About the Review

Welcome to the Cyber Security Review website.

The growth of the internet has impacted profoundly on everyday life and the global economy. It has evolved into a global, interconnected network of systems and information – cyberspace – that we know today, transforming the conduct of business and opening new markets.

Threats to cyber security are persistent and constantly evolving. With an ever-growing number of cyber attacks on critical infrastructure, online commerce and the private sector worldwide, security experts are finding that their work has become a race against the attackers.

The Cyber Security Review is designed to draw on the combined knowledge, skills and expertise of the cyber security community to identify the emerging threats and facilitate the development of coherent policies and robust capabilities.

Our mission is to promote dialogue and provide a platform for information exchange and cooperation between stakeholders, industry, academia and security experts worldwide.

Latest news 

  • Spy vs spy vs hacker vs… who is THAT? Everyone’s hacking each other

    October 5, 2017

    VB2017 Intel agencies and top-tier hackers are actively hacking other hackers in order to steal victim data, borrow tools and techniques, and reuse each other’s infrastructure, attendees at Virus Bulletin Con, Madrid, were told yesterday. The increasing amount of spy-vs-spy type activity is making accurate threat intel increasingly difficult for security researchers, according to Kaspersky Lab. Threat intelligence ...

  • Inside the CCleaner Backdoor Attack

    October 5, 2017

    As the investigation continues into the backdoor planted inside CCleaner, two members of parent company Avast’s threat intelligence team said today the desktop and cloud versions of the popular software contained different payloads. The revelation was made during a talk at Virus Bulletin 2017 during which Jakub Kroustek and Jiri Bracek shared technical details on the ...

  • FormBook—Cheap Password Stealing Malware Used In Targeted Attacks

    October 5, 2017

    It seems sophisticated hackers have changed the way they conduct targeted cyber operations—instead of investing in zero-days and developing their malware; some hacking groups have now started using ready-made malware just like script kiddies. Possibly, this could be a smart move for state-sponsored hackers to avoid being attributed easily. Security researchers from multiple security firms, including Arbor Networks and FireEye, ...

  • Why You Should Gamify Your Cybersecurity Training

    October 4, 2017

    With big data breaches occurring almost weekly, companies are looking for ways to tighten up their cybersecurity training. Information security risks continue to evolve, and employees must be educated on the latest security vulnerabilities and encouraged to adapt their behaviors to address such exposures. The latest big data breach? Equifax. One of the nation’s three largest credit reporting companies was ...

  • Equifax Says 145.5M Affected by Breach, Ex-CEO Testifies

    October 3, 2017

    Equifax, the credit agency behind this summer’s breach of 143 million Americans, said this week the number of victims implicated in the breach has increased. Paulino do Rego Barros, Jr., the company’s interim CEO, announced Monday that 2.5 million additional Americans were also impacted, bringing the grand total to 145.5 million affected individuals. Equifax initially called its investigation around ...

  • Google Finds 7 Security Flaws in Widely Used Dnsmasq Network Software

    October 2, 2017

    Security researchers have discovered not one or two, but a total of seven security vulnerabilities in the popular open source Dnsmasq network services software, three of which could allow remote code execution on a vulnerable system and hijack it. Dnsmasq is a widely used lightweight network application tool designed to provide DNS (Domain Name System) forwarder, ...

  • National Lottery website brought down by cyber hack attack leaving thousands unable to buy tickets

    September 30, 2017

    A cyber attack brought down the the National Lottery website last night, Camelot has admitted. The website was down for more than an hour-and-a-half yesterday evening, due to a distributed denial of service (DDOS) attack – when hackers flooded the website with online traffic. A Camelot spokesperson said: “Unfortunately, as experienced by many companies, The National Lottery website was subject to ...

  • Millions of Up-to-Date Apple Macs Remain Vulnerable to EFI Firmware Hacks

    September 29, 2017

    “Always keep your operating system and software up-to-date.” This is one of the most popular and critical advice that every security expert strongly suggests you to follow to prevent yourself from major cyber attacks. However, even if you attempt to install every damn software update that lands to your system, there is a good chance of your ...

  • Internet-wide security update put on hold over fears 60 million people would be kicked offline

    September 28, 2017

    A multi-year effort to update the internet’s overall security has been put on hold just days before it was due to be introduced, over fears that as many as 60 million people could be forced offline. DNS overseer ICANN announced on Thursday it had postponed the rollout of a new root zone “key signing key” (KSK) used to secure the internet’s foundational ...

  • Two Danish ministries taken offline by cyber attack

    September 28, 2017

    A Turkish hacker group has claimed responsibility for a cyber attack that has rendered the Danish Ministry of Immigration website inaccessible. The Ministry of Immigration, as well as the Ministry of Foreign Affairs of Denmark, were hit Wednesday by a cyber attack thought to have come from a Turkish hacker group, reports broadcaster DR. The former ministry’s website ...

  • How cyber impacts the full spectrum of terror threats

    September 27, 2017

    Despite the immediate logistical demands of three catastrophic hurricanes in the last two months and various geopolitical flashpoints, cybersecurity remains a key issue and very much on the minds of top federal defenders. “There is no longer a ‘home game’ and an ‘away game,'” for homeland security, DHS Acting Secretary Elaine Duke said at a Sept. ...

  • Remote Wi-Fi Attack Backdoors iPhone 7

    September 27, 2017

    Google on Tuesday disclosed details and a proof-of-concept exploit for a Wi-Fi firmware vulnerability in Broadcom chipsets patched this week in iOS 11. The attack enables code execution and persistent presence on a compromised device. “The exploit gains code execution on the Wi-Fi firmware on the iPhone 7,” said Google Project Zero researcher Gal Beniamini, whose ...

  • 2-Year-Old Linux Kernel Issue Resurfaces As High-Risk Flaw

    September 27, 2017

    A bug in Linux kernel that was discovered two years ago, but was not considered a security threat at that time, has now been recognised as a potential local privilege escalation flaw. Identified as CVE-2017-1000253, the bug was initially discovered by Google researcher Michael Davidson in April 2015. Since it was not recognised as a serious bug at that ...