About the Review

Welcome to the Cyber Security Review website.

The growth of the internet has impacted profoundly on everyday life and the global economy. It has evolved into a global, interconnected network of systems and information – cyberspace – that we know today, transforming the conduct of business and opening new markets.

Threats to cyber security are persistent and constantly evolving. With an ever-growing number of cyber attacks on critical infrastructure, online commerce and the private sector worldwide, security experts are finding that their work has become a race against the attackers.

The Cyber Security Review is designed to draw on the combined knowledge, skills and expertise of the cyber security community to identify the emerging threats and facilitate the development of coherent policies and robust capabilities.

Our mission is to promote dialogue and provide a platform for information exchange and cooperation between stakeholders, industry, academia and security experts worldwide.

Latest news 

  • New IcedID Trojan Targets US Banks

    November 13, 2017

    Researchers are warning users about a wave of recent attacks targeting U.S. financial institutions that leverage a new banking Trojan dubbed IcedID. The IcedID Trojan was spotted in September by researchers at IBM’s X-Force Research team. They said the Trojan has several standout techniques and procedures, such as the ability to spread over a network and ...

  • Apple iPhone X’s Face ID Hacked (Unlocked) Using 3D-Printed Mask

    November 13, 2017

    Just a week after Apple released its brand new iPhone X on November 3, a team of hackers has claimed to successfully hack Apple’s Face ID facial recognition technology with a mask that costs less than $150. Yes, Apple’s “ultra-secure” Face ID security for the iPhone X is not as secure as the company claimed during ...

  • Experts working with Homeland Security hacked into Boeing 757

    November 10, 2017

    There’s some unsettling news about one of America’s most widely-used jetliners. In a test, experts working with Homeland Security hacked into a Boeing 757. The team of researchers needed only two days in September 2016 to remotely hack into a 757 parked at the airport in Atlantic City, New Jersey. Speaking at a conference this week, Robert Hickey of ...

  • Equifax spends $87.5 million on data breach, more expenses on deck

    November 9, 2017

    Equifax spent $87.5 million in the third quarter on its recent data breach. The disclosure came amid an earnings report that showed revenue growth of 4 percent to $834.8 million and net income of $96.3 million. In other words, the data breach affecting 145 million Equifax customers dented the cash cow, but it certainly didn’t kill it. Read more… Source: ZDNet  

  • Intel’s management engine – in most CPUs since 2008 – can be p0wned over USB

    November 9, 2017

    Positive Technologies, which in September said it has a way to attack the Intel Management Engine, has dropped more details on how its exploit works. The firm has already promised to demonstrate God-mode hack in December 2017, saying the bug “allows an attacker of the machine to run unsigned code in the Platform Controller Hub on any motherboard”. For ...

  • Evil pixels: researcher demos data-theft over screen-share protocols

    November 9, 2017

    It’s the kind of thinking you expect from someone who lives in a volcano lair: exfiltrating data from remote screen pixel values. The idea comes from Pen Test Partners’ Alan Monie, taking a break from sex toy hacks and wondering how to get data over a connection like RDP (remote desktop protocol) when the target had blocked file transfer ...

  • Russian ‘Fancy Bear’ Hackers Using (Unpatched) Microsoft Office DDE Exploit

    November 8, 2017

    Cybercriminals, including state-sponsored hackers, have started actively exploiting a newly discovered Microsoft Office vulnerability that Microsoft does not consider as a security issue and has already denied to patch it. Last month, we reported how hackers could leverage a built-in feature of Microsoft Office feature, called Dynamic Data Exchange (DDE), to perform code execution on the targeted device ...