News

Network security management

• December 15, 2022 15 Dec'22

  Cops dismantle 48 DDoS-for-hire websites

  An operation combining law enforcement from the UK, US, Netherlands and Europol has disrupted 48 of the world’s most popular DDoS booter websites

• December 15, 2022 15 Dec'22

  NCA officer questioned in Investigatory Powers Tribunal over failure to disclose EncroChat notes

  EncroChat hacking warrant was unlawful and in breach of human rights law, the Investigatory Powers Tribunal hears

• December 14, 2022 14 Dec'22

  Microsoft fixes two zero-days in final Patch Tuesday of 2022

  December’s Patch Tuesday is typically a light month for Microsoft, and this year proved no exception, but there are still several critical issues worth addressing, and two zero-days for defenders to pore over

• December 14, 2022 14 Dec'22

  New cyber approaches ease Registers of Scotland’s AWS migration

  As the holder of the oldest national public land register in the world, Registers of Scotland has a storied history dating back centuries. Find out how Palo Alto Networks is keeping its processes and data secure as it goes all-in on Amazon Web ...

• December 13, 2022 13 Dec'22

  Finnish government launches information security voucher scheme

  Finland’s government is offering businesses financial support to help them improve their cyber security

• December 13, 2022 13 Dec'22

  More Uber data exposed in possible supply chain attack

  A second incident affecting ride-sharing app Uber appears to have originated through a third party in a supply chain attack

• December 11, 2022 11 Dec'22

  How Zscaler is cracking APAC’s cloud security market

  Zscaler’s head in Asia-Pacific and Japan talks up the company’s growth momentum in the region and what it is doing to address areas where it can do better

• December 09, 2022 09 Dec'22

  Iranian APT seen exploiting GitHub repository as C2 mechanism

  A subgroup of the Iran-linked Cobalt Mirage APT group has been caught taking advantage of the GitHub open source project as a means to operate its latest custom malware

• December 08, 2022 08 Dec'22

  Australia to develop new cyber security strategy

  New strategy to be developed by top cyber security experts aims to turn Australia into a global cyber leader, among other goals

• December 06, 2022 06 Dec'22

  Industrial IoT focus of next NCSC startup challenge

  The NCSC for Startups programme is looking for innovative ideas to encrypt and secure the industrial internet of things

• December 06, 2022 06 Dec'22

  Don’t become an unwitting tool in Russia’s cyber war

  Researchers have turned up evidence that enterprise networks are being co-opted by Russian threat actors to launch attacks against targets in Ukraine. How can you avoid becoming an unwitting tool in a state-backed attack?

• December 05, 2022 05 Dec'22

  French cyber consultancy Hackuity sets up UK operation

  Risk-based vulnerability management company is to establish a UK base of operations in the hope of expanding its enterprise client base

• December 01, 2022 01 Dec'22

  MI6 chief’s hacked emails attacked MI5 and betrayed British spy operations in China

  Former UK spy boss Richard Dearlove leaked names of MI6 secret agent recruiters in China to back an aggressive right-wing US campaign against tech company Huawei. His emails were hacked and then leaked – probably by Russian intelligence

• November 30, 2022 30 Nov'22

  Latest LockBit ransomware versions have wormable capabilities

  Sophos researchers have reverse-engineered the Lockbit 3.0 ransomware, shedding new light on its evolving capabilities and firming up links with BlackMatter

• November 27, 2022 27 Nov'22

  Plexal inducts six into cyber leadership scheme

  Tech innovation hub Plexal is expanding its Cyber Runway programme with a new Ignite strand dedicated to supporting high-potential security leaders

• November 24, 2022 24 Nov'22

  Not-for-profit aims to encourage 1,300 girls into cyber careers

  CyNam, a not-for-profit cyber security initiative, is collaborating with industry, education providers and government to encourage young women into cyber

• November 23, 2022 23 Nov'22

  UK police arrest 120 in largest-ever cyber fraud crackdown

  The administrator and more than 100 users of the iSpoof.cc cyber fraud website have been arrested in a major counter-fraud operation led by the Metropolitan Police

• November 23, 2022 23 Nov'22

  Red team tool developer slams ‘irresponsible’ disclosure

  UK security firm MDSec defends its Nighthawk command and control penetration testing framework after suggestions were made that it could be appropriated by threat actors

• November 22, 2022 22 Nov'22

  Killnet DDoS hacktivists target Royal Family and others

  Russia-aligned hacktivists targeted multiple UK websites, including those of the Royal Family, in a new campaign of DDoS attacks

• November 21, 2022 21 Nov'22

  Bug Bounty Calculator helps organisations fine-tune their payouts

  Newly launched comparison tool will supposedly help operators of vulnerability disclosure or bug bounty programmes to ensure their payments match market rates and expectations, and attract the right sort of attention

• November 18, 2022 18 Nov'22

  New gold standard to protect good faith hackers

  HackerOne’s new Gold Standard Safe Harbour statement will supposedly act as a guarantee for good faith hacking

• November 18, 2022 18 Nov'22

  CyberPeace Institute helps NGOs improve their security resilience

  Adrien Ogée of the CyberPeace Institute talks about his work supporting NGOs and humanitarian organisations, and how the security community at large can help protect the world’s most vulnerable people

• November 18, 2022 18 Nov'22

  Enterprises embrace SD-WAN but miss benefits of integrated approach to security

  Research from managed network and security services provider finds virtually all enterprises have deployed software-defined wide area networks or plan to do so within the next 24 months, but nearly half reported they either don’t have security ...

• November 17, 2022 17 Nov'22

  Another Log4Shell warning after Iranian attack on US government

  The breach of a US federal body by an Iranian threat actor exploiting the Adobe Log4j Log4Shell vulnerability has prompted a fresh flurry of patching

• November 16, 2022 16 Nov'22

  Global network fragmentation a source of increasing risk

  Risk consultancy’s report says the weaponisation of cyber space and geopolitical clashes herald a breakdown of global networks into distinct regional or national architectures

• November 11, 2022 11 Nov'22

  MoD recruits Immersive Labs to bolster cyber resilience

  UK’s Ministry of Defence will run cyber drills and address its security talent gap with Immersive Labs’ CyberPro, Cyber Crisis Simulator and Application Security products

• November 09, 2022 09 Nov'22

  Optus earmarks A$140m to cover cost of data breach

  Optus sets aside A$140m as an exceptional expense for a customer remediation programme following a massive data breach that affected 10 million customers

• November 04, 2022 04 Nov'22

  Microsoft: Nation-state cyber attacks became increasingly destructive in 2022

  The willingness of nation-state actors to conduct destructive cyber attacks is a source of grave concern, as Microsoft’s latest annual Digital Defence Report lays bare

• November 03, 2022 03 Nov'22

  Microsoft pledges $100m in new IT support for Ukraine

  Microsoft will continue to offer free-of-charge technology support to Ukraine for the foreseeable future

• November 03, 2022 03 Nov'22

  Automated threats biggest source of cyber risk for retailers

  Threat actors targeting retailers during the coming holiday season are increasingly turning to automated forms of cyber attack, according to a report

• November 01, 2022 01 Nov'22

  NCSC looks back on year of ‘profound change’ for cyber

  The NCSC ramped up its support for UK plc in the past 12 months, but it was events beyond the UK’s borders that proved the most impactful

• October 27, 2022 27 Oct'22

  NHS to get new national CISO

  The Department for Health and Social Care is seeking a new national CISO, who will be tasked with providing strategic cyber leadership, direction and expertise across DHSC and the wider NHS

• October 27, 2022 27 Oct'22

  Medibank breach casts spotlight on data security

  Health insurer Medibank Private recently suffered a major data breach involving the personal and health information of millions of customers, once again casting the spotlight on data security in Australia

• October 25, 2022 25 Oct'22

  US authorities charge two Chinese spies over telco security probe

  Two Chinese nationals have been charged with attempting to obstruct the criminal prosecution of a prominent Chinese telecoms firm

• October 20, 2022 20 Oct'22

  The Security Interviews: Why now for ZTNA 2.0?

  With organisations facing escalating online threats, security teams need to improve their defences using zero-trust network access to preserve the integrity of their systems. Palo Alto Networks’ Simon Crocker shares his views on zero-trust network ...

• October 20, 2022 20 Oct'22

  Cyber professional shortfall hits 3.4 million

  Shortage of cyber security professionals continues to grow and shows no signs of abating, says report

• October 14, 2022 14 Oct'22

  Protecting children by scanning encrypted messages is ‘magical thinking’, says Cambridge professor

  Ross Anderson argues in a rebuttal to GCHQ experts that using artificial intelligence to scan encrypted messaging services is the wrong approach to protecting children and preventing terrorism

• October 14, 2022 14 Oct'22

  Australia becoming hotbed for cyber attacks

  Research by Imperva shows an 81% increase in cyber security incidents in Australia between July 2021 and June 2022, including automated attacks that doubled in frequency

• October 13, 2022 13 Oct'22

  Gartner: Remote work, zero trust, cloud still driving cyber spend

  Security leaders are eager to spend on categories including remote and hybrid cyber offerings, zero-trust network access, and cloud

• October 12, 2022 12 Oct'22

  NCSC urges organisations to secure supply chains

  NCSC’s latest guidance package centres supply chain security, helping medium to large organisations assess and mitigate cyber risks from suppliers

• October 12, 2022 12 Oct'22

  French Supreme Court rejects EncroChat verdict after lawyers question secrecy over hacking operation

  France’s Supreme Court has sent a case back to the court of appeal after police failed to disclose technical details of EncroChat hacking operation

• October 10, 2022 10 Oct'22

  How Cloudflare is staying ahead of the curve

  Cloudflare co-founder and CEO Matthew Prince talks up what has changed since the company’s first business plan was written in 2009 and how it keeps pace with the fast-moving network security landscape

• October 05, 2022 05 Oct'22

  Inside Dell Technologies’ zero-trust approach

  Dell Technologies’ zero-trust reference model starts with defining business controls and having a central control plane that manages all the security aspects of an organisation’s infrastructure

• September 29, 2022 29 Sep'22

  Failure of Russia’s cyber attacks on Ukraine is most important lesson for NCSC

  Russia has so far failed in its attempts to destabilise Ukraine through cyber attacks due to strength of Ukrainian, security industry and international efforts

• September 28, 2022 28 Sep'22

  UK suffers third highest number of ransomware attacks globally

  Based on an analysis of around 5,000 ransomware incidents, NordLocker has found that UK businesses, and small businesses in particular, are a priority target for ransomware gangs

• September 28, 2022 28 Sep'22

  Most hackers exfiltrate data within five hours of gaining access

  Insights from more than 300 sanctioned adversaries, otherwise known as ‘ethical’ hackers, reveal that around two-thirds are able to collect and exfiltrate data within just five hours of gaining access

• September 27, 2022 27 Sep'22

  Fraudsters adapt phishing scams to exploit cost-of-living crisis

  Around 80,000 Brits a month are falling victim to phishing attacks as fraudsters switch up tactics to take advantage of cost-of-living crisis and behavioural changes prompted by pandemic

• September 23, 2022 23 Sep'22

  Threat actors abused lack of MFA, OAuth in spam campaign

  Microsoft threat researchers have reported on a series of cyber attacks in which enterprises with lax IAM policies had their systems hijacked to conduct spam email campaigns

• September 22, 2022 22 Sep'22

  Nordic private equity firms pursue cyber security acquisitions

  Increasing interest in the security sector from Nordic private equity firms is a reflection of growing threats and increasing enterprise security budgets

• September 22, 2022 22 Sep'22

  Privacy Pledge signatories dream of alternative internet

  A group of privacy-focused organisations have come together to establish a set of principles for taking the internet back from big tech and surveillance capitalism