Network security management
-
News
24 Jul 2024
WhatsApp and Signal messages at risk of surveillance following EncroChat ruling, court hears
Defence lawyers seek leave to appeal a decision by the Investigatory Powers Tribunal that the National Crime Agency lawfully obtained warrants to intercept messages sent over an encrypted phone network Continue Reading
-
Feature
23 Jul 2024
Enhancing mobile app security with behaviour-based biometrics
Behavioural-based biometrics offer tantalising advantages over more traditional biometric solutions. Learn about some of the benefits and potential challenges for safe and secure implementation Continue Reading
-
News
22 Dec 2022
Top 10 cyber crime stories of 2022
Cyber crime continued to hit the headlines in 2022, with impactful cyber attacks abounding, digitally enabled fraud ever more widespread and plenty of ransomware incidents Continue Reading
-
Opinion
19 Dec 2022
Security Think Tank: 2022 brought plenty of learning opportunities in cyber
At the end of another busy 12 months, Turnkey Consulting’s Andrew Morris sums up some of the most important takeaways for cyber pros Continue Reading
-
News
16 Dec 2022
UK unis implement new IP traffic policies to combat ransomware
Jisc will introduce new measures to protect UK universities and research institutions from ransomware attacks that exploit the Remote Desktop Protocol remote-access feature Continue Reading
-
News
15 Dec 2022
Cops dismantle 48 DDoS-for-hire websites
An operation combining law enforcement from the UK, US, Netherlands and Europol has disrupted 48 of the world’s most popular DDoS booter websites Continue Reading
-
News
15 Dec 2022
NCA officer questioned in Investigatory Powers Tribunal over failure to disclose EncroChat notes
EncroChat hacking warrant was unlawful and in breach of human rights law, the Investigatory Powers Tribunal hears Continue Reading
-
News
14 Dec 2022
Microsoft fixes two zero-days in final Patch Tuesday of 2022
December’s Patch Tuesday is typically a light month for Microsoft, and this year proved no exception, but there are still several critical issues worth addressing, and two zero-days for defenders to pore over Continue Reading
-
News
14 Dec 2022
New cyber approaches ease Registers of Scotland’s AWS migration
As the holder of the oldest national public land register in the world, Registers of Scotland has a storied history dating back centuries. Find out how Palo Alto Networks is keeping its processes and data secure as it goes all-in on Amazon Web Services Continue Reading
-
Definition
13 Dec 2022
ISO 27001
ISO 27001, formally known as ISO/IEC 27001:2022, is an information security standard created by the International Organization for Standardization (ISO), which provides a framework and guidelines for establishing, implementing and managing an information security management system (ISMS). Continue Reading
-
News
13 Dec 2022
Finnish government launches information security voucher scheme
Finland’s government is offering businesses financial support to help them improve their cyber security Continue Reading
-
News
13 Dec 2022
More Uber data exposed in possible supply chain attack
A second incident affecting ride-sharing app Uber appears to have originated through a third party in a supply chain attack Continue Reading
-
News
11 Dec 2022
How Zscaler is cracking APAC’s cloud security market
Zscaler’s head in Asia-Pacific and Japan talks up the company’s growth momentum in the region and what it is doing to address areas where it can do better Continue Reading
-
News
09 Dec 2022
Iranian APT seen exploiting GitHub repository as C2 mechanism
A subgroup of the Iran-linked Cobalt Mirage APT group has been caught taking advantage of the GitHub open source project as a means to operate its latest custom malware Continue Reading
-
News
08 Dec 2022
Australia to develop new cyber security strategy
New strategy to be developed by top cyber security experts aims to turn Australia into a global cyber leader, among other goals Continue Reading
-
Opinion
07 Dec 2022
Security Think Tank: As cyber pros, we need to articulate our needs better
There is always a lot to learn about security, but one of the most important lessons may not relate to technology at all, says Petra Wenham Continue Reading
-
News
06 Dec 2022
Industrial IoT focus of next NCSC startup challenge
The NCSC for Startups programme is looking for innovative ideas to encrypt and secure the industrial internet of things Continue Reading
-
News
06 Dec 2022
Don’t become an unwitting tool in Russia’s cyber war
Researchers have turned up evidence that enterprise networks are being co-opted by Russian threat actors to launch attacks against targets in Ukraine. How can you avoid becoming an unwitting tool in a state-backed attack? Continue Reading
-
News
05 Dec 2022
French cyber consultancy Hackuity sets up UK operation
Risk-based vulnerability management company is to establish a UK base of operations in the hope of expanding its enterprise client base Continue Reading
-
Opinion
05 Dec 2022
Security Think Tank: The more you buy, the less you protect
The most important lesson learned this year is that the more controls you have in place, the less secure you become, argues 2-sec’s Tim Holman Continue Reading
-
News
01 Dec 2022
MI6 chief’s hacked emails attacked MI5 and betrayed British spy operations in China
Former UK spy boss Richard Dearlove leaked names of MI6 secret agent recruiters in China to back an aggressive right-wing US campaign against tech company Huawei. His emails were hacked and then leaked – probably by Russian intelligence Continue Reading
-
Opinion
01 Dec 2022
Ransomware: Is there hope beyond the overhyped?
Up-and-coming cyber concepts attack surface management and security mesh architectures seem to hold some promise in tackling ransomware, but they are a little way off maturity Continue Reading
-
News
30 Nov 2022
Latest LockBit ransomware versions have wormable capabilities
Sophos researchers have reverse-engineered the Lockbit 3.0 ransomware, shedding new light on its evolving capabilities and firming up links with BlackMatter Continue Reading
-
Opinion
30 Nov 2022
Think technology, process, human risk to manage ransomware
Effective ransomware handling boils down to three core areas – technology, process and human risk Continue Reading
-
Feature
29 Nov 2022
How gamifying cyber training can improve your defences
Security training is the cornerstone of any cyber defence strategy. With ever-escalating online threats, it is now more important than ever that this training is an engaging experience Continue Reading
-
News
27 Nov 2022
Plexal inducts six into cyber leadership scheme
Tech innovation hub Plexal is expanding its Cyber Runway programme with a new Ignite strand dedicated to supporting high-potential security leaders Continue Reading
-
News
24 Nov 2022
Not-for-profit aims to encourage 1,300 girls into cyber careers
CyNam, a not-for-profit cyber security initiative, is collaborating with industry, education providers and government to encourage young women into cyber Continue Reading
-
Opinion
24 Nov 2022
Your staff are the frontline in your ransomware fight
As part of a solid cyber defence plan, the CISO must make sure that the frontline within the organisation is prepared for an attack, says Theodore Wiggins of Airbus Protect Continue Reading
-
News
23 Nov 2022
UK police arrest 120 in largest-ever cyber fraud crackdown
The administrator and more than 100 users of the iSpoof.cc cyber fraud website have been arrested in a major counter-fraud operation led by the Metropolitan Police Continue Reading
-
News
23 Nov 2022
Red team tool developer slams ‘irresponsible’ disclosure
UK security firm MDSec defends its Nighthawk command and control penetration testing framework after suggestions were made that it could be appropriated by threat actors Continue Reading
-
News
22 Nov 2022
Killnet DDoS hacktivists target Royal Family and others
Russia-aligned hacktivists targeted multiple UK websites, including those of the Royal Family, in a new campaign of DDoS attacks Continue Reading
-
News
21 Nov 2022
Bug Bounty Calculator helps organisations fine-tune their payouts
Newly launched comparison tool will supposedly help operators of vulnerability disclosure or bug bounty programmes to ensure their payments match market rates and expectations, and attract the right sort of attention Continue Reading
-
News
18 Nov 2022
New gold standard to protect good faith hackers
HackerOne’s new Gold Standard Safe Harbour statement will supposedly act as a guarantee for good faith hacking Continue Reading
-
News
18 Nov 2022
CyberPeace Institute helps NGOs improve their security resilience
Adrien Ogée of the CyberPeace Institute talks about his work supporting NGOs and humanitarian organisations, and how the security community at large can help protect the world’s most vulnerable people Continue Reading
-
News
18 Nov 2022
Enterprises embrace SD-WAN but miss benefits of integrated approach to security
Research from managed network and security services provider finds virtually all enterprises have deployed software-defined wide area networks or plan to do so within the next 24 months, but nearly half reported they either don’t have security integrated with SD-WAN or have no specific SD-WAN security at all Continue Reading
-
News
17 Nov 2022
Another Log4Shell warning after Iranian attack on US government
The breach of a US federal body by an Iranian threat actor exploiting the Adobe Log4j Log4Shell vulnerability has prompted a fresh flurry of patching Continue Reading
-
News
16 Nov 2022
Global network fragmentation a source of increasing risk
Risk consultancy’s report says the weaponisation of cyber space and geopolitical clashes herald a breakdown of global networks into distinct regional or national architectures Continue Reading
-
Opinion
16 Nov 2022
Security Think Tank: Ransomware defences: An extended to-do list
Strategies to extend ransomware protection beyond backups and intrusion detection must centre dark web monitoring, among other things Continue Reading
-
Opinion
14 Nov 2022
Security Think Tank: Let’s be transparent about ransomware
Greater transparency regarding ransomware attacks, including details about attack methods used and what kinds of assets were compromised, would likely help the community prevent future attacks Continue Reading
-
News
11 Nov 2022
MoD recruits Immersive Labs to bolster cyber resilience
UK’s Ministry of Defence will run cyber drills and address its security talent gap with Immersive Labs’ CyberPro, Cyber Crisis Simulator and Application Security products Continue Reading
-
Opinion
11 Nov 2022
Security Think Tank: To stop ransomware, preparation is the best medicine
You can’t ‘stop’ ransomware, but you can do a lot to keep yourself from becoming ensnared when it strikes Continue Reading
-
News
09 Nov 2022
Optus earmarks A$140m to cover cost of data breach
Optus sets aside A$140m as an exceptional expense for a customer remediation programme following a massive data breach that affected 10 million customers Continue Reading
-
Definition
09 Nov 2022
piggybacking
Piggybacking, in the context of Wi-Fi, is the use of a wireless connection to gain access to the internet without proper authority. Continue Reading
-
Opinion
09 Nov 2022
Security Think Tank: Anti-ransomware strategies should be as easy as ABC
When developing and implementing ransomware protection strategies, the importance of paying thorough attention to security measures you might consider elementary cannot be understated Continue Reading
-
News
04 Nov 2022
Microsoft: Nation-state cyber attacks became increasingly destructive in 2022
The willingness of nation-state actors to conduct destructive cyber attacks is a source of grave concern, as Microsoft’s latest annual Digital Defence Report lays bare Continue Reading
-
News
03 Nov 2022
Microsoft pledges $100m in new IT support for Ukraine
Microsoft will continue to offer free-of-charge technology support to Ukraine for the foreseeable future Continue Reading
-
News
03 Nov 2022
Automated threats biggest source of cyber risk for retailers
Threat actors targeting retailers during the coming holiday season are increasingly turning to automated forms of cyber attack, according to a report Continue Reading
-
Opinion
02 Nov 2022
Security Think Tank: Know your networks, know your suppliers
To combat the ransomware scourge, we must work harder to monitor and learn from the increasingly complex threat environment, keep a closer eye on supply chains, and share our insights Continue Reading
-
News
01 Nov 2022
NCSC looks back on year of ‘profound change’ for cyber
The NCSC ramped up its support for UK plc in the past 12 months, but it was events beyond the UK’s borders that proved the most impactful Continue Reading
-
Opinion
31 Oct 2022
Security Think Tank: Container security: why so different?
Done well, container security can be a model for securing the enterprise, and businesses that focus their teams on solving it can help accelerate positive change in other areas Continue Reading
-
Opinion
28 Oct 2022
How has container security changed since 2020, and have we taken it too far?
While containers are now one of the most popular ways to deploy applications, it is fair to say that the adoption and implementation of security best practice to govern their use has not kept up Continue Reading
-
Feature
27 Oct 2022
Will the OCSF create an open and collaborative cyber industry?
The Open Cybersecurity Schema Framework promises to transform security data analysis and collection, but there are challenges around adoption Continue Reading
-
News
27 Oct 2022
NHS to get new national CISO
The Department for Health and Social Care is seeking a new national CISO, who will be tasked with providing strategic cyber leadership, direction and expertise across DHSC and the wider NHS Continue Reading
-
News
27 Oct 2022
Medibank breach casts spotlight on data security
Health insurer Medibank Private recently suffered a major data breach involving the personal and health information of millions of customers, once again casting the spotlight on data security in Australia Continue Reading
-
News
25 Oct 2022
US authorities charge two Chinese spies over telco security probe
Two Chinese nationals have been charged with attempting to obstruct the criminal prosecution of a prominent Chinese telecoms firm Continue Reading
-
News
20 Oct 2022
The Security Interviews: Why now for ZTNA 2.0?
With organisations facing escalating online threats, security teams need to improve their defences using zero-trust network access to preserve the integrity of their systems. Palo Alto Networks’ Simon Crocker shares his views on zero-trust network access Continue Reading
-
Feature
20 Oct 2022
VPN vs. zero trust vs. SDP: What's the difference?
For strong network security, many vendors say VPNs don't cut it anymore. Enter the zero-trust security model and SDPs. Continue Reading
-
News
20 Oct 2022
Cyber professional shortfall hits 3.4 million
Shortage of cyber security professionals continues to grow and shows no signs of abating, says report Continue Reading
-
Tip
19 Oct 2022
The future of VPNs in the enterprise
VPNs have been the workhorse of online connectivity. Enhancements to software and processing power in end devices will transform how companies use the technology going forward. Continue Reading
-
News
14 Oct 2022
Protecting children by scanning encrypted messages is ‘magical thinking’, says Cambridge professor
Ross Anderson argues in a rebuttal to GCHQ experts that using artificial intelligence to scan encrypted messaging services is the wrong approach to protecting children and preventing terrorism Continue Reading
-
News
14 Oct 2022
Australia becoming hotbed for cyber attacks
Research by Imperva shows an 81% increase in cyber security incidents in Australia between July 2021 and June 2022, including automated attacks that doubled in frequency Continue Reading
-
News
13 Oct 2022
Gartner: Remote work, zero trust, cloud still driving cyber spend
Security leaders are eager to spend on categories including remote and hybrid cyber offerings, zero-trust network access, and cloud Continue Reading
-
E-Zine
13 Oct 2022
CW Middle East: Qatar strengthens cyber defences ahead of FIFA World Cup
Being the first Arab country to host the World Cup is pressure enough on Qatar, but there is also a massive cyber security challenge associated with any event of this magnitude. Read about its preparations. Also in this issue, find out about the unique challenges of hiring IT professionals in Saudi Arabia. Continue Reading
-
News
12 Oct 2022
NCSC urges organisations to secure supply chains
NCSC’s latest guidance package centres supply chain security, helping medium to large organisations assess and mitigate cyber risks from suppliers Continue Reading
-
News
12 Oct 2022
French Supreme Court rejects EncroChat verdict after lawyers question secrecy over hacking operation
France’s Supreme Court has sent a case back to the court of appeal after police failed to disclose technical details of EncroChat hacking operation Continue Reading
-
Tip
11 Oct 2022
What is zero-trust network access? ZTNA basics explained
Zero-trust network access is touted as the solution to replace the VPN. As the potential future of network security, learn more about ZTNA, including its benefits and challenges. Continue Reading
-
News
10 Oct 2022
How Cloudflare is staying ahead of the curve
Cloudflare co-founder and CEO Matthew Prince talks up what has changed since the company’s first business plan was written in 2009 and how it keeps pace with the fast-moving network security landscape Continue Reading
-
Feature
05 Oct 2022
Air gaps for backup and how they help against ransomware
The air gap is a basic of backups and storage. We look at what’s meant by an air gap, the rise of the logical air gap, and its place in the fight against ransomware Continue Reading
-
Definition
05 Oct 2022
network security
Network security encompasses all the steps taken to protect the integrity of a computer network and the data within it. Continue Reading
-
News
05 Oct 2022
Inside Dell Technologies’ zero-trust approach
Dell Technologies’ zero-trust reference model starts with defining business controls and having a central control plane that manages all the security aspects of an organisation’s infrastructure Continue Reading
-
Tip
29 Sep 2022
The 5 principles of zero-trust security
Zero trust is a journey, not a destination. Ensure your corporate network is safe from internal and external threats by implementing these five principles of zero-trust security. Continue Reading
-
News
29 Sep 2022
Failure of Russia’s cyber attacks on Ukraine is most important lesson for NCSC
Russia has so far failed in its attempts to destabilise Ukraine through cyber attacks due to strength of Ukrainian, security industry and international efforts Continue Reading
-
News
28 Sep 2022
UK suffers third highest number of ransomware attacks globally
Based on an analysis of around 5,000 ransomware incidents, NordLocker has found that UK businesses, and small businesses in particular, are a priority target for ransomware gangs Continue Reading
-
News
28 Sep 2022
Most hackers exfiltrate data within five hours of gaining access
Insights from more than 300 sanctioned adversaries, otherwise known as ‘ethical’ hackers, reveal that around two-thirds are able to collect and exfiltrate data within just five hours of gaining access Continue Reading
-
News
27 Sep 2022
Fraudsters adapt phishing scams to exploit cost-of-living crisis
Around 80,000 Brits a month are falling victim to phishing attacks as fraudsters switch up tactics to take advantage of cost-of-living crisis and behavioural changes prompted by pandemic Continue Reading
-
Definition
23 Sep 2022
Google dork query
A Google dork query, sometimes just referred to as a dork, is a search string or custom query that uses advanced search operators to find information not readily available on a website. Continue Reading
-
News
23 Sep 2022
Threat actors abused lack of MFA, OAuth in spam campaign
Microsoft threat researchers have reported on a series of cyber attacks in which enterprises with lax IAM policies had their systems hijacked to conduct spam email campaigns Continue Reading
-
News
22 Sep 2022
Nordic private equity firms pursue cyber security acquisitions
Increasing interest in the security sector from Nordic private equity firms is a reflection of growing threats and increasing enterprise security budgets Continue Reading
-
News
22 Sep 2022
Privacy Pledge signatories dream of alternative internet
A group of privacy-focused organisations have come together to establish a set of principles for taking the internet back from big tech and surveillance capitalism Continue Reading
-
News
20 Sep 2022
Reports Uber and Rockstar incidents work of same attacker
Rockstar Games was hit over the weekend by an attacker who claimed to have accessed its Slack channel to steal data on an upcoming release, and may be the same person who compromised Uber Continue Reading
-
Definition
19 Sep 2022
cryptojacking
Cryptojacking is a cybercrime in which another party's computing resources are hijacked to mine cryptocurrency. Continue Reading
-
News
16 Sep 2022
Six new vulnerabilities added to CISA catalogue
CISA adds six new vulnerabilities to its most-wanted list, including one that dates back to 2010 Continue Reading
-
News
16 Sep 2022
Uber suffers major cyber attack
Details are trickling out of an apparent ‘near total’ compromise of ride-sharing service Uber by an alleged teenage hacktivist Continue Reading
-
News
15 Sep 2022
Nominations closing soon for annual cyber awards
Nominations for the annual Security Serious Unsung Heroes Awards closes 16 September Continue Reading
-
News
15 Sep 2022
US charges three Iranians over CNI cyber attacks
Three Iranian nationals have been indicted over a spate of ransomware attacks against organisations in the US, UK, Israel and Iran Continue Reading
-
News
14 Sep 2022
FormBook knocks Emotet off top of malware chart
FormBook emerged as the most widely seen malware in August, according to Check Point’s latest data Continue Reading
-
News
14 Sep 2022
Microsoft patches 64 vulnerabilities on September Patch Tuesday
Microsoft drops fixes for five critical vulnerabilities and one zero-day in its latest monthly update Continue Reading
-
News
14 Sep 2022
DDoS attacks on UK financial sector surged during Ukraine war
A quarter of cyber security incidents reported to the Financial Conduct Authority in the first six months of 2022 involved DDoS, with a likely link to events in Ukraine Continue Reading
-
News
13 Sep 2022
Cloud compromise a doddle for threat actors as victims attest
Two separate studies into the state of public cloud security reveal insight into the ease with which threat actors can compromise vast numbers of targets, and some of the challenges security teams are facing in the cloud Continue Reading
-
News
13 Sep 2022
Cisco confirms leaked data was stolen in Yanluowang ransomware hit
Cisco has confirmed that data leaked last week by the Yanluowang ransomware gang was that stolen during a May 2022 cyber attack Continue Reading
-
News
12 Sep 2022
CISOs should spend on critical apps, cloud, zero-trust, in 2023
Faced with a global recession next year, security buyers should try to direct investment towards technology that protects customer-facing and revenue-generating workloads, say analysts Continue Reading
-
News
08 Sep 2022
NCSC CyberUK event heads to Belfast in 2023
National Cyber Security Centre’s annual CyberUK roadshow is crossing the Irish Sea to Belfast in April 2023 Continue Reading
-
News
08 Sep 2022
Chinese APT using PlugX malware on espionage targets
China’s Bronze President APT is once again targeting government officials of interest to its paymasters, this time using forged diplomatic correspondence, according to the Secureworks Counter Threat Unit Continue Reading
-
News
08 Sep 2022
Dutch cyber security organisations to join forces
Cyber security organisations in the Netherlands are going to merge into a single central expertise centre and information hub, which all organisations in the country will soon be able to tap into Continue Reading
-
News
07 Sep 2022
August ’22 a bumper month for high-impact vulnerabilities
Bugs in products from Apple, Google, Microsoft and VMware dominated the threat landscape in August, says Recorded Future Continue Reading
-
News
07 Sep 2022
Prince’s Trust teams with threat management specialist in skills push
Prince’s Trust hopes to address shortfall in cyber professionals and improve diversity in the industry Continue Reading
-
News
07 Sep 2022
Hotel group IHG confirms cyber attack after two-day outage
IHG, the operator of hotel chains Crowne Plaza, Holiday Inn, Intercontinental and Kimpton, says it has been targeted by an unknown threat actor Continue Reading
-
News
07 Sep 2022
Cyber threats to Europe’s grid: Utilities rethink strategy
The separation of operational and information technology at utilities across Europe is opening doors for cyber criminals Continue Reading
-
News
01 Sep 2022
New (ISC)² cyber careers schemes go live
(ISC)² has opened up two new global cyber careers schemes to applicants to try to help organisations fill 2.7 million vacant roles worldwide Continue Reading
-
News
30 Aug 2022
UK government presses on with new cyber rules for telcos
Government has finalised new security rules for telecoms companies and will move to make them binding in the near future Continue Reading
-
News
24 Aug 2022
Most CISOs think they’ve been attacked by a nation state
Most organisations have made changes to their cyber strategies and policies following Russia’s invasion, and almost two-thirds suspect they have been directly targeted or impacted by a nation-state cyber attack Continue Reading
-
News
24 Aug 2022
Alleged Twitter security failings spell trouble ahead
Twitter’s former security head, Peiter Zatko, has alleged a number of serious cyber failures at the social media platform, raising the spectre of investigations and sanctions Continue Reading