About the Review

Welcome to the Cyber Security Review website.

The growth of the internet has impacted profoundly on everyday life and the global economy. It has evolved into a global, interconnected network of systems and information – cyberspace – that we know today, transforming the conduct of business and opening new markets.

Threats to cyber security are persistent and constantly evolving. With an ever-growing number of cyber attacks on critical infrastructure, online commerce and the private sector worldwide, security experts are finding that their work has become a race against the attackers.

The Cyber Security Review is a publication designed to draw on the combined knowledge, skills and expertise of the cyber security community to identify the emerging threats and facilitate the development of coherent policies and robust capabilities.

Our mission is to promote dialogue and provide a platform for information exchange and cooperation between stakeholders, industry, academia and security experts worldwide.

Latest news 

  • Could cybersecurity sink your next M&A?

    February 26, 2017

    Most CFOs don’t expect to see cybersecurity on their due diligence checklist for mergers and acquisitions. Yet cybersecurity – or a lack thereof – has massive implications for any deal: after all, the average data breach now costs organisations in the ballpark of $4 million, not to mention the potential damage to reputation and revenues when ...

  • Cloudbleed: How to Protect Yourself After the Data Leak

    February 25, 2017

    Cloudflare revealed a bug in its code caused sensitive data to leak from major websites that use its services, including big names such as Uber, Fitbit, 1Password, and OkCupid. There are an estimated 4.2 million domains using Cloudflare, which may have leaked data, including crypto keys, passwords, user sensitive information, and so on. The list is ...

  • NSA snoops told: Get your checkbooks and pens ready for a cyber-weapon shopping spree

    February 25, 2017

    NSA and US Cyber Command boss Mike Rogers has revealed the future direction of his two agencies – and for the private sector, this masterplan can be summarized in one word. Kerching! Speaking at the West 2017 Navy conference on Friday, Rogers said he is mulling buying up more infosec tools from corporations to attack and infiltrate ...

  • NATO Warns Cyber Attacks Are a Threat to Democracy Itself

    February 24, 2017

    NATO is showing concern about the impact of cyber attacks, considering that they are a threat to individuals and organizations, but also to the fundamental nature of democracy. According to Jamie Shea, deputy assistant secretary general for emerging security challenges at NATO, cyber is facilitating more advanced and more effective psychological warfare, information operations, coercion and ...

  • Security researchers announce “first practical” SHA-1 collision attack

    February 23, 2017

    Security researchers at the CWI institute in Amsterdam working with a team from Google Research say they have found a faster way to compromise the SHA-1 hash algorithm — announcing what they describe as “the first practical technique for generating a SHA-1 collision” in a blog post today. A ‘collision’ here refers to being able to ...

  • A guided tour of the cybercrime underground

    February 23, 2017

    One of the strange features of cybercrime is how much of it is public. A quick search will turn up forums and sites where stolen goods, credit cards and data are openly traded. But a glance into those places may not give you much idea about what is going on. “Everyone can join as long as you speak ...

  • UK crime agency arrests suspect in Deutsche Telekom cyber attack

    February 23, 2017

    British authorities have arrested a suspect in connection with a cyber attack that infected nearly 1 million routers used to access Deutsche Telekom’s (DTEGn.DE) internet service, German federal police said on Thursday. Britain’s National Crime Agency detained the 29-year-old Briton at one of London’s airports on Wednesday, the police said in a statement. Deutsche Telekom welcomed the ...

  • Serious Bug Exposes Sensitive Data From Millions Sites Sitting Behind CloudFlare

    February 22, 2017

    A severe security vulnerability has been discovered in the CloudFlare content delivery network that has caused big-name websites to expose private session keys and other sensitive data. CloudFlare, a content delivery network (CDN) and web security provider that helps optimize safety and performance of over 5.5 Million websites on the Internet, is warning its customers of ...

  • INTERPOL World 2017 builds up momentum with strong support from public and private sectors

    February 21, 2017

    SINGAPORE – The second edition of INTERPOL World has garnered strong support from public and private sectors, both locally and on the international front. Owned by INTERPOL, the world’s largest police organization with 190 member countries, the event is supported by Singapore’s Ministry of Home Affairs (MHA), the World Economic Forum and CyberSecurity Malaysia, an ...

  • How to Bury a Major Breach Notification

    February 21, 2017

    Amid the hustle and bustle of the RSA Security Conference in San Francisco last week, researchers at RSA released a startling report that received very little press coverage relative to its overall importance. The report detailed a malware campaign that piggybacked on a popular piece of software used by system administrators at some of the ...

  • Unpatched Python and Java Flaws Let Hackers Bypass Firewall Using FTP Injection

    February 21, 2017

    This newly discovered bugs in Java and Python is a big deal today. The two popular programming languages, Java and Python, contain similar security flaws that can be exploited to send unauthorized emails and bypass any firewall defenses. And since both the flaws remain unpatched, hackers can take advantage to design potential cyber attack operations against critical ...

  • Malware Attack on Polish Banks Uses Russian as False Flag, Linked to Lazarus

    February 21, 2017

    Hackers involved in the attack on Polish banks seem to have faked some of the code lines, making it seem as if they were Russians. The truth is, however, the lines don’t make sense to native speakers and an online translator may have been used. A recent sophisticated attack campaign targeted financial organizations from many countries, ...