News

Network security management

• August 19, 2022 19 Aug'22

  Cradlepoint unveils networking architecture addressing 5G, SD-WAN, zero-trust intersection

  Cloud-delivered LTE and 5G wireless network services provider launches software-based offering to manage remote connections and provide flow-level visibility

• August 19, 2022 19 Aug'22

  Cozy Bear targets MS 365 environments with new tactics

  Cozy Bear, or APT29, is trying out new tricks as it seeks access to its targets’ Microsoft 365 environments

• August 18, 2022 18 Aug'22

  Amazon Ring vulnerability could have been used to spy on users

  A now-patched vulnerability in the Amazon Ring mobile app could have been exploited to expose users’ video recordings, but was complex to exploit, according to the researchers who stumbled upon it

• August 18, 2022 18 Aug'22

  Ukraine war drives DDoS attack volumes ever higher

  There has been a boom in distributed denial-of-service attacks in the first six months of 2022, according to a report, with Russia’s war on Ukraine helping to drive activity

• August 15, 2022 15 Aug'22

  Report reveals consensus around Computer Misuse Act reform

  A study produced by the CyberUp campaign reveals broad alignment among security professionals on questions around the Computer Misuse Act, which it hopes will give confidence to policymakers as they explore its reform

• August 12, 2022 12 Aug'22

  How critical infrastructure operators can secure OT data

  Cohesity’s CISO discusses the challenges of securing data in operational technology systems and what can be done to mitigate security threats

• August 11, 2022 11 Aug'22

  Researcher finds 10 vulnerabilities in Cisco firewalls

  At Black Hat USA, Rapid7 researchers report on 10 security issues in popular Cisco firewall products, many of which do not yet have patches

• August 11, 2022 11 Aug'22

  Cisco averts cyber disaster after successful phishing attack

  A potentially serious cyber attack on Cisco’s systems that began after a threat actor successfully exploited an employee’s carelessly secured credentials was thwarted without major damage

• August 11, 2022 11 Aug'22

  Seacom teams up with BT to deliver enterprise communications services across Africa

  Deal with leading UK telco intended for customers of Africa’s first broadband submarine cable system to benefit from what is claimed to be world-class portfolio of network services

• August 09, 2022 09 Aug'22

  Cyber insurance getting harder to obtain

  Organisations looking to shore up their security postures face more and more barriers to obtaining cyber insurance

• August 05, 2022 05 Aug'22

  Reliance on PSN may have exacerbated cyber attack impact

  As it seeks a new supplier to reinvigorate the migration away from the Public Services Network, the Cabinet Office says relying on the legacy network may be putting public sector bodies at heightened risk in cyber attacks

• August 03, 2022 03 Aug'22

  Shift to remote work sees major rise in cyber crime

  Survey finds almost four in five cyber security teams agree that recent changes to working practices have adversely affected their organisation’s cyber security, with one-fifth banning the use of public Wi-Fi by policy

• August 03, 2022 03 Aug'22

  DrayTek patches SOHO router bug that left thousands exposed

  Network hardware supplier has fixed an unauthenticated RCE vulnerability in multiple routers in its Vigor line, after being alerted by Trellix researchers

• July 29, 2022 29 Jul'22

  Austrian data firm accused of selling malware, conducting cyber attacks

  Microsoft has accused DSIRF, an Austrian data services firm, of involvement in a string of cyber attacks

• July 28, 2022 28 Jul'22

  NCSC startups scheme turns focus to operational technology, SME security

  NCSC for Startups initiative turns its focus to supporting innovation around securing operational technology and addressing the challenges facing small businesses

• July 27, 2022 27 Jul'22

  Cyber security training ‘boring’ and largely ignored

  Two-thirds of employees don’t bother to pay attention to cyber security training – and the fault does not lie with them

• July 26, 2022 26 Jul'22

  Visibility and proactive stance needed to secure OT systems

  Critical infrastructure operators need to have more visibility into their IT and operational technology environment, and take a more active stance to fend off sophisticated adversaries, expert says

• July 25, 2022 25 Jul'22

  NCSC seeks community input for Cyber Advisor service

  The NCSC is proposing to establish a new Cyber Advisor service to train up experts in security guidance, and is inviting interested parties to come forward

• July 25, 2022 25 Jul'22

  The Security Interviews: Why you need to protect abandoned digital assets

  The war in Ukraine and subsequent boycott of Russia resulted in a swathe of digital infrastructure being abandoned, becoming a potential vulnerability for many organisations, says Cyberpion’s Ran Nahmias

• July 21, 2022 21 Jul'22

  Buy ‘plug-n-play’ malware for the price of a pint of beer

  Three-quarters of malwares and almost 90% of exploits retail on the dark web for about £8.40 or less, according to a report

• July 21, 2022 21 Jul'22

  Russia-linked APTs targeted fleeing Ukrainian civilians

  Mandiant and the US authorities have shared details of a phishing campaign that spoofed humanitarian information on evacuation procedures to target Ukrainians fleeing Russian bombardment

• July 20, 2022 20 Jul'22

  (ISC)² expands entry-level cyber programme after UK success

  Flush with success from a UK certification programme, reaching 100k in the UK, (ISC)² now wants to provide free security certification to a million people worldwide

• July 20, 2022 20 Jul'22

  Cato aims to bust cyber myths as it extends network protections

  Cato Networks is beefing up its platform’s security features with ransomware and data loss protections, and the firm’s security strategy lead Etay Maor is using the occasion – and his unique access to billions of data points from the firm’s network ...

• July 20, 2022 20 Jul'22

  Russia’s Cozy Bear abusing Dropbox, Google Drive to target victims

  Russian APT known as Cozy Bear has become adept at quickly incorporating popular cloud storage services into its attack chain to avoid detection

• July 15, 2022 15 Jul'22

  NHS trust ‘deliberately’ deleted up to 90,000 emails before tribunal hearing

  A high-profile case brought by NHS whistleblower Chris Day raises questions about the adequacy of information governance practices in NHS hospital trusts

• July 14, 2022 14 Jul'22

  Videogame maker Bandai Namco confirms cyber attack

  Bandai Namco, developer of videogames including Pac-Man, Tekken and Dark Souls, has broken days of silence to confirm it has been hit by a cyber attack

• July 13, 2022 13 Jul'22

  July Patch Tuesday brings more than 80 fixes, one zero-day

  While some admins can put their feet up and let Windows Autopatch do the hard work of updating their Microsoft estates, for the rest of us, the Patch Tuesday bandwagon keeps on keeping on

• July 12, 2022 12 Jul'22

  Singapore doubles down on OT security

  The Cyber Security Agency of Singapore will fund 80 scholarships to groom a talent pool of operational technology security experts, among other efforts to bolster the security of critical infrastructure in the city-state

• July 07, 2022 07 Jul'22

  Latest Marriott data breach not as serious as others

  Questions are again being raised over Marriott’s cyber security practices following yet another incident, but fortunately it seems limited in its scope, and the company is responding appropriately

• July 06, 2022 06 Jul'22

  Plexal seeks new scaleups for next phase of Cyber Runway

  Established security startups looking to grow and scale their operations are being invited to join the next phase of Plexal’s Cyber Runway programme

• July 05, 2022 05 Jul'22

  LogRhythm bullish on growth in APAC

  LogRhythm expects its business in the region to grow by over 20% this year thanks to demand from emerging economies where cyber security investments have not kept pace with cyber threats

• July 05, 2022 05 Jul'22

  NCSC CEO: Why we should run towards crises to elevate cyber security

  National Cyber Security Centre CEO Lindy Cameron, the 2022 Computer Weekly UKtech50 Most Influential Person in UK IT, reflects on a career immersed in crisis management, and how she is using this to elevate cyber security standards across the country

• June 29, 2022 29 Jun'22

  New cyber extortion op appears to have hit AMD

  Semiconductor specialist AMD has confirmed it is investigating reports that a ‘bad actor’ has stolen hundreds of gigabytes of its data

• June 28, 2022 28 Jun'22

  Russia-aligned hacktivists behind Lithuania DDoS attack

  Killnet hacktivist collective targeted Lithuania with distributed denial of service attacks after its government angered the Kremlin

• June 27, 2022 27 Jun'22

  Commercial cyber products must be used responsibly, says NCSC CEO

  NCSC’s Lindy Cameron is to speak out on responsible regulation of cyber capabilities at an event in Tel Aviv, Israel

• June 24, 2022 24 Jun'22

  US cyber agency in fresh warning over Log4Shell risk to VMware

  Many VMware Horizon and UAG servers remain defenceless against Log4Shell, and organisations continue to fall victim to the vulnerability

• June 23, 2022 23 Jun'22

  Ukraine cyber agency enlists Radware to protect government networks

  Ukraine’s State Service of Special Communications and Information Protection is using Radware cloud DDoS protection and web application firewall services to protect the government from persistent Russian attacks

• June 22, 2022 22 Jun'22

  How TDCX is building a people-centric business

  Every digital tool deployed by the Singapore-based services firm is aimed at augmenting the performance and experience of its employees, says TDCX’s group CIO, Byron Fernandez

• June 21, 2022 21 Jun'22

  CNI leaders’ attitude to ransomware lackadaisical at best

  A survey of security decision-makers in sectors regarded as critical national infrastructure reveals a disappointing attitude to ransomware threats

• June 20, 2022 20 Jun'22

  Complex Russian cyber threat requires we go back to basics

  The situation in Russia is anything but simple, but it is the fundamentals of cyber security hygiene that pose the best defence against the country’s digital threat, as Mandiant’s Jamie Collier explains

• June 16, 2022 16 Jun'22

  TalkTalk hacker Daniel Kelley gives up his black hat for good

  After serving a four-year prison sentence for his role in the 2015 TalkTalk hack and other cyber offences, Daniel Kelley now wants to pursue a legitimate cyber security career

• June 16, 2022 16 Jun'22

  Dundee security research centre opens with support from SBRC

  An £18m hub at Abertay University in Dundee forms the centrepiece of Scotland’s first security research cluster

• June 16, 2022 16 Jun'22

  Office 365 loophole may give ransomware an easy shot at your files

  Researchers at Proofpoint have discovered potentially dangerous Microsoft Office 365 functionality that they believe may give ransomware a clear shot at files stored on SharePoint and OneDrive

• June 15, 2022 15 Jun'22

  $2k to access your organisation on the dark web

  Dark web brokers will sell access to company networks and systems for an average of $2,000 to $4,000

• June 15, 2022 15 Jun'22

  Patch Tuesday dogged by concerns over Microsoft vulnerability response

  The last Patch Tuesday in its current form is overshadowed by persistent concerns about how Microsoft deals with vulnerability disclosure

• June 13, 2022 13 Jun'22

  New warning over tech suppliers in thrall to hostile governments

  Ukraine war could lead to shakeup of dual-use tech exports, says former UK intelligence officer

• June 13, 2022 13 Jun'22

  Qatar bolsters cyber security in preparation for World Cup

  With hackers honing their cyber weapons to target the upcoming football World Cup, Qatar is busy developing countermeasures and raising awareness

• June 08, 2022 08 Jun'22

  China using top consumer routers to hack Western comms networks

  An advisory from US cyber authorities shares details of multiple vulnerabilities exploited by Chinese state actors to hack into Western telecoms networks

• June 08, 2022 08 Jun'22

  ProxyLogon, ProxyShell may have driven increase in dwell times

  The median network intruder dwell time was up 36% to 15 days last year, thanks to massive exploitation of the ProxyLogon and ProxyShell vulnerabilities by IABs, according to new Sophos data

• June 01, 2022 01 Jun'22

  Executive interview: Jeetu Patel, general manager of collaboration and security, Cisco

  Anyone with an idea can help solve a problem if geography and distance don’t matter when bringing in talent, says Cisco’s collaboration and security chief