About the Review

Welcome to the Cyber Security Review website.

The growth of the internet has impacted profoundly on everyday life and the global economy. It has evolved into a global, interconnected network of systems and information – cyberspace – that we know today, transforming the conduct of business and opening new markets.

Threats to cyber security are persistent and constantly evolving. With an ever-growing number of cyber attacks on critical infrastructure, online commerce and the private sector worldwide, security experts are finding that their work has become a race against the attackers.

The Cyber Security Review is a publication designed to draw on the combined knowledge, skills and expertise of the cyber security community to identify the emerging threats and facilitate the development of coherent policies and robust capabilities.

Our mission is to promote dialogue and provide a platform for information exchange and cooperation between stakeholders, industry, academia and security experts worldwide.

Latest news 

  • Windows SMB Zero-Day Exploit Released in the Wild after Microsoft delayed the Patch

    February 5, 2017

    Last weekend a security researcher publically disclosed a zero-day vulnerability in Windows 10, Windows 8.1 and Server editions after Microsoft failed to patch it in the past three months. The zero-day memory corruption flaw resides in the implementation of the SMB (server message block) network file sharing protocol that could allow a remote, unauthenticated attacker to ...

  • Popular hacker warkit Metasploit now hacks hardware and cars

    February 3, 2017

    Popular offensive hacking toolkit Metasploit now works on hardware, including cars, after a major update to the 13-year old platform. The free-or-paid modular hacking machine now sports plenty of CVE-specific exploitation components that security professionals have long-used for penetration tests and research. An update to the Hardware Bridge API means the platform will now work on variety ...

  • iOS Cracking Tools Allegedly Stolen from Cellebrite Get Dumped Online by Hackers

    February 3, 2017

    We may finally have the answer to one of the big mysteries of 2016 – how did Cellebrite manage to help the FBI break into the San Bernardino shooter’s iPhone. The answer seems to be repurposing other existing cracking tools used to jailbreak iPhones. One hacker broke into Cellebrite’s servers last month, stealing 900 GB of ...

  • Security firms ‘overstate hackers’ abilities to boost sales’

    February 3, 2017

    Computer security companies have been accused of “massively” exaggerating the abilities of malicious hackers. Dr Ian Levy, technical director of the UK’s National Cyber Security Centre, made the accusation in a speech. He said the firms played up hackers’ abilities to help them sell security hardware and services. Overplaying hackers’ skills let the firms claim only they could ...

  • ENISA report on cyber security information sharing in the energy sector

    February 3, 2017

    The purpose of this report is to understand and learn the development of CSIRTs, ISACs, as well as relevant initiatives on information sharing on cyber security incidents in the energy sector by focusing on the subsectors identified in the NIS Directive (European Parliament and Council, 2016) – namely electricity, oil and gas – complemented by ...

  • Incident Response Plans: A Comparison of US Law, EU Law and Soon-To-Be EU Law

    February 3, 2017

    The best way to handle any emergency is to be prepared. When it comes to data breaches, incident response plans are the first step organizations take to prepare. In the United States, incident response plans are commonplace. Since 2005, the federal banking agencies have interpreted the Gramm-Leach-Bliley Act as requiring financial institutions to create procedures for ...

  • Britain could carry out cyber attacks to defend itself against Russia

    February 2, 2017

    Britain could carry out offensive cyber attacks to tackle high-tech Russian subversion, the Defence Secretary has suggested. Sir Michael Fallon said the UK and its Nato allies must now compete on the cyber battlefield as much as they do in conventional air, land and sea warfare. Britain’s adversaries must know they face a price for using cyber ...

  • Google mistakes the entire NHS for massive cyber-attacking botnet

    February 1, 2017

    Google is blocking access to the entire NHS network, mistaking the amount of traffic it is currently receiving as a cyber attack. An email from an NHS trust’s IT department seen by The Register confirmed that the US search giant has mistaken the current traffic levels for a botnet. The email headed “Google Access” stated: “Google is ...

  • Pentagon Servers Flawed, Easy to Hack

    February 1, 2017

    The U.S. Department of Defense could be at risk of being attacked by hackers quite easily, one security researcher warns. According to ZDNet, who cites Dan Tentler, founder of cybersecurity firm Phobos Group, several misconfigured servers run by the DoD could allow hackers easy access to internal government systems. That includes foreign actors eager to find ...

  • Police Arrested Suspected Hacker Who Hacked the ‘Hacking Team’

    January 31, 2017

    In 2015, a hacker named Phineas Fisher hacked Hacking Team – the Italy-based spyware company that sells spying software to law enforcement agencies worldwide – and exposed some 500 gigabytes of internal data for anyone to download. Now, the Spanish authorities believe that they have arrested Phineas Fisher, who was not just behind the embarrassing hack ...

  • Why Cybersecurity Should Be The CFO’s Job

    January 31, 2017

    Cyber risk is a 21st century business reality and something that can’t be ignored. The sheer pervasiveness of these risks, matched with the evolution into far more complex attacks, means the C-Suite has to get serious about managing cybersecurity. I sat down with Steffan Tomlinson this month, CFO of Palo Alto Networks, who explains why ...

  • Ransomware Took Down Washington DC CCTV Days Before Trump’s Inauguration

    January 30, 2017

    Just days before the inauguration of President Trump, the storage devices recording data from the D.C. Police surveillance cameras were infected by hackers. According to the Washington Post, some 70 percent of the abovementioned storage devices had been infected, which forced citywide reinstallation efforts, especially since it all happened eight days before one of the largest ...