News

Network security management

• June 19, 2023 19 Jun'23

  Early June Microsoft outages were result of large-scale DDoS hit

  Investigations into recent outages on Microsoft Azure and Outlook services have turned up evidence of a massive distributed denial-of-service attack

• June 15, 2023 15 Jun'23

  Clop begins naming alleged MOVEit victims

  Clop uploaded details of 12 new victims to its dark web leak site late on 14 June, many of them likely linked to the ongoing MOVEit cyber attack

• June 14, 2023 14 Jun'23

  No zero-days for June Patch Tuesday, but plenty to chew over

  On the face of it, Microsoft’s monthly round of updates is a lighter-than-usual load for security teams, with no zero-days in evidence, but there are still plenty of issues needing attention

• June 09, 2023 09 Jun'23

  Extreme Networks emerges as victim of Clop MOVEit attack

  Network equipment and services supplier Extreme Networks has revealed its instance of Progress Software’s MOVEit tool was compromised in the ongoing Clop cyber attack

• June 09, 2023 09 Jun'23

  Barracuda ESG users told to throw away their hardware

  Owners of Barracuda Email Security Gateway appliances are being told that they will need to throw out and replace their kit after it emerged that a patch for a recently disclosed vulnerability had not done the job

• June 08, 2023 08 Jun'23

  Bishop Fox’s Vinnie Liu talks offensive security skills

  There is growing demand for offensive security testing, but it needs a multi-layered skillset that can be hard to quantify. Bishop Fox’s CEO and co-founder explains why and some potential mitigation strategies

• June 06, 2023 06 Jun'23

  Google launches hacker-backed SME security training scheme

  Citing research that shows almost half of SMEs are struggling to recruit cyber security specialists, Google is launching a programme designed to upskill more people to fill thousands of vacant roles

• May 26, 2023 26 May'23

  Cisco joins growing Manchester cyber security hub

  Networking kingpin signs up to Greater Manchester Digital Security Hub to support centre’s work on security resilience and skills

• May 25, 2023 25 May'23

  Alert over Chinese cyber campaign targeting critical networks

  A Chinese threat actor known as Volt Typhoon has been observed infiltrating CNI networks in a cyber espionage campaign, according to intelligence

• May 19, 2023 19 May'23

  Spanish lawyers claim police hacking of EncroChat cryptophones breaches human rights law

  Lawyers speaking at the Madrid Bar Association question the legality of a cryptophone hacking which has led to arrests of organised criminals in multiple countries

• May 17, 2023 17 May'23

  Pentera ups ante in penetration testing

  The Israeli startup, which expanded to the APAC region last year, scans for vulnerabilities and emulates cyber attacks through its automated security validation platform

• May 16, 2023 16 May'23

  Executive interview: DNS designer David Holtzman discusses net security

  How is it possible for criminals to lure people onto fake websites? Holtzman says it’s because DNS is fundamentally insecure

• May 12, 2023 12 May'23

  BT unveils secure networking service for UK business customers

  UK’s leading telco teams with US cyber security company to launch secure software-defined networking service for business customers available on a managed services basis

• May 12, 2023 12 May'23

  How Splunk is driving security automation

  Splunk’s head of security in APAC talks up the company’s efforts to ease the workloads of security analysts amid lower adoption of security automation and analytics in the region

• May 10, 2023 10 May'23

  How datacentre operators can fend off cyber attacks

  Applying zero-trust principles in the form of strong authentication controls and network segmentation can help datacentre operators to mitigate cyber threats

• May 03, 2023 03 May'23

  Cyber Action Plan for Wales launched

  The devolved Welsh government has set out four priorities in an action plan designed to foster cyber resilience, talent and innovation across the country

• April 27, 2023 27 Apr'23

  Google Cloud seals bug that could have led to data breaches

  The Asset Key Thief vulnerability gave rise to multiple potential attack scenarios that could have impacted thousands of Google Cloud users, but has now been safely fixed

• April 25, 2023 25 Apr'23

  Almost three-quarters of cyber attacks involve ransomware

  Data from Sophos’s annual Active Adversary Report reveals that almost three-quarters of the cyber security incidents it responded to in 2022 involved ransomware

• April 24, 2023 24 Apr'23

  Most IT staff uncomfortable deploying surveillance tech at work

  The IT teams responsible for deploying and running digital surveillance in workplaces say they are uncomfortable with “extremely common” practice of spying on colleagues, research finds

• April 21, 2023 21 Apr'23

  CyberUK 23: New advice on smart city security issued

  The NCSC and key allies have drawn up new guidance to help communities balance the cyber security risks involved with creating smart cities

• April 20, 2023 20 Apr'23

  New GovAssure cyber regime launches across UK government

  An enhanced cyber security regime is being put in place to better protect UK government IT systems from growing threats

• April 19, 2023 19 Apr'23

  Orange joins forces with industry, academia to build French quantum comms

  Leading telco joins industry leaders, start-ups and academic players announce the official launch of a programme in charge of deploying Quantum secure communications networks in France.

• April 19, 2023 19 Apr'23

  UK plc sees fewer cyber breaches and attacks, but lacks resilience

  Latest government figures reveal UK businesses and charities reported lower volumes of cyber breaches and attacks over the past 12 months, but the statistics mask widespread underreporting and the true state of cyber readiness and resilience appears...

• April 19, 2023 19 Apr'23

  CyberUK 23: NCSC CEO calls for collaboration and warns against complacency

  NCSC boss Lindy Cameron kicked off the annual CyberUK conference in Belfast with a plea for collaboration and a warning against complacency

• April 19, 2023 19 Apr'23

  Global finance firms take part in NATO cyber attack simulation

  Global financial services organisations take part in NATO annual event which simulates cyber attacks on critical infrastructure

• April 19, 2023 19 Apr'23

  Cisco urges users to keep its network hardware up-to-date

  In the wake of a campaign of threat activity targeting a six-year-old Cisco router vulnerability, the networking giant has warned users to be on high alert and update their hardware

• April 19, 2023 19 Apr'23

  CyberUK 23: Alert over mercenary Russian threat to CNI

  Russian hacktivists supportive of their government’s war on Ukraine are turning their attention to disruptive or destructive attacks on critical infrastructure in the UK, the NCSC has warned

• April 19, 2023 19 Apr'23

  How organisations can succeed with zero trust

  By starting small, taking a long-term view and prioritising the most critical assets in their zero-trust implementations, organisations will be able to reap returns from their investments in the security paradigm

• April 18, 2023 18 Apr'23

  Enterprise networking sees age of SASE and network as a service

  Report reveals complexity of third workspace has transformed how modern IT organisations view network and security, with 98% of IT executives planning to increase investment in cloud services

• April 18, 2023 18 Apr'23

  CyberUK 23: NCSC conference centres cyber collaboration

  The NCSC’s annual CyberUK conference gets underway in Belfast this week, with collaboration and cooperation high on the agenda

• April 18, 2023 18 Apr'23

  Tech companies and NGOs urge rewrite of Online Safety Bill to protect encrypted comms

  The Online Safety Bill faces amendments in the House of Lords amid concerns that it could weaken the security of end-to-end encrypted communications for UK citizens

• April 18, 2023 18 Apr'23

  Focus on these three risky behaviours to boost cloud security

  Some 80% of cloud security alerts are triggered by just 5% of security rules. Security teams can substantially improve their resilience by zeroing in on a small set of risky behaviours, according to a report

• April 13, 2023 13 Apr'23

  Thousands at risk from critical RCE bug in legacy MS service

  Thousands of organisations worldwide are at risk from three vulnerabilities – one critical – in a legacy Microsoft service that they may not be aware they are running

• April 12, 2023 12 Apr'23

  Netskope claims hybrid work ‘revolution’ with SASE client and endpoint SD-WAN

  Netskope looks to deliver consistent security and superior user experience for hybrid workers through reduced costs and complexity from extended borderless SD-WAN and SASE

• April 12, 2023 12 Apr'23

  April Patch Tuesday fixes zero-day used to deliver ransomware

  A zero-day in the Microsoft Common Log File System that has been abused by the operator of the Nokoyawa ransomware is among 97 vulnerabilities fixed in April’s Patch Tuesday update

• April 11, 2023 11 Apr'23

  Anne Keast-Butler named as new director of GCHQ

  The government has appointed current MI5 deputy director general Anne Keast-Butler to head signals and cyber agency GCHQ

• April 06, 2023 06 Apr'23

  Prioritise automated hardening over traditional cyber controls, says report

  A report from strategic risk specialist Marsh McLennan advises security buyers to funnel their budgets towards automated cyber security hardening techniques, saying they have a much better chance of reducing risk in a meaningful way

• April 04, 2023 04 Apr'23

  Threat researchers dissect anatomy of a Royal ransomware attack

  Trellix researchers share the inside track on a Royal ransomware attack that hit one of its customers in late 2022

• April 04, 2023 04 Apr'23

  Over 90% of organisations find threat hunting a challenge

  Understaffed security teams and high levels of background noise are making basic security operations tasks a chore for defenders, according to a report

• March 30, 2023 30 Mar'23

  Reactive approach to cyber procurement risks damaging businesses

  Too many organisations are following a reactive approach to cyber security, which WithSecure believes is stifling security teams ability to demonstrate value and align with business outcomes

• March 30, 2023 30 Mar'23

  3CX unified comms users hit by supply chain attacks

  Ongoing supply chain attacks against customers of UC firm 3CX appear to be linked to North Korean threat actors

• March 28, 2023 28 Mar'23

  Microsoft expands AI Copilot project into security realm

  New Microsoft service, Security Copilot, will supposedly expand the reach, speed and effectiveness of cyber teams

• March 28, 2023 28 Mar'23

  Inside Group-IB’s cyber security playbook

  A focus on threat intelligence, fraud protection and its work with Interpol has enabled Group-IB to compete against bigger rivals in the market

• March 24, 2023 24 Mar'23

  National Crime Agency sting operation infiltrates cyber crime market

  The UK National Crime Agency has tricked thousands of potential cyber criminals into registering with a fake website pretending to offer tools for creating DDoS attacks

• March 24, 2023 24 Mar'23

  Aryaka expands SD-WAN, SASE offer to SMEs

  Having deployed its services to large enterprises and Fortune 100 companies for over a decade, software-defined networking technology focuses on small to medium-sized enterprises for secure access and wide area networks

• March 21, 2023 21 Mar'23

  Nordics move towards common cyber defence strategy

  Nordic countries agree to work together to improve their cyber defences amid increasing threat

• March 15, 2023 15 Mar'23

  Chinese Silkloader cyber attack tool falls into Russian hands

  A loader tool used by Chinese cyber criminals seems to have been enthusiastically taken up in recent weeks by Russian ransomware operators

• March 07, 2023 07 Mar'23

  Nine in 10 enterprises fell victim to successful phishing in 2022

  Egress annual email security risk report breaks down impacts of email-based phishing attacks and data loss, and the effect these can have on organisations in terms of staff retention and morale

• March 02, 2023 02 Mar'23

  Salt Labs identifies OAuth security flaw within Booking.com

  Security flaw in Booking.com OAuth implementation could be used to launch account takeovers, but researchers discovered and flagged the issue before it could be exploited in the wild

• February 21, 2023 21 Feb'23

  US government Strike Force aims to prevent adversaries from accessing disruptive tech

  The US Strike Force law enforcement initiative will target rogue nation-states that pose a national security threat