About the Review

Welcome to the Cyber Security Review website.

The growth of the internet has impacted profoundly on everyday life and the global economy. It has evolved into a global, interconnected network of systems and information – cyberspace – that we know today, transforming the conduct of business and opening new markets.

Threats to cyber security are persistent and constantly evolving. With an ever-growing number of cyber attacks on critical infrastructure, online commerce and the private sector worldwide, security experts are finding that their work has become a race against the attackers.

The Cyber Security Review is designed to draw on the combined knowledge, skills and expertise of the cyber security community to identify the emerging threats and facilitate the development of coherent policies and robust capabilities.

Our mission is to promote dialogue and provide a platform for information exchange and cooperation between stakeholders, industry, academia and security experts worldwide.

Latest news 

  • Juniper Issues Security Alert Tied to Routers and Switches

    August 10, 2017

    Juniper Networks warned customers Thursday of a high-risk vulnerability in the GD graphics library that could allow a remote attacker to take control of systems running certain versions of the Junos OS. The alert was in conjunction with a warning from the U.S. Computer Emergency Readiness Team (US-CERT) that said affected versions of the Junos OS ...

  • TalkTalk fined £100k for exposing personal sensitive info

    August 10, 2017

    Blighty’s Information Commissioner’s Office has whacked TalkTalk with a £100,000 fine after the data of the records of 21,000 people were exposed to fraudsters in an Indian call centre. The breach came to light in September 2014 when TalkTalk started getting complaints from customers that they were receiving scam calls. Typically, the scammers pretended they were ...

  • CouchPotato: CIA Hacking Tool to Remotely Spy On Video Streams in Real-Time

    August 10, 2017

    After disclosing CIA’s strategies to hijack and manipulate webcams and microphones to corrupt or delete recordings, WikiLeaks has now published another Vault 7 leak, revealing CIA’s ability to spy on video streams remotely in real-time. Dubbed ‘CouchPotato,’ document leaked from the CIA details how the CIA agents use a remote tool to stealthy collect RTSP/H.264 video streams. Real Time Streaming Protocol, or RTSP, ...

  • Salesforce sacks two top security engineers for their DEF CON talk

    August 10, 2017

    Salesforce fired two of its senior security engineers after they revealed details of an internal tool for testing IT defenses at DEF CON last month. Josh Schwartz, director of offensive security, and John Cramb, a senior offensive security engineer based in Australia, were sacked by a senior Salesforce executive minutes after giving a talk at the ...

  • SAP Patch Tuesday Update Resolves 19 Flaws, Three High Severity

    August 9, 2017

    SAP released 19 patches on Tuesday, fixing a trio of vulnerabilities marked high severity in its business management software. The most pressing fixes are for a directory traversal vulnerability in the company’s Netweaver AS Java Web Container, a code injection vulnerability in its Visual Composer design tool, and a cross-site AJAX request vulnerability in its BusinessObjects suite of applications. The ...

  • How Top Companies Accidentally Leaking Terabytes of Sensitive Data Online

    August 9, 2017

    An anti-malware detection service provider and premium security firm has been accused of leaking terabytes of confidential data from several Fortune 1000 companies, including customer credentials, financial records, network intelligence and other sensitive data. However, in response to the accusations, the security firm confirmed that they are not pulling sensitive files from its customers; instead, it’s ...

  • Updates to Sofacy, Turla Highlight 2017 Q2 APT Activity

    August 8, 2017

    Attackers behind advanced persistent threat campaigns have kept busy over the past several months, adding new ways to bypass detection, crafting new payloads to drop, and identifying new zero days and backdoors to help them infect users and maintain persistence on machines. Juan Andres Guerrero-Saade and Brian Bartholomew, members of Kaspersky Lab’s Global Research and Analysis Team, described ...

  • Self-Driving Cars Can Be Hacked By Just Putting Stickers On Street Signs

    August 8, 2017

    Car Hacking is a hot topic, though it’s not new for researchers to hack cars. Previously they had demonstrated how to hijack a car remotely, how to disable car’s crucial functions like airbags, and even how to steal cars. But the latest car hacking trick doesn’t require any extra ordinary skills to accomplished. All it takes is a simple sticker onto ...

  • UK organisations could face huge fines for cyber security failures

    August 8, 2017

    British organisations could face fines of up to £17m, or 4% of global turnover, if they fail to take measures to prevent cyber-attacks that could result in major disruption to services such as transport, health or electricity networks. But the proposals, which are being considered as part of a government consultation launched on Tuesday, say that ...

  • UK Government issues cyber security guidelines for driverless cars

    August 7, 2017

    As vehicles get smarter, cyber security in the automotive industry is becoming an increasing concern. As a result, the UK government has issued new, relevant cyber security guidelines for connected and driverless cars. Cars are now becoming connected Wi-Fi hotspots, and are well on their way to autonomy. But, this leaves them vulnerable to hacking and ...

  • Web law offers ‘right to be forgotten’ online

    August 7, 2017

    Social media firms will have to erase personal information on individuals when asked under laws allowing people the “right to be forgotten” online. The Data Protection Bill will make it simpler for people to control how companies use their personal details, including requesting that posts or pictures be deleted. The information watchdog has been given extra powers ...

  • UK intelligence agencies turn to start-ups on cyber security

    August 6, 2017

    At 44 years old, Dan Brett is not a typical candidate for a tech accelerator. However, after a decade spent developing cyber security technology for banks, the entrepreneur threw his hat into the ring when he heard GCHQ was launching a centre for start-ups near its headquarters in Cheltenham. “I’m not your young, sexy start-up ...

  • Exploits Available for Siemens Molecular Imaging Vulnerabilities

    August 4, 2017

    Siemens is readying patches for a number of vulnerabilities in its molecular imaging products, including some where public exploits are available. Advisories published Thursday by the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) indicate that the flaws are remotely exploitable. “Siemens is preparing updates for the affected products and recommends protecting network access to the Molecular ...