News

Web application security

• September 05, 2019 05 Sep'19

  Singapore’s SecureAge eyes US market

  The Singapore-based supplier of encryption and anti-malware tools has set up a new office in Greater Washington, DC as the next logical step in its global expansion plan

• August 26, 2019 26 Aug'19

  VMware’s latest acquisitions point to emerging platform war

  VMware’s buyout of Carbon Black and Pivotal is a sign of an emerging platform war following the IBM-Red Hat deal

• August 23, 2019 23 Aug'19

  Kaspersky eyes enterprise business, opens APAC transparency hub

  The security firm wants to engage with enterprises and use its newly launched Malaysian Transparency Centre to burnish its credentials

• August 21, 2019 21 Aug'19

  Silence APT group eyes APAC banks

  Russian-speaking advanced persistent threat group has set its sights on banks in the region, customising its arsenal for targeted attacks

• August 20, 2019 20 Aug'19

  Even fintech startups battling to meet cyber security challenges

  A study shows that most fintech startups, like most banks, are failing to address vulnerabilities in the web and mobile applications, underlining the scale of the challenge

• August 19, 2019 19 Aug'19

  How EDR is moving beyond the endpoint

  An emerging breed of detection and response offerings is going beyond endpoints to collect and decipher telemetry data from across the enterprise

• August 15, 2019 15 Aug'19

  Formjacking dominates web-related data breaches

  Formjacking has become one of the most popular data stealing methods, say researchers, who urge commercial websites to review all third-party coding practices without delay

• August 14, 2019 14 Aug'19

  DCMS funding aims to increase diversity in cyber sector

  A funding round has been announced as part of the Cyber Skills Immediate Impact Fund (CSIIF) with aims of encouraging more diverse talent into the UK’s cyber security sector

• August 14, 2019 14 Aug'19

  Digital domain identified as major security threat by Norway’s intelligence service

  Norway's intelligence services has revealed the extent of the threat posed to the country by cyber attacks

• August 14, 2019 14 Aug'19

  British Airways e-ticketing system could expose passenger details

  British Airways has not addressed a potential leak of passenger details despite warnings from security researchers, but says it is aware of the issue and is taking action

• August 13, 2019 13 Aug'19

  BACnet IoT building automation devices vulnerable to attack

  A security researcher has revealed that internet-connected building automating devices using the BACnet communication protocol are vulnerable to cyber attack

• August 09, 2019 09 Aug'19

  F-Secure warns of F5 Big IP-related security issue

  F-Secure has discovered security issues relating to an F5 device that it says could potentially turn hundreds of thousands of load balancers into beachheads for cyber attacks

• August 09, 2019 09 Aug'19

  NCC Group warns of security risks of leading printers

  Researchers uncover more than 35 vulnerabilities in six leading enterprise printers, many of which could allow access to corporate networks, underlining the need to counter security risks of embedded systems

• July 31, 2019 31 Jul'19

  Financial services top cyber attack target

  Financial services are among the most attractive targets for cyber attackers, security researchers reveal, with phishing and credential stuffing among the top threats

• July 24, 2019 24 Jul'19

  Global malware down but ransomware up, with UK hard hit

  Despite a global decrease in the volume of malware in the past year, ransomware is surging once again, and the UK is one of the worst-hit countries, a report reveals

• June 25, 2019 25 Jun'19

  APT attack on telcos highlights need for comprehensive defence

  A global cyber attack against multiple telecommunications firms underlines need for comprehensive approach to cyber defence, say researchers and industry commentators

• June 17, 2019 17 Jun'19

  DevSecOps is key to uniting opposing forces

  Unifying DevOps and security teams with the aid of automation will bring harmony and added business benefits, says systems engineer

• June 17, 2019 17 Jun'19

  Inside F5’s cyber security playbook

  F5 Networks' CISO talks up measures that the application delivery and security specialist is employing to fend off cyber attackers that come knocking on its doors

• June 04, 2019 04 Jun'19

  Beware of security blind spots in encrypted traffic

  The growth of encrypted traffic has put the spotlight on intrusion prevention systems that help to surface cyber attacks conducted under the cloak of network encryption

• May 23, 2019 23 May'19

  Lapse in LinkedIn security certificate update

  A lapse in the update of LinkedIn’s security certificate has once again underlined the importance of keeping track to avoid disruptions and phishing attacks, and how even big players are failing to get it right

• April 01, 2019 01 Apr'19

  Black Hat Asia 2019: Get ready for the cyber arms race

  The arms race is now squarely in the cyber realm as defence teams and threat actors arm themselves with AI tools

• March 29, 2019 29 Mar'19

  Magento e-commerce sites urged to apply security update

  Security experts are urging companies using the Magento e-commerce site to apply security updates without delay to avoid a disastrous hacking campaign

• March 26, 2019 26 Mar'19

  Firms urged to gear up for new malware and tactics as threats proliferate

  The volume of malware attacks reached a record level in 2018, with UK and India bucking global trend of increased ransomware attacks, a study shows

• March 18, 2019 18 Mar'19

  CyLon announces latest cyber security accelerator cohort

  Swiss and Israeli cyber security startups join teams from the UK for CyLon’s ninth London accelerator cohort

• March 01, 2019 01 Mar'19

  Facebook facing 10 GDPR investigations in Ireland

  Ireland’s Data Protection Commission has revealed it has 10 active probes into Facebook, Instagram and WhatsApp, as well as Apple, LinkedIn and Twitter, on its books

• February 22, 2019 22 Feb'19

  Facebook planned to spy on Android phone users, internal emails reveal

  Facebook planned to use its Android app to track the location of its customers and to allow advertisers to send political advertising and invites to dating sites to ‘single’ people, confidential documents show

• February 12, 2019 12 Feb'19

  Telegram bot gets users hooked

  Popular social media service provides a rich set of features for cyber criminals, RSA warns

• February 11, 2019 11 Feb'19

  Lauri Love takes legal action against NCA for return of seized computers

  Lauri Love, a former engineering student who won a battle with the US Department of Justice against extradition to the US to face hacking charges, is suing the UK's intelligence agency, the NCA, for the return of his seized computers

• January 30, 2019 30 Jan'19

  How traffic scrubbing can guard against DDoS attacks

  Although most scrubbing services can help fend off distributed denial of service attacks, a more comprehensive mitigation strategy is required to remain unscathed

• January 10, 2019 10 Jan'19

  UK firms say £6.6bn annual security testing cost too high

  Avord launches platform to reduce the multibillion-pound annual cyber security testing cost that most UK firms say is too high

• December 23, 2018 23 Dec'18

  'Serious' Twitter flaw allows hackers to post on other people's accounts

  A vulnerability in Twitter allows hackers to send tweets, private messages, post images or videos, and turn off security features, says British security researcher

• December 18, 2018 18 Dec'18

  APAC cyber security landscape to be more tumultuous in 2019

  Amid growing cyber threats, the Asia-Pacific cyber security landscape will not get any rosier in 2019 unless organisations start shoring up their cyber hygiene

• December 11, 2018 11 Dec'18

  Mac malware makes debut in top 10 list

  Mac malware appears in the WatchGuard top 10 malware list for first time, and 6.8% of major websites still use an insecure SSL protocol, according to the firm’s latest internet security report

• December 04, 2018 04 Dec'18

  ‘Open-minded’ DVSA cuts cost of MOT testing

  Government agency harnesses customised open source platform to ensure data security while cutting costs and plans to extend its MOT testing capability to do the same for drivers’ theory tests

• November 30, 2018 30 Nov'18

  Marriott data breach highlights basic failings

  A breach of a guest reservation database of the Starwood division of the Marriott International hotel group highlights basic personal data protection failures

• November 06, 2018 06 Nov'18

  APAC firms warm up to SD-WAN to solve networking woes

  A third of enterprises in the APAC region have already deployed SD-WAN at most of their sites, while 55% are in the process of doing so, a study shows

• October 11, 2018 11 Oct'18

  Optus to acquire Hivint in cyber security deal

  The deal is expected to bolster the telco’s security pedigree in a market that is grappling with more data breaches and cyber incidents

• September 12, 2018 12 Sep'18

  Two-thirds of emails not clean, says research

  Two-thirds of emails don't make it to the inbox because security systems consider them unsafe, according to research

• September 11, 2018 11 Sep'18

  British Airways data breach: Security researchers name suspects and query attack timeline

  Security researchers claim to have pinpointed the cause and perpetrators of the British Airways data breach, and also claim the attackers may have had access to its customer data for far longer than previously thought

• September 11, 2018 11 Sep'18

  Public cloud use surges among DDoS attackers, research shows

  According to data accrued by DDoS mitigation firm, Link11, the number of attackers that rely on public cloud services soared during the 12 months to June 2018

• September 10, 2018 10 Sep'18

  Cyber criminals outspend businesses in cyber security battle

  Cybercriminals are flexing their financial might and UK organisations are facing more attacks as a result

• August 23, 2018 23 Aug'18

  Apache Struts users urged to update due to new security flaw

  Another security flaw has been discovered in the Apache Struts, which was at the heart of the massive Equifax data breach in 2017

• August 08, 2018 08 Aug'18

  Check Point warns of WhatsApp vulnerabilities

  Researchers are warning of vulnerabilities in WhatsApp that allow threat actors to intercept and manipulate messages sent in a group chat

• August 06, 2018 06 Aug'18

  Mobile banking Trojans reach all-time high

  Mobile banking Trojans topped the list of cyber threats in the second quarter of the year, according to research by Kaspersky Lab

• July 26, 2018 26 Jul'18

  Software development remains insecure

  The prevalence of common and well-known web-based vulnerabilities underlines the need for better education around secure software development

• July 24, 2018 24 Jul'18

  Most firms have software security vulnerability

  Most firms have a software vulnerability that can be exploited by cyber attackers, a study has revealed

• July 17, 2018 17 Jul'18

  A third of organisations do not have a security expert, survey shows

  Around a third of organisations are vulnerable to cyber attacks due to a lack of dedicated in-house cyber security experts, finds Gartner survey

• July 12, 2018 12 Jul'18

  Cyber attackers cashing in on ‘hidden’ attack surface

  Cyber attackers are cashing in on organisations’ lack of visibility into all online interactions that can involve multiple third parties, a report reveals

• July 11, 2018 11 Jul'18

  White-hat hackers find record number of vulnerabilities

  White-hat hackers are finding more vulnerabilities than ever before, with crowdsourced security testing continuing to gain popularity, a report reveals

• July 09, 2018 09 Jul'18

  Inside one of the world’s largest bug bounty programmes

  Trend Micro’s Zero Day Initiative may be the top external supplier of software bug reporting for Microsoft and Adobe, but that does not mean it purchases every type of bug