About the Review


Welcome to the Cyber Security Review website.

The growth of the internet has impacted profoundly on everyday life and the global economy. It has evolved into a global, interconnected network of systems and information – cyberspace – that we know today, transforming the conduct of business and opening new markets.

Threats to cyber security are persistent and constantly evolving. With an ever-growing number of cyber attacks on critical infrastructure, online commerce and the private sector worldwide, security experts are finding that their work has become a race against the attackers.

The Cyber Security Review is designed to draw on the combined knowledge, skills and expertise of the cyber security community to identify the emerging threats and facilitate the development of coherent policies and robust capabilities.

Our mission is to promote dialogue and provide a platform for information exchange and cooperation between stakeholders, industry, academia and security experts worldwide.


Latest news 


  • Siemens Patches Vulnerabilities in SIMATIC CP, XHQ

    June 23, 2017

    Siemens patched two vulnerabilities in products commonly found in industrial control system setups this week. If exploited the flaws could allow an attacker to perform administrative actions or gain read access to sensitive data on affected systems. Siemens patched one issue (.PDF) on Tuesday and the other on Thursday (.PDF) this week. ICS-CERT, the Department of ...

  • AES-256 keys sniffed in seconds using €200 of kit a few inches away

    June 23, 2017

    Side-channel attacks that monitor a computer’s electromagnetic output to snaffle passwords are nothing new. They usually require direct access to the target system and a lot of expensive machinery – but no longer. Researchers at Fox‑IT have managed to wirelessly extract secret AES-256 encryption keys from a distance of one metre (3.3 feet) – using €200 ...

  • Virgin Media tells 800,000 users to change passwords over hub hacking risk

    June 23, 2017

    Virgin Media is advising more than 800,000 customers with a specific router to change their password immediately after an investigation found hackers could gain access to it. Virgin Media said the risk to customers with a Super Hub 2 router was small, but advised them to change both their network and router passwords if they were ...

  • Cisco tackling human element of security with cyber training course

    June 23, 2017

    With one of the most commonly cited threats to an enterprise being the human element, the Australian arm of Cisco is investing in cyber-focused courses to bring people up to date with the role they can play in preventing an attack. Speaking with ZDNet, Anthony Stitt, GM of Security for Cisco in Australia and New Zealand, ...

  • Cyber security ‘as important as physical security’

    June 23, 2017

    A key figure in American business has urged all companies to take the cyber security threat more seriously after chastising his own accountant for paying a ransomware demand. Jorge Fernandez, VP global commerce for the Metro Atlanta Chamber, said it is time that firms took the same care in cyberspace as they do when installing physical ...

  • Inspector gadget: how smart devices are outsmarting criminals

    June 23, 2017

    Richard Dabate told police a masked intruder assaulted him and killed his wife in their Connecticut home. His wife’s Fitbit told another story and Dabate was charged with the murder. James Bates said an acquaintance accidentally drowned in his hot tub in Arkansas. Detectives suspected foul play and obtained data from Bates’s Amazon Echo device. Bates ...

  • NSA Advocates Data Sharing Framework

    June 23, 2017

    The economics of cybersecurity are skewed in favor of attackers, who invest once and can launch thousands of attacks with a piece of malware or exploit kit. That’s why Neal Ziring, technical director for the NSA’s Capabilities Directorate, wants to flip the financial equation on bad guys. “We need to conduct defenses in a way that ...

  • Microsoft’s Private Windows 10 Internal Builds and Partial Source Code Leaked Online

    June 23, 2017

    A massive archive of Microsoft’s top-secret Windows 10 builds, and the source codes for private software has been reportedly leaked online, which could lead to a nasty wave of Windows 10 exploits, journalist at the Reg claims. The Leaked files – uploaded on BetaArchive website – contains more than 32 terabytes of data, which includes many ...

  • US Secretary of State: Я буду работать с Россией по вопросам кибербезопасности

    June 23, 2017

    US Secretary of State Rex Tillerson has expressed a willingness to work directly with Russia on cybersecurity and other issues. The proposed partnership is surprising, given the continued controversy over allegations that the Russians interfered with last year’s US presidential election – a serious accusation at the center of an ongoing Congressional inquiry. Secretary of State Tillerson ...

  • Brutal Kangaroo: CIA-developed Malware for Hacking Air-Gapped Networks Covertly

    June 22, 2017

    WikiLeaks has published a new batch of the ongoing Vault 7 leak, this time detailing a tool suite – which is being used by the CIA for Microsoft Windows that targets “closed networks by air gap jumping using thumb drives,” mainly implemented in enterprises and critical infrastructures. Air-gapped computers that are isolated from the Internet or ...

  • Breach at UK.gov’s Cyber Essentials scheme exposes users to phishing attacks

    June 21, 2017

    The operation behind the UK government’s Cyber Essentials scheme has suffered a breach exposing the email addresses of registered consultancies, it told them today. The scheme’s badges are required by all suppliers bidding for “certain sensitive and personal information-handling contracts”. Companies were notified of the problem, which leaves them at greater risk of phishing attack, through ...

  • Cybersecurity Demands a Military Mindset

    June 21, 2017

    American corporations have a high degree of cybersecurity risk awareness, and yet many enterprises, especially in non-regulated sectors, fall short in their cybersecurity stance.  This is mainly because executives see security as an ROI-less investment mandated by regulation. Even worse, executives suffer from two psychological biases: “We haven’t suffered a breach this year, so no need ...