About the Review

Welcome to the Cyber Security Review website.

The growth of the internet has impacted profoundly on everyday life and the global economy. It has evolved into a global, interconnected network of systems and information – cyberspace – that we know today, transforming the conduct of business and opening new markets.

Threats to cyber security are persistent and constantly evolving. With an ever-growing number of cyber attacks on critical infrastructure, online commerce and the private sector worldwide, security experts are finding that their work has become a race against the attackers.

The Cyber Security Review is a publication designed to draw on the combined knowledge, skills and expertise of the cyber security community to identify the emerging threats and facilitate the development of coherent policies and robust capabilities.

Our mission is to promote dialogue and provide a platform for information exchange and cooperation between stakeholders, industry, academia and security experts worldwide.

Latest news 

Israel’s Energy Ministry wants cyber security lab
July 28, 2016
The new laboratory will act as a testing and simulation environment for industrial operations technologies, and can be used to examine the effectiveness of various protection systems.

Cybersecurity spending will exceed $100bn over the next 4-5 years, says Intel Security
July 27, 2016
A new collaborative research by John McAfee-founded Intel Security and the Washington-headquartered Center for Strategic and International Studies (CSIS) has detailed how the shortage of cybersecurity skills is the root cause for significant data loss, which damages finances and reputation of countries and businesses.

Experts: U.S. more prepared for cyber attack on paper than in reality
July 26, 2016
A discussion panel of cyber security and electrical industry stakeholders on Sunday examined what can be done to protect public utilities in the U.S. and other countries from cyber attacks.

New U.S. Cyber Security Policy Solidifies FBI as Key Cyber Leader
July 26, 2016
Presidential Policy Directive-41 on U.S. Cyber Incident Coordination Policy sets forth principles that will govern the federal government’s response to cyber incidents and designates certain federal agencies to take the lead in three different response areas—threat response, asset response, and intelligence support.

DISA gets injection of funding for small-business rapid innovation projects
July 25, 2016
The DOD funding will support development of cutting-edge cybersecurity technologies.

US Government to Pay $2 Million for Automatic Hacking and Patching System
July 25, 2016
Defense Advanced Research Projects Agency (DARPA) will be giving away a total of $4 million to seven teams participating in the Cyber Grand Challenge (CGC).

Ancient Hackhound Password Stealer Used in Industrial Espionage Campaign
July 25, 2016
Security researchers from McAfee have come across a compromised Web server meant to host C&C servers for different password stealers, which were used to target several companies as part of an industrial espionage campaign.

Cybersecurity to Get $15M Boost from DOE
July 25, 2016
The Department of Energy will provide the support in a three-year partnership with NRECA and the American Public Power Association.

DNC Emails from WikiLeaks Pose Massive Privacy Threat to Donors
July 24, 2016
The latest trove of leaked Democratic National Committee (DNC) emails are massive privacy threat to innocent people like the donors of Democratic party.

Before Hacking, The DNC Mocked A Report Questioning Its Cybersecurity
July 23, 2016
Just months before a trove of Democratic National Committee emails were hacked and published online, a DNC communications director mocked a BuzzFeed News report in May that questioned the effectiveness of its cybersecurity.

Cybersecurity: A vertical industry application?
July 22, 2016
Cybersecurity has actually become a boardroom issue and corporate boards understand industry-specific risks much better than technology gibberish about malware and exploits.

Cybersecurity company executives plead guilty to hacking rival firm
July 22, 2016
Not only did the Quadsys staff reportedly break into servers, they were caught doing it.

Automotive industry releases vehicle cybersecurity best practices
July 22, 2016
Members of the US Automotive Information Sharing and Analysis Center (Auto-ISAC) have released an overview of comprehensive Automotive Cybersecurity Best Practices.

Anonymous Dumps Database of Izmir Gaz to Protest Against Turkey and Erdogan
July 22, 2016
An unknown member of the Anonymous hacker collective has dumped a database online, claiming to belong to Izmir Gaz, a Turkish energy and natural gas provider based in the town of Izmir.

BlackMoon Banking Trojan Infected over 160,000 South Koreans
July 22, 2016
Over 100,000 South Koreans had their banking credentials stolen by crooks who leveraged the BlackMoon banking trojan, also detected as W32/Banbra.

Hacking Team Hacker Behind WikiLeaks Turkey AKP Emails Dump
July 21, 2016
Phineas Fisher, the hacker responsible for breaching the Hacking Team servers last year, has taken responsibility for hacking into the servers of the AKP, Turkey’s ruling party.

SEC Prepares for More Cybersecurity Oversight
July 21, 2016
Leading U.S. banks, and other publicly traded companies, should expect increased cybersecurity scrutiny from the Securities and Exchange Commission.

iPhone bug allows hackers to steal passwords with just a text message
July 21, 2016
Apple has fixed a major security hole that potentially allowed hackers to gain access to a user’s iPhone, potentially allowing them to steal sensitive data such as passwords.

Backdoor Account Found in Dell Network Security Products
July 20, 2016
Security researchers have discovered six serious security issues that plague several Dell SonicWall products, one of which is a hidden account with easy-to-guess credentials.

DDoS Attack Takes Down US Congress Website for Three Days
July 20, 2016
The US Congress has just recovered after a three-day DDoS attack that has crippled its online portal congress.gov

Software flaw puts mobile phones and networks at risk of complete takeover
July 20, 2016
Code-execution vulnerability resides in ASN.1 code used in base stations, radios, basebands.

SCADAfence and Gigamon Partner to Provide Visibility and Cybersecurity for Industrial Networks
July 19, 2016
SCADAfence announced today it has joined Gigamon’s (GIMO) ecosystem partner program to provide a joint cybersecurity solution.

Cybersecurity: What to Consider for Real-Time Data Transfer
July 18, 2016
LOGIIC has released a detailed report to help its oil and gas members better understand essential considerations in data transfer products.

The TSA, Metadata And You: How Cybersecurity Techniques Can Avoid Security Theater
July 18, 2016
Just as weapons can make their way through airport security, cyber attackers can easily penetrate enterprise networks.

Call for government, industry to share more on cybersecurity threats
July 18, 2016
The federal government and industry have been urged to work together to share information on cyber security threats and attacks to counter the increasing sophistication of cyber adversaries.

Meet The General Who Positioned Israel To Win In $175 Billion Cybersecurity Market
July 18, 2016
Israeli companies exported $6.5 billion a year worth of cyberproducts, about 10% of the world market, based on data from Israel’s National Cyber Bureau.

UK Railway Network Suffered Four Cyber-Attacks in the Past Year
July 18, 2016
The attacks were only basic reconnaissance operations, intrusions to detect a network’s internal structure and to gather information for future attacks.

Hacker Selling Entire US Voters’ Registration Records on Dark Net
July 18, 2016
”DataDirect” is claiming to have full access to voter registration records of the citizens of the United States and offering buyers state by state voters’ records where the price for each state is 0.5 BTC (340.38 US Dollar).

Hacking 3D Printers Is Just Another Way to Destroy Modern Companies
July 17, 2016
A tiny change in the way 3D printers operate can have a massive impact.

Chinese Hackers Deface Two Philippines Government Websites
July 17, 2016
Hackers claiming to be Chinese have defaced official government portals for two local government units (LGUs) from the Philippines.

HSBC Website Suffers DDoS Attack
July 16, 2016
The official domain of HSBC (Hongkong and Shanghai Banking Corporation) came under massive distributed denial-of-service (DDoS) attack on 12July affecting domain in UK and the USA.

House bills seek to strengthen U.S.-Israel cybersecurity partnership
July 15, 2016
Legislation would lead to more collaboration between the two countries on R&D for global cybersecurity products.

Energy braces for online attacks
July 15, 2016
Power industry learns importance of cybersecurity.

ANZ Bank staffers drop slick incident response tool for Mandiant mobs
July 15, 2016
Plugs hundreds of endpoints into ‘single pane of glass’

Hackers attempt to extort Polish Defence Ministry for $50,000 after stealing data
July 15, 2016
A hacking group called ‘Pravyy Sector’ is attempting to extort the Polish Defence Ministry for $50,000 (€45,000, £37,000) while threatening to release a number of sensitive files stolen from its computer networks if no payment is received.

JBA funds J$15m to cyber security campaign
July 14, 2016
The Government’s national cyber security public education and awareness campaign is being funded at a cost of over $15 million by the Jamaica Bankers Association (JBA).

Bulgarian Cabinet adopts cyber security policy
July 14, 2016
Bulgaria’s Cabinet adopted a national cyber security policy, entitled “Cyber Resilient Bulgaria 2020”, a step taken against a background of repeated cyber warfare attacks on state and government websites.

Infrastructure Cybersecurity Requires More Personnel
July 13, 2016
One of the major problems facing the cybersecurity of the nation’s critical infrastructure is a lack of personnel, according to witnesses at both the House Homeland Security Committee and the Senate Energy and Natural Resources Committee on Tuesday.

SFG malware discovered in European energy company
July 13, 2016
A new piece of malware has been discovered on the information networks of an unnamed European energy company.

Committee Releases Interim Report on FDIC Cybersecurity
July 13, 2016
U.S. House Science, Space, and Technology Committee today released an interim staff report with preliminary findings from the committee’s investigation of major data breaches at the Federal Deposit Insurance Corporation (FDIC).

Fiat Chrysler to Pay Hackers Who Find Cybersecurity Flaws
July 13, 2016
‘Bug bounty’ program comes a year after researchers took control of moving Jeep using laptop.

Singapore, the Netherlands ink agreement to strengthen cyber security cooperation
July 12, 2016
Cyber Security Agency of Singapore and the Netherlands’ National Cyber Security Center signed a Memorandum of Understanding on cyber security cooperation to formalize their commitment to work together to foster a secure cyber space.

Cybersecurity Consolidation May Be Heating Up
July 11, 2016
Market chatter and rumors have really picked up in recent weeks, a sign that a consolidation wave could be imminent.

SWIFT hires two cybersecurity firms in wake of digital heists
July 11, 2016
The Brussels-based Society for Worldwide Interbank Financial Telecommunication hired firms BAE Systems and Fox-IT to work alongside its own in-house cybersecurity team.

EU Adopts Cybersecurity Directive: What US Companies Need to Know
July 11, 2016
The European Parliament adopted the Network and Information Security (“NIS”) Directive in an effort to enhance cybersecurity and incident reporting at a national level across all of its member states.

YouTube Videos Contain Hidden Commands For Hacking Mobiles
July 11, 2016
A team of security researchers from the University of California, Berkeley, and Georgetown University has found a new method for hacking mobile devices by using hidden voice commands embedded in YouTube videos.

GootKit Banking Trojan Receives Massive Update
July 11, 2016
GootKit is a less-known banking trojan that appeared in 2014, and unlike most of its competition, it has never had its source code leaked online, nor has it been rented via a Malware-as-a-Service operation.