About the Review

Welcome to the Cyber Security Review website.

The growth of the internet has impacted profoundly on everyday life and the global economy. It has evolved into a global, interconnected network of systems and information – cyberspace – that we know today, transforming the conduct of business and opening new markets.

Threats to cyber security are persistent and constantly evolving. With an ever-growing number of cyber attacks on critical infrastructure, online commerce and the private sector worldwide, security experts are finding that their work has become a race against the attackers.

The Cyber Security Review is a publication designed to draw on the combined knowledge, skills and expertise of the cyber security community to identify the emerging threats and facilitate the development of coherent policies and robust capabilities.

Our mission is to promote dialogue and provide a platform for information exchange and cooperation between stakeholders, industry, academia and security experts worldwide.

Latest news 

A guided tour of the cybercrime underground
February 23, 2017
One of the strange features of cybercrime is how much of it is public.

Malware Attack on Polish Banks Uses Russian as False Flag, Linked to Lazarus
February 21, 2017
Hackers involved in the attack on Polish banks seem to have faked some of the code lines, making it seem as if they were Russians.

Unpatched Python and Java Flaws Let Hackers Bypass Firewall Using FTP Injection
February 21, 2017
Hackers can take advantage to design potential cyber attack operations against critical networks and infrastructures.

How to Bury a Major Breach Notification
February 21, 2017
Amid the hustle and bustle of the RSA Security Conference in San Francisco last week, researchers at RSA released a startling report that received very little press coverage relative to its overall importance.

INTERPOL World 2017 builds up momentum with strong support from public and private sectors
February 21, 2017
The second edition of INTERPOL World has garnered strong support from public and private sectors, both locally and on the international front.

New TeamSpy Malware Campaign Turns TeamViewer into Spy Tool
February 20, 2017
TeamSpy is back and it’s turning TeamViewer into the spying tool that no one wants.

Siemens Awarded Cyber Security Certificate for Digital Grid Automation Solutions
February 20, 2017
Siemens has received a certificate for network automation solutions from TÜV Süd, in accordance with the international standards series IEC 62443.

Malware Hijacks Microphones to Spy On Ukrainian Businesses, Scientists and Media
February 20, 2017
Ukraine has once again been a target of a potential hacking attack that infected computer systems from dozens of Ukrainian businesses with highly sophisticated malware, allowing hackers to exfiltrate sensitive data and eavesdrop on their network.

States vie for Israeli cyber security investment as CyberGym heads downunder
February 20, 2017
State governments are jostling to win a major cyber security investment from the multibillion-dollar Israeli government-owned electricity company, as the business implications of Prime Minister Benjamin Netanyahu’s first Australian visit begin to take shape.

Got Effective Cybersecurity Practices? Be Aware: The FTC Is Watching You.
February 20, 2017
Data breaches can happen to any business — not just those with big names. Claiming “I didn’t know” won’t suffice when this happens to you.

F-Secure buys industrial control security firm
February 16, 2017
F-Secure has acquired hardware and embedded system security firm Inverse Path. Financial terms of the deal, announced on Thursday, were undisclosed.

Israeli Military Targeted by Android Mobile Surveillance Malware
February 16, 2017
Israeli servicemen are under cyberattack, with hundreds of devices compromised and turned into spy gear.

Study reveals cybersecurity readiness gaps in US oil and gas industry
February 16, 2017
A survey of US oil and gas cybersecurity risk managers indicates that the deployment of cybersecurity measures in the industry isn’t keeping pace with the growth of digitalization in oil and gas operations.

Nation States Distancing Themselves from APTs
February 14, 2017
Security researchers say a new trend in privateering is gaining traction among nation states, which are increasingly contracting with private companies to carry out state-sponsored attacks.

Websites Can Now Track You Online Across Multiple Web Browsers
February 14, 2017
You might be aware of websites, banks, retailers, and advertisers tracking your online activities using different Web “fingerprinting” techniques even in incognito/private mode, but now sites can track you anywhere online — even if you switch browsers.

Cybersecurity: Queen opens centre to protect against attacks
February 14, 2017
The National Cyber Security Centre – part of intelligence agency GCHQ – started work in October as part of a £1.9bn five-year strategy.

Cybersecurity alliance promoting intel-sharing seeks to expand
February 14, 2017
The Cyber Threat Alliance, a group of security firms that often compete, says its efforts to share intelligence on the latest hacking threats have been paying off.

Government Needs To Take Immediate Actions To Strengthen US Cybersecurity, GAO Says
February 14, 2017
Gregory C. Wilshusen, Director, Government Accountability Office (GAO) Information Security Issues, warned GAO “has consistently identified shortcomings in the federal government’s approach to ensuring the security of federal information systems and cyber critical infrastructure.

Change In Corporate Mindset Needed To Combat Cyber Attacks
February 13, 2017
Yahoo!’s announcement late last year that it had been victimized by not one but two separate data breaches was the Gettysburg of corporate cyber attacks – the biggest battle yet waged.

Watch Out! First-Ever Word Macro Malware for Apple Mac OS Discovered in the Wild
February 9, 2017
After targeting Windows-based computers over the past few years, hackers are now shifting their interest to Macs as well.

New Windows Trojan Spreads MIRAI Malware To Hack More IoT Devices
February 9, 2017
Researchers from Russian cyber-security firm Dr.Web have now uncovered a Windows Trojan designed to built with the sole purpose of helping hackers spread Mirai to even more devices.

Social Media Phishing Rose 500% in 2016 Q4
February 9, 2017
The data includes cases of angler phishing, where attackers intercept customer support channels on social media in their attempt to steal people’s credentials, which proved to be the most common among financial services, but also entertainment accounts.

Invisible Malware Found in Banking Systems in over 40 Countries
February 7, 2017
Banks, telcos, and even governmental agencies in the United States, South America, Europe, and Africa are being targeted by hackers in a series of ongoing attacks that are extremely difficult to detect.

76 iOS Apps, Including Medical and Banking Tools, Are Exposing Data to Hackers
February 7, 2017
Seventy-six popular apps in the Apple App Store are vulnerable to silent interception of TLS-protected data due to a poor implementation of the cryptographic protocol.

IIoT Hot Buttons for 2017
February 6, 2017
In our 35-plus years of providing continuous availability solutions for enterprises, we’ve seen only a handful of technology shifts that you could call “seismic.”

Polish Banks Hacked using Malware Planted on their own Government Site
February 6, 2017
In what considered to be the largest system hack in the country’s history and a massive attack on the financial sector, several banks in Poland have been infected with malware.

Windows SMB Zero-Day Exploit Released in the Wild after Microsoft delayed the Patch
February 5, 2017
Last weekend a security researcher publically disclosed a zero-day vulnerability in Windows 10, Windows 8.1 and Server editions after Microsoft failed to patch it in the past three months.

Anonymous Hacker took down over 10,000 Dark Web Sites; Leaked User Database
February 5, 2017
Dark Web is right now going through a very rough time.

Cybersecurity High on Netanyahu Agenda for Trump, May Meetings
February 5, 2017
When Israeli Prime Minister Benjamin Netanyahu meets with world leaders this month, strengthening cybersecurity ties will figure high on the agenda.

Incident Response Plans: A Comparison of US Law, EU Law and Soon-To-Be EU Law
February 3, 2017
When it comes to data breaches, incident response plans are the first step organizations take to prepare.

ENISA report on cyber security information sharing in the energy sector
February 3, 2017
ENISA publishes its report on Cyber Security Information Sharing in the Energy Sector.

Security firms ‘overstate hackers’ abilities to boost sales’
February 3, 2017
Computer security companies have been accused of “massively” exaggerating the abilities of malicious hackers.

iOS Cracking Tools Allegedly Stolen from Cellebrite Get Dumped Online by Hackers
February 3, 2017
We may finally have the answer to one of the big mysteries of 2016 – how did Cellebrite manage to help the FBI break into the San Bernardino shooter’s iPhone.

Popular hacker warkit Metasploit now hacks hardware and cars
February 3, 2017
Popular offensive hacking toolkit Metasploit now works on hardware, including cars, after a major update to the 13-year old platform.

Britain could carry out cyber attacks to defend itself against Russia
February 2, 2017
Sir Michael Fallon said the UK and its Nato allies must now compete on the cyber battlefield as much as they do in conventional air, land and sea warfare.

Pentagon Servers Flawed, Easy to Hack
February 1, 2017
The U.S. Department of Defense could be at risk of being attacked by hackers quite easily, one security researcher warns.

Google mistakes the entire NHS for massive cyber-attacking botnet
February 1, 2017
Google is blocking access to the entire NHS network, mistaking the amount of traffic it is currently receiving as a cyber attack.

Police Arrested Suspected Hacker Who Hacked the ‘Hacking Team’
January 31, 2017
In 2015, a hacker named Phineas Fisher hacked Hacking Team and exposed some 500 gigabytes of internal data for anyone to download.

Why Cybersecurity Should Be The CFO’s Job
January 31, 2017
The sheer pervasiveness of these risks, matched with the evolution into far more complex attacks, means the C-Suite has to get serious about managing cybersecurity.

Trump expected to sign cyber security executive order Tuesday
January 30, 2017
President Donald Trump is expected to sign an executive order on cyber security on Tuesday, marking the first action to address what he has called a top priority of his administration.

Europol and Global Cyber Alliance team up to fight cyber-crime
January 30, 2017
Europol and the Global Cyber Alliance have signed a Memorandum of Understanding to cooperate on decreasing systemic cyber-risk and improving internet security throughout Europe and beyond.

Dridex Is Back, Uses New Windows UAC Bypass Method
January 30, 2017
Banking malware Dridex is back and it’s worse, targeting British financial institutions with a new technique that has the capability of bypassing Windows User Account Control.

Four-star Alpine hotel fell victim to blackmailers who hacked into their electronic keycard system
January 26, 2017
One of Europe’s most luxurious hotels has admitted paying 1,500 euros to cyber blackmailers who hacked into their electronic key system and locked scores of guests in their rooms.