About the Review

Welcome to the Cyber Security Review website.

The growth of the internet has impacted profoundly on everyday life and the global economy. It has evolved into a global, interconnected network of systems and information – cyberspace – that we know today, transforming the conduct of business and opening new markets.

Threats to cyber security are persistent and constantly evolving. With an ever-growing number of cyber attacks on critical infrastructure, online commerce and the private sector worldwide, security experts are finding that their work has become a race against the attackers.

The Cyber Security Review is a publication designed to draw on the combined knowledge, skills and expertise of the cyber security community to identify the emerging threats and facilitate the development of coherent policies and robust capabilities.

Our mission is to promote dialogue and provide a platform for information exchange and cooperation between stakeholders, industry, academia and security experts worldwide.

Latest news 

Juniper Confirms Shadow Brokers Firewall Implants
August 23, 2016
Company still investigating, no fixes or mitigations out yet.

Critical Flaws Let Attackers Hijack Cellular Phone Towers
August 23, 2016
Three critical security flaws in BTS stations allow attackers to compromise, hijack, crash mobile cell towers, security researchers from Zimperium have discovered.

US Ports Targeted with Zero-Day SQL Injection Flaw
August 23, 2016
Ports in the US have reported attacks using an SQL injection flaw made public by a hacker known as bRpsd, who released a fully working exploit online without notifying the vendor in advance.

Cisco Exploit Leaked in NSA Hack Modifies to Target Latest Version of Firewalls
August 23, 2016
Recently released NSA exploit from “The Shadow Brokers” leak that affects older versions of Cisco System firewalls can work against newer models as well.

New Banking Trojan Uses PowerShell to Alter Internet Explorer Proxy Settings
August 22, 2016
Attacks currently detected only against Brazilian banks.

Facebook Photos Lead to Hacking of Facial Recognition System
August 22, 2016
The hackers can use two-dimensional pictures, photos, and even 3D face replicas to compromise a system.

Despite billions spent on cybersecurity, companies aren’t truly safe from hacks
August 22, 2016
Companies on a treadmill to stay ahead of data thieves.

Bounty hunters are legally hacking Apple and the Pentagon – for big money
August 22, 2016
A growing roster of ‘white hat’ hackers earn thousands finding chinks in the digital armor of the US government and companies such as Apple and Google.

Many hospitals transmit your health records unencrypted
August 22, 2016
About 32% of hospitals and 52% of non-acute providers — such as outpatient clinics, rehabilitation facilities and physicians’ offices — are not encrypting data in transit, according to a new survey.

Cybercrime damages expected to cost the world $6 trillion by 2021
August 22, 2016
Massive expansion of the global cyber attack surface will fuel the cybercrime epidemic.

China edges ahead in the race to build hack-proof cyber security systems
August 21, 2016
The international power struggle for the control of data has intensified with a number of Chinese companies now trying to challenge entrenched cloud vendors such as Microsoft, Google and Amazon.

Twitter says it shuttered 235,000 accounts linked to terrorism in 6 months
August 19, 2016
Twitter said Thursday it has shut down 235,000 accounts linked to violent extremism in the last six months alone. That brings the total number of terminated Twitter accounts associated with terrorism to 360,000 since mid-2015.

UAC Bypass with Elevated Privileges Works on All Windows Versions
August 19, 2016
Security researcher has discovered a simple method of bypassing the Windows User Account Control (UAC) mechanism that affects all supported Windows versions, which in some exploitation scenarios leads to attackers executing commands with elevated privileges.

Prominent business leaders to meet on 27-29 Nov to discuss cyber security in Phuket
August 19, 2016   – PRESS RELEASE
The Cyber Security Exchange Asia 2016 conference will be taking place on the 27-29th November 2016 in Phuket, Thailand.

UK Police Arrest Sage Employee at London Airport
August 18, 2016
London City Police officers arrested an unnamed 32-year-old Sage female employee at the London Heathrow airport on Wednesday, August 17, 2016.

Does modern cyber security damage productivity?
August 18, 2016
Embracing the digital transformation is vital for business productivity, but increased cyber vulnerabilities must also be addressed.

‘Protectionist’ rejection of China’s State Grid misses real energy security issue
August 18, 2016
The Australian government’s decision to block the 99-year lease of 50.4% of our largest energy grid to the State Grid Corporation of China has been dubbed “protectionist” by China’s Ministry of Commerce.

CYBER TRENDS conference – Prague, 20-21 October 2016
August 17, 2016
International conference CYBER TRENDS accompanying with CYBER WORKSHOPS, live demostration and simulation test areas aims to deepen close cooperation in European cyber security.

Cisco Patches Zero-Day Included in Shadow Brokers Leak
August 17, 2016
Hacking tools from The Shadow Brokers leak named EPICBANANA, JETPLOW, and EXTRABACON, contain exploits that can compromise Cisco devices.

The NSA Hack — What, When, Where, How, Who & Why?
August 17, 2016
A mysterious group of hackers calling themselves “The Shadow Brokers” claimed it hacked an NSA-linked group and released some NSA hacking tools with a promise to sell more private “cyber weapons” to the highest bidder.

Industrial Espionage Hackers Targeted 130 Companies in More than 30 Countries
August 17, 2016
Since March 2015, a well-organized cyber-crime syndicate has targeted more than 130 companies in over 30 countries for the purpose of industrial espionage.

5 steps to cybersecurity for Internet of Things medical devices
August 17, 2016
Connected medical devices – components of the so-called Internet of Things – are multiplying, opening more holes in security and creating terrible potential for patient casualties.

Someone is Spying on Researchers Behind VeraCrypt Security Audit
August 16, 2016
After TrueCrypt mysteriously discontinued itself, VeraCrypt became the most popular open source disk encryption software used by activists, journalists, and privacy conscious people.

US Dept of Energy lobs out $34m for bright ideas on securing grids
August 16, 2016
The US Department of Energy (DOE) has awarded $34m in funding to pay for 12 programs aimed at improving the security of the US power grid.

Linux Flaw Exposes Over 1.4 Billion Androids to Spying Attacks
August 16, 2016
A Linux Flaw, which was first detected this spring, not only gives anyone the ability to hijack internet traffic but it also affects 80% of Android devices, which equals to about 1.4 billion devices.

Shadow Broker hacking group auctions off claimed NSA online spy tools
August 16, 2016
Did someone crack Equation Group or are they scammers?

FalseCONNECT Vulnerability Affects Software From Apple, Microsoft, Oracle
August 16, 2016
Researcher Jerry Decime revealed details about a security vulnerability that allows an attacker to gain a Man-in-the-Middle position and intercept HTTPS traffic thanks to flaws in the implementation of proxy authentication procedures in various products.

Germany Announces Plans to Create Cyber Security Unit
August 15, 2016
In the wake of recent terrorist attacks, the German government is rethinking its approach toward cyber-security, the government is readying plans to modify several German laws and create a new cyber security unit inside its police force.

China Launches World’s 1st ‘Hack-Proof’ Quantum Communication Satellite
August 15, 2016
The satellite is designed to develop a ‘Hack-Proof’ communications system in this age of global electronic surveillance and cyber attacks by transmitting uncrackable encryption keys from space to the ground.

Starwood, Marriott, Hyatt, IHG hit by malware: HEI
August 15, 2016
A data breach at 20 U.S. hotels operated by HEI Hotels & Resorts for Starwood, Marriott, Hyatt and Intercontinental may have divulged payment card data from tens of thousands of food, drink and other transactions.

Financial sector faces era of cyber mega heists
August 15, 2016
Banks and other financial institutions are threatened by a new breed of elite cyber criminals running professional operations that will use any means to achieve their goals, says Barclays security chief.

The inside man: Sage cyber security breach puts 280 UK firms at risk
August 15, 2016
This latest cyber attack shows once again that cyber security is losing its battle against cyber criminals, and that an internal threat is just as dangerous as an external one.

New Hack Uses Hard Drive’s Noise to Transfer Stolen Data from Air-Gapped Computer
August 12, 2016
Air-gapped computers that are isolated from the Internet and other computers are long considered to be the most secure and safest place for storing data in critical infrastructures such as industrial control systems, financial institutions, and classified military networks.

Hacker Releases More Democratic Party Documents
August 12, 2016
A hacker believed to be tied to the Russian intelligence services made public another set of internal Democratic Party documents on Friday, including the personal cellphone numbers and email addresses of nearly 200 lawmakers.

Cybersecurity skills crisis creating vulnerabilities
August 12, 2016
Cybersecurity education deficiencies and other factors cause direct damage to companies, a report from Intel Security finds.

Iran Investigates If Series of Oil Industry Accidents Were Caused by Cyber Attack
August 12, 2016
A series of fires and explosions in recent weeks has killed one and caused major damage.

How DoD holds service leaders accountable to ‘back to basics’ cyber program
August 11, 2016
After major breaches at the Office of Personnel Management forced all agencies to buckle down and address their critical vulnerabilities, Defense leaders say they’re beginning to see a noticeable culture change in how each service thinks about cybersecurity.

Business groups appeal to China over cybersecurity law
August 11, 2016
A coalition of 46 business groups from the United States, Europe and Asia has appealed to China to change proposed cybersecurity rules they warn will harm trade and isolate the country.