment, owner of the lavish Roman Empire-themed Caesars Palace casino in Las Vegas, has revealed it also suffered a ransomware attack, and appears to have paid off its hackers
-
September 14, 2023
14
Sep'23
Data on over 3,000 Airbus suppliers leaked after breach
An emergent threat actor has leaked details of multiple sensitive Airbus suppliers after claiming to have accessed the firm’s systems having hacked customer Turkish Airlines
-
September 14, 2023
14
Sep'23
As vehicle safety regulations loom, carmakers fret over cyber risks
Global, UN-backed car safety and security regulations come into force next year, and automotive bosses say they are not only unprepared, but “swamped” by a tide of compliance and security risks
-
September 13, 2023
13
Sep'23
Storm-0324 gathers over Microsoft Teams
An initial access broker associated with several different ransomware operations is now conducting Microsoft Teams phishing attacks
-
September 13, 2023
13
Sep'23
ExtraHop open sources 16 million rows of threat domain data
NDR specialist ExtraHop says making its entire machine learning dataset available for anybody to view will help organisations better defend against cyber attacks originating from malicious domains generated by algorithms
-
September 12, 2023
12
Sep'23
US casino giant MGM Resorts battles 36-hour outage after cyber attack
Multiple systems at US hotel and casino operator MGM went down in the wake of the incident on 10 September, crippling several of Las Vegas’ most prominent casinos
-
September 08, 2023
08
Sep'23
Apple patches Blastpass exploit abused by spyware makers
Apple has patched two vulnerabilities that formed an exploit chain which has been allegedly abused by spyware company NSO
-
September 08, 2023
08
Sep'23
How Netskope is driving growth in APAC
Netskope is growing at over 50% year on year in the Asia-Pacific region, but the single-vendor SASE supplier is not limiting its customers to its own offerings
-
September 07, 2023
07
Sep'23
Honeywell goes quantum to protect utilities from future threats
Honeywell and quantum computing specialist Quantinuum will integrate quantum-hardened encryption keys into future smart meters
-
September 07, 2023
07
Sep'23
Microsoft finds Storm-0558 exploited crash dump to steal signing key
Microsoft has published new information on how the Chinese state threat actor Storm-0558 was able to exploit a rare race condition following a crash dump in order to acquire a consumer signing key
-
September 05, 2023
05
Sep'23
Plymouth Uni spearheads research into wind farm cyber resilience
Project hosted at the University of Plymouth in Devon aims to develop cyber security measures to protect the UK’s increasingly important offshore wind farm assets