News

Endpoint security

• July 11, 2024 11 Jul'24

  Dutch research firm TNO pictures the SOC of the future

  In only a few years, security operations centres will have a different design and layout, and far fewer will remain

• July 09, 2024 09 Jul'24

  Chinese spies target vulnerable home office kit to run cyber attacks

  China’s APT40 is ramping up targeting of victims using vulnerable small and home office networking kit as command and control infrastructure, according to an international alert

• July 09, 2024 09 Jul'24

  Lessons from war: How Israel is fighting Iranian state-backed hacking

  The general director of the Israel National Cyber Directorate talks about the rise in cyber attacks and what lessons the country has gleaned to defend against hacking from foreign parties

• June 26, 2024 26 Jun'24

  Israel’s cyber chief calls for international front against Iranian hackers

  Israel’s cyber chief has called for international action against Iran over state-backed hacking

• June 21, 2024 21 Jun'24

  Kaspersky says it can continue to sell cyber threat intelligence in spite of US ban

  The US government is stopping Kaspersky Lab from offering its antivirus software and cyber security tools to US firms and citizens

• June 12, 2024 12 Jun'24

  RCE flaw and DNS zero-day top list of Patch Tuesday bugs

  An RCE vulnerability in a Microsoft messaging feature and a third-party flaw in a DNS authentication protocol are the most pressing issues to address in Microsoft’s latest Patch Tuesday

• June 07, 2024 07 Jun'24

  Sophos uncovers Chinese state-sponsored campaign in Southeast Asia

  Sophos found three distinct clusters of activity targeted at a high-level government organisation that appeared to be tied to Chinese interests in the South China Sea

• May 22, 2024 22 May'24

  Rockwell urges users to disconnect ICS equipment

  ICS systems maker Rockwell Automation calls on users to take steps to secure their equipment, and reminds them there is no reason to ever have its hardware connected to the public internet, as it tracks an increase in global threat activity

• May 15, 2024 15 May'24

  GCHQ to protect politicians and election candidates from cyber attacks

  The National Cyber Security Centre, part of GCHQ, to protect election candidates from hostile state cyber attacks

• May 06, 2024 06 May'24

  Microsoft beefs up cyber initiative after hard-hitting US report

  Microsoft is expanding its recently launched Secure Future Initiative in the wake of a hard-hitting US government report on recent nation state intrusions into its systems

• April 30, 2024 30 Apr'24

  Bad bot traffic in Australia grew 23% in 2023

  Traffic from bad bots that perform malicious tasks accounted for 30.2% of Australia’s internet traffic in 2023

• April 29, 2024 29 Apr'24

  UK’s long-awaited device security law kicks in

  The Product Security and Telecommunications Infrastructure Act has become law across the UK, enforcing basic cyber security standards across connected products sold to the public

• April 25, 2024 25 Apr'24

  Zero trust is a strategy, not a technology

  Zero-trust security should be seen as a strategy to protect high-value assets and is not tied to a specific technology or product, says the model’s creator John Kindervag

• April 24, 2024 24 Apr'24

  Cyber training leader KnowBe4 to buy email security firm Egress

  Security awareness training and phishing simulation specialist KnowBe4 is to buy email security expert Egress

• April 23, 2024 23 Apr'24

  GooseEgg proves golden for Fancy Bear, says Microsoft

  Microsoft’s threat researchers have uncovered GooseEgg, a never-before-seen tool being used by Forest Blizzard, or Fancy Bear, in conjunction with vulnerabilities in Windows Print Spooler

• April 18, 2024 18 Apr'24

  CSA warns of emerging security risks with cloud and AI

  Few users appreciate the security risks of cloud and have the expertise to implement the complex security controls, says CSA chief executive David Koh

• April 16, 2024 16 Apr'24

  CW Innovation Awards: Balancing security and user experience

  The National University of Singapore’s Safe initiative has strengthened the security of IT systems and end-user devices while prioritising user experience through passwordless access

• April 12, 2024 12 Apr'24

  Apple iPhone security alert renews spyware concerns

  An Apple security alert received by users in 92 countries raises fresh fears over ongoing campaigns by users of mercenary spyware products

• April 10, 2024 10 Apr'24

  Breakthrough may herald secure home quantum computing

  An emerging approach to quantum security dubbed blind quantum computing may one day help spur mass adoption of quantum computing safely and securely, using technology that is already available today

• April 10, 2024 10 Apr'24

  Patch Tuesday: Windows Server 2008 receives emergency security patch

  Support for the OS ended in 2020, but four years on and there's a live exploit of a security flaw that impacts all Windows users

• April 08, 2024 08 Apr'24

  What Cisco’s Splunk acquisition means for APAC customers

  APAC organisations can expect better visibility and insights into their networks and applications along with automation and response capabilities to improve their digital resilience

• April 05, 2024 05 Apr'24

  How Oracle Red Bull Racing guards against cyber threats

  The F1 team is tapping managed security services, conducting penetration tests and improving security awareness among employees to fend off cyber threats such as phishing and ransomware

• April 03, 2024 03 Apr'24

  RDP abused in over 90% of cyber attacks, Sophos finds

  Threat actors continue to see great success using simple, tried and tested methods, and many defenders are failing to do the basics

• April 03, 2024 03 Apr'24

  Ransomware kill switch may save 99% of files from encryption

  MDR specialist Adlumin says its new features will help customers stop in-progress ransomware attacks before they can cause significant damage

• March 28, 2024 28 Mar'24

  UK plc going backwards on cyber maturity, Cisco report claims

  Fewer UK organisations believe their cyber security postures have reached a mature level than did so 12 months ago, as they struggle to keep up with new challenges and a fast-evolving threat landscape

• March 28, 2024 28 Mar'24

  Counter-eavesdropping agency unlawfully used surveillance powers to identify journalist’s source

  More than 750 journalists had their communications data accessed by law enforcement and government agencies between 2018 and 2022

• March 26, 2024 26 Mar'24

  WikiLeaks founder Julian Assange given temporary reprieve over extradition

  Court seeks assurances from the US that Assange will be given First Amendment Rights, will not prejudiced at trial because of his nationality, and will not be subject to the death penalty

• March 19, 2024 19 Mar'24

  Australia’s cyber security spending to grow 11.5% this year

  Highly publicised cyber attacks and growing regulatory obligations are keeping security and risk top of mind for Australian organisations this year, says Gartner

• March 12, 2024 12 Mar'24

  More DDoS attacks launched against APAC financial firms

  The financial sector in Asia-Pacific saw more DDoS attacks in 2023, but no notable impact was reported, according to a report by Akamai and FS-ISAC

• March 06, 2024 06 Mar'24

  Apple patches zero-days amid ‘foundational’ post-quantum update

  Apple’s iOS 17.4 update not only fixes zero-day flaws that are being actively exploited, but includes important new security protocols to safeguard users against future attacks

• March 06, 2024 06 Mar'24

  Nation states buying hacking tools from underground Russian cyber forums

  State-sponsored hacking groups, posing as hacktivists, are using Russian cyber crime forums to stock up on cyber weapons, says Check Point Software’s threat analyst, Sergey Shykevich

• March 05, 2024 05 Mar'24

  American Express customers exposed through third-party breach

  US card giant warns customers that their personal details may have been exposed after a third party experienced a systems breach

• March 01, 2024 01 Mar'24

  Fancy Bear sniffs out Ubiquiti router users

  The authorities have warned users of Ubiquiti EdgeRouter products to take remedial action after a number of devices were hijacked into a malicious botnet by a Russian cyber espionage unit

• February 27, 2024 27 Feb'24

  Black Basta and Bl00dy ransomware gangs exploiting ConnectWise vulns

  More ransomware gangs have been observed exploiting two dangerous vulnerabilities in ConnectWise ScreenConnect software, prompting new warnings for users to get patching

• February 26, 2024 26 Feb'24

  Storage and backup spend in 2024 targets risk and resilience

  The TechTarget and ESG spending intentions survey finds big bias towards averting risk and building organisational resilience, but on-premise storage a significant planned outlay

• February 22, 2024 22 Feb'24

  Toshiba and Orange test quantum encryption on traditional network

  Researchers used QKD on a fibre-optic network spanning 184km to show how the technology could be used to secure networks cost-effectively

• February 15, 2024 15 Feb'24

  Security-by-design push prompts new ISC2 accreditations

  Security-by-design has become a hot-button regulatory issue. ISC2 has decided now is the time to upskill cyber pros around these vital software and hardware development principles

• February 01, 2024 01 Feb'24

  US government disrupts Chinese botnet containing hundreds of end-of-life Cisco and Netgear routers

  The US government has succeeded in halting a botnet comprised of hundreds of end-of-life routers that posed a threat to critical national infrastructure (CNI) organisations in multiple countries

• January 24, 2024 24 Jan'24

  WebKit vulnerability sparks Apple’s first major security update of 2024

  A zero-day in the open source WebKit browser engine that powers Safari has sparked Apple’s first major patch roll-out of the new year

• January 24, 2024 24 Jan'24

  Inside Cisco’s security platform strategy

  Raj Chopra, senior vice-president of Cisco’s security business, outlines the company’s security platform strategy and how it brought different products together into a single platform

• January 23, 2024 23 Jan'24

  SEC bitcoin hack was result of SIM-swapping

  A cyber attack on the US financial regulator earlier in January 2024 occurred after hackers took over one of its mobile phone accounts in a so-called SIM-swapping attack

• January 16, 2024 16 Jan'24

  Kaspersky shares Pegasus spyware-hunting tool

  Kaspersky has developed a way of easily exposing the presence of Pegasus spyware on iOS devices and believes its methodology may also help users identify other such surveillance malware

• January 15, 2024 15 Jan'24

  Russia hacked ex-MI6 chief’s emails – what they reveal is more Dad’s Army than deep state

  A Russian hacking group that published emails of ex-MI6 chief Richard Dearlove claimed to have uncovered a conspiracy, but it was more Dad’s Army than the ‘deep state’, Computer Weekly and Byline Times reveal

• January 15, 2024 15 Jan'24

  NCA director sacked after WhatsApp and email security breaches

  Nikki Holland, former director of investigations at the NCA, was sacked for “misconduct” after sending sensitive NCA information over personal email and WhatsApp

• January 11, 2024 11 Jan'24

  Cisco fixes high-impact flaw in unified comms platform

  Cisco unified comms customers are urged to patch a critical vulnerability in Unity Connection, a messaging and voicemail product

• January 09, 2024 09 Jan'24

  Study reveals cyber risks to US elections

  With the 2024 US presidential election cycle beginning, a study produced by Arctic Wolf has highlighted big gaps in preparedness and resourcing at government bodies across the US

• January 04, 2024 04 Jan'24

  Celona and Palo Alto partner to enhance private 5G network security

  Wireless services specialist Celona and security firm Palo Alto Networks are coming together to enhance device protection for organisations operating private mobile networks

• January 02, 2024 02 Jan'24

  Cloudflare eyes GenAI workloads with Workers AI

  Cloudflare’s Workers developer platform is touted to make it easier for organisations to deploy GenAI capabilities at the edge to speed up inferencing

• December 27, 2023 27 Dec'23

  Top 10 ASEAN IT stories of 2023

  Organisations across the region have continued to shore up their cyber security posture while investing in infrastructure to pave the way for emerging technologies like GenAI

• December 21, 2023 21 Dec'23

  Top 10 cyber crime stories of 2023

  Ransomware gangs dominated the cyber criminal underworld in 2023, a year that will prove notable for significant evolutionary trends in their tactics