News

Network security management

• July 26, 2021 26 Jul'21

  No More Ransom initiative saves £850m over five years

  Initiative’s free ransomware decryption tools have been used by more than six million people since 2016

• July 25, 2021 25 Jul'21

  Tokyo 2020 hit by data breach

  The user names and passwords of Tokyo 2020 ticket holders and event volunteers were reportedly compromised, but government official claims the data leak was not large

• July 19, 2021 19 Jul'21

  UK, US confirm Chinese state backed MS Exchange Server attacks

  UK and US governments, alongside the EU and Nato, have formally attributed the March 2021 Microsoft Exchange Server attacks to Chinese state-backed actors

• July 19, 2021 19 Jul'21

  Pegasus mobile RAT abused to monitor journalists and activists

  Israel-based surveillance specialist NSO Group is facing renewed pressure after it emerged its Pegasus mobile surveillance tool may be being widely abused by repressive regimes

• July 16, 2021 16 Jul'21

  Legacy SonicWall kit exploited in ransom campaign

  Users of older versions of SonicWall Secure Mobile Access 100 and Secure Remote Access products are at risk from a new ransomware campaign

• July 15, 2021 15 Jul'21

  Privacy Shield: US surveillance law reforms essential for EU-US data, says EU parliamentary study

  EU Committee on Civil Liberties, Justice and Home Affairs study calls for major reforms of US spying laws to enable an EU-US data-sharing agreement to replace Privacy Shield

• July 15, 2021 15 Jul'21

  Singapore to invest S$50m in ‘digital trust’ capabilities

  The Singapore government is pumping in S$50m to bolster research in technologies that will foster digital trust in areas such as privacy protection and identity management

• July 14, 2021 14 Jul'21

  REvil ransomware crew drops offline, reasons murky

  The REvil ransomware operation appears to have gone dark, but claims about its demise are almost certainly exaggerated

• July 14, 2021 14 Jul'21

  Multiple Microsoft bugs being actively exploited

  Microsoft’s July Patch Tuesday update fixes 117 vulnerabilities, 13 rated as critical and four already being actively exploited

• July 13, 2021 13 Jul'21

  Modipwn vulnerability puts millions of building systems at risk

  Authentication bypass vulnerability in a Schneider Electric product could lead to device takeover

• July 13, 2021 13 Jul'21

  Secureworks sets up in EU datacentre for XDR services

  New datacentre location helps Secureworks’ customers meet EU data residency requirements

• July 12, 2021 12 Jul'21

  Kaseya VSA services coming online after week-long outage

  Kaseya has successfully deployed a patch to its ransomware-hit VSA product as per a revised schedule, and customers are beginning to come back online

• July 12, 2021 12 Jul'21

  NSW department of education hit by cyber attack

  Australia’s New South Wales department of education takes some systems offline as a precautionary measure in response to a cyber attack last Thursday

• July 11, 2021 11 Jul'21

  Ransomware and botnets among top cyber threats in Singapore

  The city-state saw more ransomware threats and command-and-control servers hosted out of its highly connected network infrastructure last year, as threat actors capitalised on the pandemic

• July 08, 2021 08 Jul'21

  PrintNightmare haunts Microsoft as patch may miss mark

  Microsoft dropped an out-of-band patch to fix PrintNightmare, but there are concerns it may not be totally effective. This does not mean it shouldn’t be applied

• July 07, 2021 07 Jul'21

  Opportunists seen targeting Kaseya REvil victims

  Malwarebytes researchers highlight new spam campaign targeting businesses impacted by the ongoing Kaseya REvil ransomware incident

• July 06, 2021 06 Jul'21

  BA reaches settlement in data breach group action

  A group action against BA following its 2018 data breach has been successfully settled

• July 02, 2021 02 Jul'21

  Cyber attackers up the ante on embattled IT teams

  Opportunistic threat actors are pouncing on embattled IT teams that are under pressure to expand remote work arrangements

• July 01, 2021 01 Jul'21

  US Cybersecurity and Infrastructure Security Agency launches ransomware assessment tool

  Newly launched service will help US organisations understand how prepared they are to deal with a ransomware attack

• July 01, 2021 01 Jul'21

  Cyber espionage campaign targeted central Asian states

  The Afghan, Kyrgyz and Uzbek governments are all thought to have been targeted by the same APT

• July 01, 2021 01 Jul'21

  Nominations open for 2021 Security Serious Unsung Heroes Awards

  Nominations are now open for this year’s edition of the Unsung Heroes Awards for cyber professionals and educators

• June 30, 2021 30 Jun'21

  Cops seize criminal VPN used by ransomware gangs

  A coordinated sting has ended the operations of the DoubleVPN service, the owners of which are accused of harbouring cyber criminal activity

• June 29, 2021 29 Jun'21

  New Nobelium attacks a reminder to attend to cyber basics

  A new campaign from the same threat group that broke into SolarWinds serves as a reminder that cyber crime gangs will try to exploit any avenue they can, even if technically unsophisticated

• June 28, 2021 28 Jun'21

  UK’s FCA bans crypto exchange Binance as crackdown spreads

  Ban on Binance Markets comes amid a wider global crackdown on the largely unregulated global market for cryptocurrencies and related assets.

• June 28, 2021 28 Jun'21

  Lazada rolls out public bug bounty programme

  Regional e-commerce giant Lazada is looking to uncover more vulnerabilities that could compromise data security in a public bug bounty programme that offers up to $10,000 per bounty

• June 24, 2021 24 Jun'21

  Make ransomware payments illegal, say 79% of cyber pros

  Report produced for MSSP Talion claims overwhelming support for the criminalisation of ransomware payments

• June 23, 2021 23 Jun'21

  City of York picks Barracuda Networks for data protection

  York Council needed to refresh its backup service to bring new security protections after it went ‘all-in’ on Microsoft Office 365

• June 23, 2021 23 Jun'21

  Time to patch increases significantly during pandemic

  New data from US-based endpoint management specialist Automox reveals some of the challenges security teams face in keeping up with endpoint security

• June 22, 2021 22 Jun'21

  Cloudflare announces new integrations with Microsoft, others

  New security integrations with Microsoft Azure Sentinel, Splunk, Datadog and Sumo Logic will supposedly make it easier for users to analyse network security data

• June 22, 2021 22 Jun'21

  Innova and RISE drive node development in Sweden

  Swedish cyber security project, National Node, opens its doors to the country’s security firms

• June 22, 2021 22 Jun'21

  UK SMEs lack capacity to fend off cyber attacks

  Three-quarters of UK SME leaders would not have sufficient capacity or expertise to deal with a cyber attack, according to a report

• June 18, 2021 18 Jun'21

  Lorca Ignite programme targets breakout cyber talent

  Six of the most successful companies to have come through Lorca’s existing accelerators are being inducted into an intensive programme

• June 18, 2021 18 Jun'21

  Carnival Cruises hit by fourth cyber incident in a year

  Latest data breach at Covid-hit cruise line comes hot on the heels of two recent ransomware attacks and a spring 2020 breach

• June 17, 2021 17 Jun'21

  UnitingCare Queensland restores IT systems after cyber attack

  Australian healthcare service provider has restored key corporate systems and integrations between applications following a cyber attack earlier this year

• June 15, 2021 15 Jun'21

  The Security Interviews: How to build a government model to ‘hack for good’

  Kyle Hanslovan started Huntress to give back after a career in the intelligence sector. After US authorities took action to help people hit by the Microsoft Exchange attacks, we discussed how governments can ‘hack for good’

• June 11, 2021 11 Jun'21

  FBI planned a sting against An0m cryptophone users over drinks with Australian investigators

  Australian Federal Police and the FBI came up with the idea over drinks: build a cryptophone network with a built-in backdoor and sell it to crime gangs around the world

• June 11, 2021 11 Jun'21

  UK promises tougher line on cyber crime

  Speaking ahead of the G7 Summit, foreign secretary Dominic Raab says the UK is ready to take on cyber criminals and other malicious actors wherever they may be

• June 10, 2021 10 Jun'21

  Australian organisations face heightened cyber attacks

  Nearly three in four Australian organisations experienced cyber attacks that largely resulted from a growing remote workforce in 2020

• June 09, 2021 09 Jun'21

  FBI arrests distributors accused of selling An0m encrypted phones to crime groups

  Working with overseas law enforcement, the FBI has arrested eight people and named a further 13 accused of distributing An0m phones to organised crime groups

• June 07, 2021 07 Jun'21

  DNS attacks on the rise in APAC

  Attacks on the domain name system in Asia-Pacific grew by 15% last year, with Malaysian organisations seeing the sharpest rise in damages among countries in the region

• June 04, 2021 04 Jun'21

  Secrecy around EncroChat cryptophone hack breaches French constitution, court hears

  French lawyers claim that investigators are unlawfully withholding details of a cryptophone hacking operation in a case that could impact UK prosecutions

• June 03, 2021 03 Jun'21

  Reports raise alarm over Huawei access to Dutch networks

  Espionage accusations raise security questions for Netherlands organisations using Chinese supplier’s equipment and services

• June 03, 2021 03 Jun'21

  Norway’s auditor general lifts lid on energy industry’s cyber security risks

  Auditor General’s Office questions the security posture of Norway’s energy industry

• June 03, 2021 03 Jun'21

  FireEye sold to private equity, Mandiant regains independence

  FireEye has agreed to sell its products business and name to a private equity consortium, while Mandiant will spin out as an independent threat intel business

• June 03, 2021 03 Jun'21

  Pandemic a ‘once-in-a-lifetime’ chance to reshape security

  The volume of remote working has made it hard to paint an accurate picture of the true state of enterprise cyber security, but it presents an opportunity to change things up

• May 25, 2021 25 May'21

  Legacy vulnerabilities may be biggest enterprise cyber risk

  While high-profile cyber attacks and zero-days grab headlines, statistics gathered by network security specialists Cato suggest CISOs should be addressing legacy threats

• May 24, 2021 24 May'21

  Dutch researchers build security software to mimic human immune system

  Software could help IT systems develop immunity to some cyber attacks in a similar way to how the body fights infection

• May 24, 2021 24 May'21

  Why the security stack needs to move to the edge

  Akamai’s chief technology officer Robert Blumofe makes the case for a decentralised security model to address cyber threats that are emanating from the network edge

• May 20, 2021 20 May'21

  HP taps micro virtual machines in endpoint security

  HP’s Wolf Security technology stack uses an endpoint security controller to run computing tasks in micro virtual machines so that any potential malware can be isolated and contained

• May 18, 2021 18 May'21

  Cisco acquires Kenna Security amid security expansion

  Cisco announces a new acquisition alongside service enhancements around XDR and SASE in support of its security customers