News

Network security management

• July 25, 2023 25 Jul'23

  Tetra radio users’ comms may have been exposed for years

  A number of flaws in the encryption algorithms used in the secure Tetra radio communications standard have potentially left users exposed to snooping

• July 24, 2023 24 Jul'23

  Citrix NetScaler users told to patch new zero-day urgently

  A vulnerability disclosed and patched last week by Citrix appears to be being exploited by China-backed threat actors as a zero-day, prompting warnings from government cyber bodies

• July 24, 2023 24 Jul'23

  Security AI and automation may reduce cost of data breaches

  Organisations that go all in on security AI and automation tend to incur lower financial costs when they experience a data breach incident, according to an IBM report

• July 24, 2023 24 Jul'23

  Why cyber security should be part of your ESG strategy

  The impact of data breaches and cyber threats on businesses, societies and the environment makes cyber security a key consideration in an environment, social and governance strategy

• July 20, 2023 20 Jul'23

  Attention-seeking KillNet hacktivists becoming more dangerous

  The KillNet DDoS gang seems to be becoming more dangerous, but its primary goal remains to create a lot of noise and draw media attention, according to latest analysis

• July 17, 2023 17 Jul'23

  Police Scotland use cloud for biometric data despite clear risks

  Police Scotland confirms it has stored significant volumes of biometric data on a cloud-based digital evidence sharing system despite major ongoing data protection concerns, bringing into question the effectiveness of the current regulatory approach...

• July 17, 2023 17 Jul'23

  Shift towards ‘smarter’ digital life as broadband security, sustainability become key needs

  Cisco survey finds consumer expectations will reshape the needs and economics of the internet

• July 13, 2023 13 Jul'23

  Microsoft issues new warning over Chinese cyber espionage

  A newly uncovered Chinese espionage campaign exploited forged authentication tokens to access its victims’ email accounts, says Microsoft

• July 12, 2023 12 Jul'23

  Hackers: We won’t let artificial intelligence get the better of us

  AI is changing how ethical hackers go about their work, and will continue to do so, but the community is convinced the technology will never be able to replicate the creativity of a flesh-and-blood hacker

• July 06, 2023 06 Jul'23

  Vodafone tests quantum-safe business network solutions

  Telco announces initiative looking at transition to a quantum safe world, exploring and trialling new algorithms with upgraded smartphones to provide protection against possible quantum-empowered attackers in the future

• July 06, 2023 06 Jul'23

  Biometrics watchdog calls for public space surveillance review

  The biometrics and surveillance camera commissioner is calling for a review of public space surveillance to gain a clearer picture about the proliferation of Chinese surveillance technology across the public sector, but warns against applying double...

• July 04, 2023 04 Jul'23

  How Maxeon is forging the path to SASE

  Maxeon Solar Technologies is building out its security service edge capabilities with an eye on a SASE implementation that combines best of breed offerings from different suppliers

• June 29, 2023 29 Jun'23

  ‘Shadow’ AI use becoming a driver of insider cyber risk

  Off-the-books use of generative AI tools will inevitably lead to a costly, high-profile data breach for someone, but a little attention paid to appropriate data management policy can help mitigate the risk

• June 28, 2023 28 Jun'23

  Stolt-Nielsen SASE looks to optimise global connectivity, security for hybrid workers

  Bulk liquid logistics and sustainable land-based aquaculture expert advances secure digital transformation plans and operational efficiency

• June 27, 2023 27 Jun'23

  Three years on, EncroChat cryptophone hack nets 6,500 arrests and seizures of €900m

  French and Dutch prosecutors say three years after they infiltrated the EncroChat cryptophone network in a novel hacking operation, Europe’s courts are opening the way for more collaboration and data sharing between law enforcement agencies

• June 22, 2023 22 Jun'23

  Orange Business leads team to deliver cloud-native managed SASE to enterprises

  Enterprise division of the global telco taps in-house cyber security practice and leading cyber security technology provider to offer simpler operational model for customers with end-to-end accountability, improved agility, efficiency and performance

• June 19, 2023 19 Jun'23

  How Fastly thinks differently about CDNs and the edge

  Fastly is counting on its developer chops and different approaches towards security and other areas to compete with its rivals

• June 19, 2023 19 Jun'23

  Early June Microsoft outages were result of large-scale DDoS hit

  Investigations into recent outages on Microsoft Azure and Outlook services have turned up evidence of a massive distributed denial-of-service attack

• June 15, 2023 15 Jun'23

  Clop begins naming alleged MOVEit victims

  Clop uploaded details of 12 new victims to its dark web leak site late on 14 June, many of them likely linked to the ongoing MOVEit cyber attack

• June 14, 2023 14 Jun'23

  No zero-days for June Patch Tuesday, but plenty to chew over

  On the face of it, Microsoft’s monthly round of updates is a lighter-than-usual load for security teams, with no zero-days in evidence, but there are still plenty of issues needing attention

• June 09, 2023 09 Jun'23

  Extreme Networks emerges as victim of Clop MOVEit attack

  Network equipment and services supplier Extreme Networks has revealed its instance of Progress Software’s MOVEit tool was compromised in the ongoing Clop cyber attack

• June 09, 2023 09 Jun'23

  Barracuda ESG users told to throw away their hardware

  Owners of Barracuda Email Security Gateway appliances are being told that they will need to throw out and replace their kit after it emerged that a patch for a recently disclosed vulnerability had not done the job

• June 08, 2023 08 Jun'23

  Bishop Fox’s Vinnie Liu talks offensive security skills

  There is growing demand for offensive security testing, but it needs a multi-layered skillset that can be hard to quantify. Bishop Fox’s CEO and co-founder explains why and some potential mitigation strategies

• June 06, 2023 06 Jun'23

  Google launches hacker-backed SME security training scheme

  Citing research that shows almost half of SMEs are struggling to recruit cyber security specialists, Google is launching a programme designed to upskill more people to fill thousands of vacant roles

• May 26, 2023 26 May'23

  Cisco joins growing Manchester cyber security hub

  Networking kingpin signs up to Greater Manchester Digital Security Hub to support centre’s work on security resilience and skills

• May 25, 2023 25 May'23

  Alert over Chinese cyber campaign targeting critical networks

  A Chinese threat actor known as Volt Typhoon has been observed infiltrating CNI networks in a cyber espionage campaign, according to intelligence

• May 19, 2023 19 May'23

  Spanish lawyers claim police hacking of EncroChat cryptophones breaches human rights law

  Lawyers speaking at the Madrid Bar Association question the legality of a cryptophone hacking which has led to arrests of organised criminals in multiple countries

• May 17, 2023 17 May'23

  Pentera ups ante in penetration testing

  The Israeli startup, which expanded to the APAC region last year, scans for vulnerabilities and emulates cyber attacks through its automated security validation platform

• May 16, 2023 16 May'23

  Executive interview: DNS designer David Holtzman discusses net security

  How is it possible for criminals to lure people onto fake websites? Holtzman says it’s because DNS is fundamentally insecure

• May 12, 2023 12 May'23

  BT unveils secure networking service for UK business customers

  UK’s leading telco teams with US cyber security company to launch secure software-defined networking service for business customers available on a managed services basis

• May 12, 2023 12 May'23

  How Splunk is driving security automation

  Splunk’s head of security in APAC talks up the company’s efforts to ease the workloads of security analysts amid lower adoption of security automation and analytics in the region

• May 10, 2023 10 May'23

  How datacentre operators can fend off cyber attacks

  Applying zero-trust principles in the form of strong authentication controls and network segmentation can help datacentre operators to mitigate cyber threats

• May 03, 2023 03 May'23

  Cyber Action Plan for Wales launched

  The devolved Welsh government has set out four priorities in an action plan designed to foster cyber resilience, talent and innovation across the country

• April 27, 2023 27 Apr'23

  Google Cloud seals bug that could have led to data breaches

  The Asset Key Thief vulnerability gave rise to multiple potential attack scenarios that could have impacted thousands of Google Cloud users, but has now been safely fixed

• April 25, 2023 25 Apr'23

  Almost three-quarters of cyber attacks involve ransomware

  Data from Sophos’s annual Active Adversary Report reveals that almost three-quarters of the cyber security incidents it responded to in 2022 involved ransomware

• April 24, 2023 24 Apr'23

  Most IT staff uncomfortable deploying surveillance tech at work

  The IT teams responsible for deploying and running digital surveillance in workplaces say they are uncomfortable with “extremely common” practice of spying on colleagues, research finds

• April 21, 2023 21 Apr'23

  CyberUK 23: New advice on smart city security issued

  The NCSC and key allies have drawn up new guidance to help communities balance the cyber security risks involved with creating smart cities

• April 20, 2023 20 Apr'23

  New GovAssure cyber regime launches across UK government

  An enhanced cyber security regime is being put in place to better protect UK government IT systems from growing threats

• April 19, 2023 19 Apr'23

  Orange joins forces with industry, academia to build French quantum comms

  Leading telco joins industry leaders, start-ups and academic players announce the official launch of a programme in charge of deploying Quantum secure communications networks in France.

• April 19, 2023 19 Apr'23

  UK plc sees fewer cyber breaches and attacks, but lacks resilience

  Latest government figures reveal UK businesses and charities reported lower volumes of cyber breaches and attacks over the past 12 months, but the statistics mask widespread underreporting and the true state of cyber readiness and resilience appears...

• April 19, 2023 19 Apr'23

  CyberUK 23: NCSC CEO calls for collaboration and warns against complacency

  NCSC boss Lindy Cameron kicked off the annual CyberUK conference in Belfast with a plea for collaboration and a warning against complacency

• April 19, 2023 19 Apr'23

  Global finance firms take part in NATO cyber attack simulation

  Global financial services organisations take part in NATO annual event which simulates cyber attacks on critical infrastructure

• April 19, 2023 19 Apr'23

  Cisco urges users to keep its network hardware up-to-date

  In the wake of a campaign of threat activity targeting a six-year-old Cisco router vulnerability, the networking giant has warned users to be on high alert and update their hardware

• April 19, 2023 19 Apr'23

  CyberUK 23: Alert over mercenary Russian threat to CNI

  Russian hacktivists supportive of their government’s war on Ukraine are turning their attention to disruptive or destructive attacks on critical infrastructure in the UK, the NCSC has warned

• April 19, 2023 19 Apr'23

  How organisations can succeed with zero trust

  By starting small, taking a long-term view and prioritising the most critical assets in their zero-trust implementations, organisations will be able to reap returns from their investments in the security paradigm

• April 18, 2023 18 Apr'23

  Enterprise networking sees age of SASE and network as a service

  Report reveals complexity of third workspace has transformed how modern IT organisations view network and security, with 98% of IT executives planning to increase investment in cloud services

• April 18, 2023 18 Apr'23

  CyberUK 23: NCSC conference centres cyber collaboration

  The NCSC’s annual CyberUK conference gets underway in Belfast this week, with collaboration and cooperation high on the agenda

• April 18, 2023 18 Apr'23

  Tech companies and NGOs urge rewrite of Online Safety Bill to protect encrypted comms

  The Online Safety Bill faces amendments in the House of Lords amid concerns that it could weaken the security of end-to-end encrypted communications for UK citizens

• April 18, 2023 18 Apr'23

  Focus on these three risky behaviours to boost cloud security

  Some 80% of cloud security alerts are triggered by just 5% of security rules. Security teams can substantially improve their resilience by zeroing in on a small set of risky behaviours, according to a report

• April 13, 2023 13 Apr'23

  Thousands at risk from critical RCE bug in legacy MS service

  Thousands of organisations worldwide are at risk from three vulnerabilities – one critical – in a legacy Microsoft service that they may not be aware they are running