About the Review

Welcome to the Cyber Security Review website.

The growth of the internet has impacted profoundly on everyday life and the global economy. It has evolved into a global, interconnected network of systems and information – cyberspace – that we know today, transforming the conduct of business and opening new markets.

Threats to cyber security are persistent and constantly evolving. With an ever-growing number of cyber attacks on critical infrastructure, online commerce and the private sector worldwide, security experts are finding that their work has become a race against the attackers.

The Cyber Security Review is designed to draw on the combined knowledge, skills and expertise of the cyber security community to identify the emerging threats and facilitate the development of coherent policies and robust capabilities.

Our mission is to promote dialogue and provide a platform for information exchange and cooperation between stakeholders, industry, academia and security experts worldwide.

Latest news 

  • SAP Patch Tuesday Update Resolves 19 Flaws, Three High Severity

    August 9, 2017

    SAP released 19 patches on Tuesday, fixing a trio of vulnerabilities marked high severity in its business management software. The most pressing fixes are for a directory traversal vulnerability in the company’s Netweaver AS Java Web Container, a code injection vulnerability in its Visual Composer design tool, and a cross-site AJAX request vulnerability in its BusinessObjects suite of applications. The ...

  • How Top Companies Accidentally Leaking Terabytes of Sensitive Data Online

    August 9, 2017

    An anti-malware detection service provider and premium security firm has been accused of leaking terabytes of confidential data from several Fortune 1000 companies, including customer credentials, financial records, network intelligence and other sensitive data. However, in response to the accusations, the security firm confirmed that they are not pulling sensitive files from its customers; instead, it’s ...

  • Updates to Sofacy, Turla Highlight 2017 Q2 APT Activity

    August 8, 2017

    Attackers behind advanced persistent threat campaigns have kept busy over the past several months, adding new ways to bypass detection, crafting new payloads to drop, and identifying new zero days and backdoors to help them infect users and maintain persistence on machines. Juan Andres Guerrero-Saade and Brian Bartholomew, members of Kaspersky Lab’s Global Research and Analysis Team, described ...

  • Self-Driving Cars Can Be Hacked By Just Putting Stickers On Street Signs

    August 8, 2017

    Car Hacking is a hot topic, though it’s not new for researchers to hack cars. Previously they had demonstrated how to hijack a car remotely, how to disable car’s crucial functions like airbags, and even how to steal cars. But the latest car hacking trick doesn’t require any extra ordinary skills to accomplished. All it takes is a simple sticker onto ...

  • UK organisations could face huge fines for cyber security failures

    August 8, 2017

    British organisations could face fines of up to £17m, or 4% of global turnover, if they fail to take measures to prevent cyber-attacks that could result in major disruption to services such as transport, health or electricity networks. But the proposals, which are being considered as part of a government consultation launched on Tuesday, say that ...

  • UK Government issues cyber security guidelines for driverless cars

    August 7, 2017

    As vehicles get smarter, cyber security in the automotive industry is becoming an increasing concern. As a result, the UK government has issued new, relevant cyber security guidelines for connected and driverless cars. Cars are now becoming connected Wi-Fi hotspots, and are well on their way to autonomy. But, this leaves them vulnerable to hacking and ...

  • Web law offers ‘right to be forgotten’ online

    August 7, 2017

    Social media firms will have to erase personal information on individuals when asked under laws allowing people the “right to be forgotten” online. The Data Protection Bill will make it simpler for people to control how companies use their personal details, including requesting that posts or pictures be deleted. The information watchdog has been given extra powers ...

  • UK intelligence agencies turn to start-ups on cyber security

    August 6, 2017

    At 44 years old, Dan Brett is not a typical candidate for a tech accelerator. However, after a decade spent developing cyber security technology for banks, the entrepreneur threw his hat into the ring when he heard GCHQ was launching a centre for start-ups near its headquarters in Cheltenham. “I’m not your young, sexy start-up ...

  • Exploits Available for Siemens Molecular Imaging Vulnerabilities

    August 4, 2017

    Siemens is readying patches for a number of vulnerabilities in its molecular imaging products, including some where public exploits are available. Advisories published Thursday by the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) indicate that the flaws are remotely exploitable. “Siemens is preparing updates for the affected products and recommends protecting network access to the Molecular ...

  • WannaCrypt victims paid out over $140k in Bitcoin to get files unscrambled

    August 3, 2017

    More than $140,000 (£105,000) in Bitcoin has been paid out by victims of the global WannaCrypt ransomware outbreak from May. The money was removed from the online wallets at 4am UTC on Thursday. The Bitcoin activity was noticed by a Twitter bot set up by Quartzjournalist Keith Collins. The attack swept across at least 74 countries, and the UK’s ...

  • Cisco Fixes DoS, Authentication Bypass Vulnerabilities, OSPF Bug

    August 3, 2017

    Cisco fixed 15 vulnerabilities this week in more than a dozen products, including two high severity vulnerabilities that could have let an attacker trigger a denial of service condition or bypass local authentication. The more severe bugs fixed on Wednesday exist in the company’s Identity Services Engine and its Videoscape Distribution Suite. The bypass, which exists ...

  • New Virus Called “Invisible Man” Going After Android Users

    August 3, 2017

    Security researchers warn that a new form of malware is targeting Android devices, posing as a Flash update that needs to be installed as soon as possible. SophosLabs, however, warns not only that this is fake update, but also that it includes a form of malware known as Invisible Man and officially flagged as Andr/Banker-GUA. The ...

  • WannaCry Hero Charged With Creating $7,000 Banking Malware

    August 3, 2017

    In an astonishing turn of events, the man who stopped the spread of the WannaCry ransomware earlier this year has been arrested and charged with creating a banking malware known as Kronos. Marcus Hutchins, also known as MalwareTech, was held in Nevada, just as he was getting ready to head home from the Las Vegas-based hacker conferences ...