News

Identity and access management products

• December 05, 2019 05 Dec'19

  Aviatrix VPN vulnerability left user endpoints wide open

  Immersive Labs has disclosed a serious vulnerability in VPN supplier Aviatrix’s enterprise client that could have granted hackers elevated user privileges across enterprise targets

• December 03, 2019 03 Dec'19

  Chinese web users take more risks than Brits or Americans

  A research paper published by the University of Birmingham seems to show that differences in cultural values have an impact both on risky behaviour online and legal regulation

• November 29, 2019 29 Nov'19

  Cyber criminal RAT busted by cops

  Police forces around the UK have arrested nine people as part of an international operation targeting users of a remote access trojan

• November 29, 2019 29 Nov'19

  TfL locks down Oyster accounts to ward off credential stuffing

  Mandatory password reset for all travellers who use Oyster and contactless payment systems follows minor breach incident earlier in 2019

• November 28, 2019 28 Nov'19

  Top APAC security predictions for 2020

  More attacks on critical infrastructure, supply chain vulnerabilities and file-less attacks are some of the security threats that enterprises should keep an eye on next year

• November 25, 2019 25 Nov'19

  Uber app exploit posed safety risk to passengers

  A flaw in Uber’s system meant thousands of trips in London were taken with unauthorised drivers at the wheel

• November 20, 2019 20 Nov'19

  Massive increase in fraud attacks on TSB customers during IT meltdown

  There was a massive spike in attempts by fraudsters to steal from TSB customers when the bank’s IT systems failed in 2018

• November 13, 2019 13 Nov'19

  11 new 5G hacks enable user device tracking and monitoring

  Researchers at Purdue University and the University of Iowa publish details of several new 5G mobile network vulnerabilities

• November 13, 2019 13 Nov'19

  Finnish biometric identity plans for seamless air travel

  Finnair and Finavia explore options for automatic digital identification and authentication of air travellers

• November 12, 2019 12 Nov'19

  Nordic SMEs lack the money needed for cyber security

  Businesses and governments in Denmark and Norway are working together to address a cyber security shortfall for SMEs in each country

• November 11, 2019 11 Nov'19

  Australia’s productivity woes pinned on poor employee experience

  Research by Ricoh suggests that the lukewarm view of employee experience among IT leaders is part of the reason for Australia’s declining productivity

• November 05, 2019 05 Nov'19

  Ransomware authors seeking new ways to avoid being spotted

  Sector analysis from Sophos has revealed some insight into how malware authors are adapting to thwart cyber security controls

• October 31, 2019 31 Oct'19

  Facebook agrees to pay £500,000 fine over Cambridge Analytica data law breaches

  Social media giant also promises to change the way its platform is used to protect people’s data

• October 24, 2019 24 Oct'19

  Endpoint security is a procurement issue, says HP, IDC study

  Report warns that buyers are falling at the first hurdle on security by not including it in their endpoint RFPs and tenders

• October 23, 2019 23 Oct'19

  Take responsibility for cyber security basics, urges NCSC CEO

  At the launch of its third annual review, NCSC head Ciaran Martin appealed for individuals and businesses to address the fundamentals of cyber security hygiene to help lighten the load

• October 22, 2019 22 Oct'19

  Banks move to contain impact of Samsung biometric flaw

  NatWest and Nationwide have moved to lock down their mobile banking apps after Samsung warned of a biometric security flaw on its Galaxy and Note S10 devices

• October 22, 2019 22 Oct'19

  Over-30s tend to do better at cyber security than younger colleagues

  Attitudes to workplace cyber security differ by age group, but not in the way one might imagine, according to a new study by NTT Security

• October 21, 2019 21 Oct'19

  Equifax lawsuit offers more evidence against passwords

  Equifax’s internal security policies were a mess and directly led to one of the largest recorded data breaches in history, according to a lawsuit, demonstrating fundamental insecurities inherent in the use of passwords

• October 18, 2019 18 Oct'19

  Huge rise in rogue banking apps driving fraud attacks

  Fraud perpetrated through fake mobile apps purporting to be from legitimate banks has seen a statistically significant spike, says RSA

• October 18, 2019 18 Oct'19

  Amazon consumer devices vulnerable to two-year-old exploit

  Millions of older Amazon Echo and Kindle devices are still susceptible to a Wi-Fi vulnerability that was first disclosed in 2017

• October 16, 2019 16 Oct'19

  Sweden’s first GDPR fine sets regulatory tone

  Secondary school fined for breaching General Data Protection Regulation, signalling the attitude of Sweden’s Data Protection Authority

• October 14, 2019 14 Oct'19

  Private equity swoops on Sophos

  British cyber security star picked up by technology sector investors for $3.9bn

• October 08, 2019 08 Oct'19

  How APAC enterprises can keep pace with container security

  For all the promises of containers, changes in architecture and practices associated with the technology bring new challenges and opportunities

• October 08, 2019 08 Oct'19

  IBM, McAfee among founders of open source security alliance

  A group of cyber security suppliers have come together to form the Open Cybersecurity Alliance

• October 03, 2019 03 Oct'19

  LogRhythm touts unlimited data plan for SIEM systems

  SIEM supplier introduces three-year, term-based pricing plan that lets enterprises ingest as much data as they want without breaking the bank

• October 03, 2019 03 Oct'19

  Local authorities hit by 800 cyber attacks every hour

  Local authorities and councils in the UK have reported being hit by more than 263 million cyber attacks in the first six months of this year

• October 03, 2019 03 Oct'19

  New threat group behind Airbus cyber attacks, claim researchers

  Context Information Security’s threat intel and response teams says it has evidence that the recent supply chain attacks on Airbus are the work of a newly identified group called Avivore

• September 30, 2019 30 Sep'19

  CIO interview: Michael Ibbitson, executive VP for technology and infrastructure, Dubai Airports

  Former CIO at Gatwick Airport took flight to the Middle East three years ago, and is using data to transform the technology and infrastructure at Dubai Airports

• September 27, 2019 27 Sep'19

  ABN Amro investigation lends weight to anti-money laundering collaboration by Dutch banks

  Dutch authorities are investigating ABN Amro for possible failures to monitor and report potential money laundering activity

• September 27, 2019 27 Sep'19

  Five million DoorDash customers’ details lost in data breach

  Takeaway delivery service was breached in May 2019, resulting in the data of millions of users and delivery drivers being stolen

• September 26, 2019 26 Sep'19

  Overinvestment breeds overconfidence among security pros

  CISOs have made an abundance of security investments in multiple suppliers, but this might not be the right approach

• September 24, 2019 24 Sep'19

  Singapore payment card data compromised by JavaScript sniffers

  Raw data of thousands of payment cards issued by Singapore banks stolen by the online equivalent of a traditional card sniffer

• September 24, 2019 24 Sep'19

  Google pushes back on scale of YouTube phishing threat

  Millions of YouTubers may be at risk after some high-profile influencers reported their accounts were compromised in an apparent phishing attack, but the platform’s owner, Google, is not so sure

• September 18, 2019 18 Sep'19

  Universities tempting targets for cyber criminals, warns NCSC

  As hundreds of thousands of students prepare for the new academic year, universities have been warned that they are at high risk of cyber attack

• September 17, 2019 17 Sep'19

  Ecuador citizens’ data breach holds lessons for enterprises

  What caused the mass breach of Ecuadorian citizens’ data, and what can businesses learn from it?

• September 16, 2019 16 Sep'19

  Ensign InfoSecurity opens global headquarters in Singapore

  The Singapore-based cyber security firm’s new headquarters will also be home to a new security operations centre that will be supported by Singapore-centric threat intelligence

• September 13, 2019 13 Sep'19

  European court to decide on legality of bulk phone and internet surveillance

  The European Court of Justice will decide whether intelligence agencies across Europe can continue to lawfully collect the telephone and internet communications data of citizens, following a two-day hearing this week

• September 13, 2019 13 Sep'19

  Dutch banks to work together in fight against money laundering

  Dutch banks are sharing expertise and resources to help reduce money laundering through their accounts

• September 03, 2019 03 Sep'19

  At least 47,000 servers vulnerable to remote attack

  All organisations using Supermicro servers are being urged to update firmware to block remote attacks exploiting vulnerabilities in baseboard management controllers

• August 29, 2019 29 Aug'19

  Finland’s security agencies collaborate after cyber attacks

  National Bureau of Investigations and National Cyber Security Centre aim to increase expertise and capability to defend Finland’s critical IT infrastructure

• August 23, 2019 23 Aug'19

  Three more identity providers to withdraw from troubled Gov.uk Verify programme

  Three of the five companies supporting the government's troubled digital identity scheme are pulling out, raising further questions over the viability of the £175m programme

• August 21, 2019 21 Aug'19

  Silence APT group eyes APAC banks

  Russian-speaking advanced persistent threat group has set its sights on banks in the region, customising its arsenal for targeted attacks

• August 19, 2019 19 Aug'19

  How EDR is moving beyond the endpoint

  An emerging breed of detection and response offerings is going beyond endpoints to collect and decipher telemetry data from across the enterprise

• August 16, 2019 16 Aug'19

  Google finds that web users log in with compromised credentials

  People continue to use passwords that have been breached. Google has proposed a protocol, which could warn them if their credentials have been stolen

• August 16, 2019 16 Aug'19

  Passwordless enterprise already possible, says RSA

  The passwordless enterprise is getting easier to attain as the security industry gears up to support a passwordless future, says RSA’s identity chief

• August 15, 2019 15 Aug'19

  Australia needs to get digital identity right

  A top Ping Identity executive urges Australia to put more focus on digital identity management following the government’s efforts to lay the groundwork for an open banking regime

• August 14, 2019 14 Aug'19

  Publicly accessible biometric database highlights key failings

  The discovery of a publicly accessible database of biometric information highlights failings by the supplier, the need for supply chain security, and the challenges of using biometric data

• August 14, 2019 14 Aug'19

  DCMS funding aims to increase diversity in cyber sector

  A funding round has been announced as part of the Cyber Skills Immediate Impact Fund (CSIIF) with aims of encouraging more diverse talent into the UK’s cyber security sector

• August 14, 2019 14 Aug'19

  GDPR faces growing pains across Europe

  The General Data Protection Regulation is over a year old now, but it faces challenges across Europe where compliance has taken place at different speeds

• August 14, 2019 14 Aug'19

  Digital domain identified as major security threat by Norway’s intelligence service

  Norway's intelligence services has revealed the extent of the threat posed to the country by cyber attacks