Network security management

Microsoft expands AI Copilot project into security realm

New Microsoft service, Security Copilot, will supposedly expand the reach, speed and effectiveness of cyber teams Continue Reading

Inside Group-IB’s cyber security playbook

A focus on threat intelligence, fraud protection and its work with Interpol has enabled Group-IB to compete against bigger rivals in the market Continue Reading

National Crime Agency sting operation infiltrates cyber crime market

The UK National Crime Agency has tricked thousands of potential cyber criminals into registering with a fake website pretending to offer tools for creating DDoS attacks Continue Reading

Aryaka expands SD-WAN, SASE offer to SMEs

Having deployed its services to large enterprises and Fortune 100 companies for over a decade, software-defined networking technology focuses on small to medium-sized enterprises for secure access and wide area networks Continue Reading

Trust: easy to lose, hard to recover

Here are just a few of the topics that my fellow Freeformers and I have enjoyed researching and writing about in recent years: network security, SD-WAN, digital identity, smart wallets, digital ... Continue Reading

Nordics move towards common cyber defence strategy

Nordic countries agree to work together to improve their cyber defences amid increasing threat Continue Reading

APAC buyer’s guide to SASE

Aaron Tan looks at the benefits of secure access service edge services, key considerations and the market landscape Continue Reading

Chinese Silkloader cyber attack tool falls into Russian hands

A loader tool used by Chinese cyber criminals seems to have been enthusiastically taken up in recent weeks by Russian ransomware operators Continue Reading

Nine in 10 enterprises fell victim to successful phishing in 2022

Egress annual email security risk report breaks down impacts of email-based phishing attacks and data loss, and the effect these can have on organisations in terms of staff retention and morale Continue Reading

Salt Labs identifies OAuth security flaw within Booking.com

Security flaw in Booking.com OAuth implementation could be used to launch account takeovers, but researchers discovered and flagged the issue before it could be exploited in the wild Continue Reading

US government Strike Force aims to prevent adversaries from accessing disruptive tech

The US Strike Force law enforcement initiative will target rogue nation-states that pose a national security threat Continue Reading

Security Think Tank: New trends and drivers in cyber security training

Self-paced, interactive, bite-sized learning is becoming the optimum path for cyber security training in the workplace, says John Tolbert of KuppingerCole Continue Reading

Multi-purpose malwares can use more than 20 MITRE ATT&CK TTPs

Report warns of the development of increasingly sophisticated, multi-purpose malwares, and calls on defenders to play close attention to the MITRE ATT&CK framework to ward them off Continue Reading

Killnet DDoS attacks disrupt Nato websites

A series of distributed denial of service attacks on various public websites belonging to the Nato alliance were largely repelled but some resources remain unavailable Continue Reading

How Check Point is keeping pace with the cyber security landscape

Check Point Software CEO Gil Shwed talks up the company’s growth areas, its approach to cloud security and the impact of generative AI on cyber security Continue Reading

APAC buyer’s guide to SASE

In this buyer’s guide on secure access service edge services, we look at the benefits of the technology, key considerations and the market landscape Continue Reading

Cops make arrests and seize drugs after hacking Exclu encrypted messaging app

Police in the Netherlands, Belgium and Poland raided 80 addresses after covertly intercepting messages from the Exclu encrypted messaging app Continue Reading

Australian organisations underinvesting in cyber security

Over half of Australian organisations failed to invest enough in cyber security over past three years, though awareness is improving in aftermath of high-profile data breaches Continue Reading

North Korea’s Lazarus gang exposes itself in opsec failure

WithSecure researchers linked a campaign of cyber attacks targeting medical research and energy firms to North Korea’s infamous Lazarus APT after a group member accidentally screwed up Continue Reading

NCSC for Startups inducts four companies into programme

Four more startups are set to join the NCSC accelerator, which helps the UK government develop technology and approaches to pressing cyber security challenges Continue Reading

Cisco fixes two bugs that could have led to supply chain attacks on users

Two vulnerabilities uncovered in Cisco hardware could have opened the door to serious supply chain cyber attacks, according to the Trellix researchers who found them Continue Reading

Russian DDoS hacktivists seen targeting western hospitals

A swathe of attacks by the Putin-supporting DDoS operation known as Killnet has targeted hospitals and other infrastructure in several Nato countries, with the UK thought to be at risk Continue Reading

Zero-trust implementations remain work in progress

Just one in 10 large enterprises are expected to have mature and measurable zero-trust programmes in place by 2026, study finds Continue Reading

Chinese IoT suppliers expose UK businesses to espionage and data theft

Chinese companies supplying network components, known as IoT modules, post a greater long-term threat to UK security than the now banned 5G supplier Huawei, according to a study by a Chinese expert and former diplomat Continue Reading

SSRF attacks hit 100,000 businesses globally since November

There has been a dramatic increase in attacks exploiting the ProxyNotShell/OWASSRF exploit chains to target Microsoft Exchange servers Continue Reading

Royal Society calls on public sector to pilot privacy tech

The Royal Society says public sector bodies should lead the way in piloting privacy-enhancing technologies to unlock the value of data without compromising privacy and data rights, but lack of standards and incentives mean adoption is slow Continue Reading

NCSC warning over cyber risk to charity sector

Cash-strapped charities without the resource to tackle their resilience deficit are increasingly at risk from malicious actors, says the NCSC Continue Reading

David Anderson KC to review UK surveillance laws

Home Office commissions independent review of the Investigatory Powers Act, known as the snoopers’ charter. It will include a review of bulk datasets and government access to internet connection records held by phone and internet companies Continue Reading

Cloudflare urged to clamp down on pirates, counterfeiters

A whitepaper produced by brand protection specialist Corsearch calls on Cloudflare to do more to stop online content piracy and sales of counterfeit goods Continue Reading

Cloudflare completes SASE offer with Magic WAN Connector

Software-defined wide-area network functionality released by online application acceleration and infrastructure provider Cloudflare to complete single-supplier secure access service edge offering Continue Reading

New APT group targets ASEAN governments and militaries

The Dark Pink advanced persistent threat group used custom malware to exfiltrate data from high-profile targets through spear-phishing emails last year, according to Group-IB Continue Reading

Vulnerable organisations to get free Cyber Essentials support

Charities and legal aid firms are among those to be offered free security checks and certifications from the National Cyber Security Centre Continue Reading

Russia’s Turla falls back on old malware C2 domains to avoid detection

Mandiant says it has observed the Russian APT UNC2410, also known as Turla, re-registering expired or sinkholed domains previously used by financially motivated cyber criminals Continue Reading

Cyber gang abused free trials to exploit public cloud CPU resources

A South Africa-based cyber crime gang exploited free trials and introductory offers to run cryptominers via public cloud services, then did a runner without paying Continue Reading

Warning over ransomware attacks spreading via Fortinet kit

Following the disclosure of a critical vulnerability in October 2022, Fortinet VPN devices were exploited in two known ransomware attacks, with access likely sold on the dark web Continue Reading

Securing low Earth orbit represents the new space race

The barriers to launching satellites into low Earth orbit are falling fast, and that brings new cyber security challenges Continue Reading

Cyber security professionals share their biggest lessons of 2022

In the run-up to 2023, cyber security professionals are taking the time to reflect on the past few months and share their biggest lessons of 2022 Continue Reading

How does red teaming test the ultimate limits of cyber security?

An expert ethical hacker reveals how he goes about carrying out a red team exercise Continue Reading

Complaints that NCA failed in duty of candour over EncroChat warrants ‘incredible’, court hears

NCA lawyers argue that a decision by an NCA intelligence officer to disclose notes of a key meeting after two-and-a-half years boosts her credibility as a witness Continue Reading

NCA ‘wrong-footed’ defence lawyers after agreeing to take expert evidence on EncroChat ‘as read’

The National Crime Agency argued at the Investigatory Powers Tribunal that expert evidence it agreed to ‘take as read’ is limited, flawed and often based on an incorrect interpretation of the law Continue Reading

Top 10 cyber security stories of 2022

The war in Ukraine loomed large over the cyber security news agenda, but 2022 also saw growing awareness of open source security, discussion around cyber insurance, and more besides Continue Reading

Top 10 cyber crime stories of 2022

Cyber crime continued to hit the headlines in 2022, with impactful cyber attacks abounding, digitally enabled fraud ever more widespread and plenty of ransomware incidents Continue Reading

Security Think Tank: 2022 brought plenty of learning opportunities in cyber

At the end of another busy 12 months, Turnkey Consulting’s Andrew Morris sums up some of the most important takeaways for cyber pros Continue Reading

UK unis implement new IP traffic policies to combat ransomware

Jisc will introduce new measures to protect UK universities and research institutions from ransomware attacks that exploit the Remote Desktop Protocol remote-access feature Continue Reading

Cops dismantle 48 DDoS-for-hire websites

An operation combining law enforcement from the UK, US, Netherlands and Europol has disrupted 48 of the world’s most popular DDoS booter websites Continue Reading

NCA officer questioned in Investigatory Powers Tribunal over failure to disclose EncroChat notes

EncroChat hacking warrant was unlawful and in breach of human rights law, the Investigatory Powers Tribunal hears Continue Reading

Microsoft fixes two zero-days in final Patch Tuesday of 2022

December’s Patch Tuesday is typically a light month for Microsoft, and this year proved no exception, but there are still several critical issues worth addressing, and two zero-days for defenders to pore over Continue Reading

New cyber approaches ease Registers of Scotland’s AWS migration

As the holder of the oldest national public land register in the world, Registers of Scotland has a storied history dating back centuries. Find out how Palo Alto Networks is keeping its processes and data secure as it goes all-in on Amazon Web Services Continue Reading

Finnish government launches information security voucher scheme

Finland’s government is offering businesses financial support to help them improve their cyber security Continue Reading

More Uber data exposed in possible supply chain attack

A second incident affecting ride-sharing app Uber appears to have originated through a third party in a supply chain attack Continue Reading

How Zscaler is cracking APAC’s cloud security market

Zscaler’s head in Asia-Pacific and Japan talks up the company’s growth momentum in the region and what it is doing to address areas where it can do better Continue Reading

Iranian APT seen exploiting GitHub repository as C2 mechanism

A subgroup of the Iran-linked Cobalt Mirage APT group has been caught taking advantage of the GitHub open source project as a means to operate its latest custom malware Continue Reading

Australia to develop new cyber security strategy

New strategy to be developed by top cyber security experts aims to turn Australia into a global cyber leader, among other goals Continue Reading

Security Think Tank: As cyber pros, we need to articulate our needs better

There is always a lot to learn about security, but one of the most important lessons may not relate to technology at all, says Petra Wenham Continue Reading

Industrial IoT focus of next NCSC startup challenge

The NCSC for Startups programme is looking for innovative ideas to encrypt and secure the industrial internet of things Continue Reading

Don’t become an unwitting tool in Russia’s cyber war

Researchers have turned up evidence that enterprise networks are being co-opted by Russian threat actors to launch attacks against targets in Ukraine. How can you avoid becoming an unwitting tool in a state-backed attack? Continue Reading

French cyber consultancy Hackuity sets up UK operation

Risk-based vulnerability management company is to establish a UK base of operations in the hope of expanding its enterprise client base Continue Reading

Security Think Tank: The more you buy, the less you protect

The most important lesson learned this year is that the more controls you have in place, the less secure you become, argues 2-sec’s Tim Holman Continue Reading

MI6 chief’s hacked emails attacked MI5 and betrayed British spy operations in China

Former UK spy boss Richard Dearlove leaked names of MI6 secret agent recruiters in China to back an aggressive right-wing US campaign against tech company Huawei. His emails were hacked and then leaked – probably by Russian intelligence Continue Reading

Ransomware: Is there hope beyond the overhyped?

Up-and-coming cyber concepts attack surface management and security mesh architectures seem to hold some promise in tackling ransomware, but they are a little way off maturity Continue Reading

Latest LockBit ransomware versions have wormable capabilities

Sophos researchers have reverse-engineered the Lockbit 3.0 ransomware, shedding new light on its evolving capabilities and firming up links with BlackMatter Continue Reading

Think technology, process, human risk to manage ransomware

Effective ransomware handling boils down to three core areas – technology, process and human risk Continue Reading

How gamifying cyber training can improve your defences

Security training is the cornerstone of any cyber defence strategy. With ever-escalating online threats, it is now more important than ever that this training is an engaging experience Continue Reading

Plexal inducts six into cyber leadership scheme

Tech innovation hub Plexal is expanding its Cyber Runway programme with a new Ignite strand dedicated to supporting high-potential security leaders Continue Reading

Not-for-profit aims to encourage 1,300 girls into cyber careers

CyNam, a not-for-profit cyber security initiative, is collaborating with industry, education providers and government to encourage young women into cyber Continue Reading

Your staff are the frontline in your ransomware fight

As part of a solid cyber defence plan, the CISO must make sure that the frontline within the organisation is prepared for an attack, says Theodore Wiggins of Airbus Protect Continue Reading

UK police arrest 120 in largest-ever cyber fraud crackdown

The administrator and more than 100 users of the iSpoof.cc cyber fraud website have been arrested in a major counter-fraud operation led by the Metropolitan Police Continue Reading

Red team tool developer slams ‘irresponsible’ disclosure

UK security firm MDSec defends its Nighthawk command and control penetration testing framework after suggestions were made that it could be appropriated by threat actors Continue Reading

Killnet DDoS hacktivists target Royal Family and others

Russia-aligned hacktivists targeted multiple UK websites, including those of the Royal Family, in a new campaign of DDoS attacks Continue Reading

Bug Bounty Calculator helps organisations fine-tune their payouts

Newly launched comparison tool will supposedly help operators of vulnerability disclosure or bug bounty programmes to ensure their payments match market rates and expectations, and attract the right sort of attention Continue Reading

New gold standard to protect good faith hackers

HackerOne’s new Gold Standard Safe Harbour statement will supposedly act as a guarantee for good faith hacking Continue Reading

CyberPeace Institute helps NGOs improve their security resilience

Adrien Ogée of the CyberPeace Institute talks about his work supporting NGOs and humanitarian organisations, and how the security community at large can help protect the world’s most vulnerable people Continue Reading

Enterprises embrace SD-WAN but miss benefits of integrated approach to security

Research from managed network and security services provider finds virtually all enterprises have deployed software-defined wide area networks or plan to do so within the next 24 months, but nearly half reported they either don’t have security integrated with SD-WAN or have no specific SD-WAN security at all Continue Reading

Another Log4Shell warning after Iranian attack on US government

The breach of a US federal body by an Iranian threat actor exploiting the Adobe Log4j Log4Shell vulnerability has prompted a fresh flurry of patching Continue Reading

Global network fragmentation a source of increasing risk

Risk consultancy’s report says the weaponisation of cyber space and geopolitical clashes herald a breakdown of global networks into distinct regional or national architectures Continue Reading

Security Think Tank: Ransomware defences: An extended to-do list

Strategies to extend ransomware protection beyond backups and intrusion detection must centre dark web monitoring, among other things Continue Reading

Security Think Tank: Let’s be transparent about ransomware

Greater transparency regarding ransomware attacks, including details about attack methods used and what kinds of assets were compromised, would likely help the community prevent future attacks Continue Reading

MoD recruits Immersive Labs to bolster cyber resilience

UK’s Ministry of Defence will run cyber drills and address its security talent gap with Immersive Labs’ CyberPro, Cyber Crisis Simulator and Application Security products Continue Reading

Security Think Tank: To stop ransomware, preparation is the best medicine

You can’t ‘stop’ ransomware, but you can do a lot to keep yourself from becoming ensnared when it strikes Continue Reading

Optus earmarks A$140m to cover cost of data breach

Optus sets aside A$140m as an exceptional expense for a customer remediation programme following a massive data breach that affected 10 million customers Continue Reading

Security Think Tank: Anti-ransomware strategies should be as easy as ABC

When developing and implementing ransomware protection strategies, the importance of paying thorough attention to security measures you might consider elementary cannot be understated Continue Reading

Microsoft: Nation-state cyber attacks became increasingly destructive in 2022

The willingness of nation-state actors to conduct destructive cyber attacks is a source of grave concern, as Microsoft’s latest annual Digital Defence Report lays bare Continue Reading

Microsoft pledges $100m in new IT support for Ukraine

Microsoft will continue to offer free-of-charge technology support to Ukraine for the foreseeable future Continue Reading

Automated threats biggest source of cyber risk for retailers

Threat actors targeting retailers during the coming holiday season are increasingly turning to automated forms of cyber attack, according to a report Continue Reading

Security Think Tank: Know your networks, know your suppliers

To combat the ransomware scourge, we must work harder to monitor and learn from the increasingly complex threat environment, keep a closer eye on supply chains, and share our insights Continue Reading

NCSC looks back on year of ‘profound change’ for cyber

The NCSC ramped up its support for UK plc in the past 12 months, but it was events beyond the UK’s borders that proved the most impactful Continue Reading

Security Think Tank: Container security: why so different?

Done well, container security can be a model for securing the enterprise, and businesses that focus their teams on solving it can help accelerate positive change in other areas Continue Reading

How has container security changed since 2020, and have we taken it too far?

While containers are now one of the most popular ways to deploy applications, it is fair to say that the adoption and implementation of security best practice to govern their use has not kept up Continue Reading

Will the OCSF create an open and collaborative cyber industry?

The Open Cybersecurity Schema Framework promises to transform security data analysis and collection, but there are challenges around adoption Continue Reading

NHS to get new national CISO

The Department for Health and Social Care is seeking a new national CISO, who will be tasked with providing strategic cyber leadership, direction and expertise across DHSC and the wider NHS Continue Reading

Medibank breach casts spotlight on data security

Health insurer Medibank Private recently suffered a major data breach involving the personal and health information of millions of customers, once again casting the spotlight on data security in Australia Continue Reading

US authorities charge two Chinese spies over telco security probe

Two Chinese nationals have been charged with attempting to obstruct the criminal prosecution of a prominent Chinese telecoms firm Continue Reading

The Security Interviews: Why now for ZTNA 2.0?

With organisations facing escalating online threats, security teams need to improve their defences using zero-trust network access to preserve the integrity of their systems. Palo Alto Networks’ Simon Crocker shares his views on zero-trust network access Continue Reading

VPN vs. zero trust vs. SDP: What's the difference?

For strong network security, many vendors say VPNs don't cut it anymore. Enter the zero-trust security model and SDPs. Continue Reading

Cyber professional shortfall hits 3.4 million

Shortage of cyber security professionals continues to grow and shows no signs of abating, says report Continue Reading

The future of VPNs in the enterprise

VPNs have been the workhorse of online connectivity. Enhancements to software and processing power in end devices will transform how companies use the technology going forward. Continue Reading

Protecting children by scanning encrypted messages is ‘magical thinking’, says Cambridge professor

Ross Anderson argues in a rebuttal to GCHQ experts that using artificial intelligence to scan encrypted messaging services is the wrong approach to protecting children and preventing terrorism Continue Reading

Australia becoming hotbed for cyber attacks

Research by Imperva shows an 81% increase in cyber security incidents in Australia between July 2021 and June 2022, including automated attacks that doubled in frequency Continue Reading

Gartner: Remote work, zero trust, cloud still driving cyber spend

Security leaders are eager to spend on categories including remote and hybrid cyber offerings, zero-trust network access, and cloud Continue Reading

CW Middle East: Qatar strengthens cyber defences ahead of FIFA World Cup

Being the first Arab country to host the World Cup is pressure enough on Qatar, but there is also a massive cyber security challenge associated with any event of this magnitude. Read about its preparations. Also in this issue, find out about the unique challenges of hiring IT professionals in Saudi Arabia. Continue Reading