About the Review

Welcome to the Cyber Security Review website.

The growth of the internet has impacted profoundly on everyday life and the global economy. It has evolved into a global, interconnected network of systems and information – cyberspace – that we know today, transforming the conduct of business and opening new markets.

Threats to cyber security are persistent and constantly evolving. With an ever-growing number of cyber attacks on critical infrastructure, online commerce and the private sector worldwide, security experts are finding that their work has become a race against the attackers.

The Cyber Security Review is designed to draw on the combined knowledge, skills and expertise of the cyber security community to identify the emerging threats and facilitate the development of coherent policies and robust capabilities.

Our mission is to promote dialogue and provide a platform for information exchange and cooperation between stakeholders, industry, academia and security experts worldwide.

Latest news 

  • Security experts: Iran-backed hackers targeting U.S. and Saudi Arabia

    September 21, 2017

    Cybersecurity firm FireEye has identified a new group of hackers, known as APT33, that it says has been working on behalf of the Iranian government since 2013. The group has “potential destructive capabilities,” FireEye warned. “The campaigns that were laid out were not just aligned with the Iranian government but with the Iranian military,” said Stuart ...

  • More data lost or stolen in first half of 2017 than the whole of last year

    September 20, 2017

    More data records have been lost or stolen during the first half of 2017 (1.9 billion) than all of 2016 (1.37 billion). Digital security company Gemalto’s Breach Level Index (PDF), published Wednesday, found that an average of 10.4 million records are lost or stolen every day. During the first half of 2017 there were 918 reported data ...

  • Banker helped gang launder £16m for cybercriminals

    September 20, 2017

    A gang of five men, including a corrupt banker, have pleaded guilty to their part in laundering more than £16m for international cybercriminals. Using their man on the inside at Barclays, the gang set up around 400 bank accounts over a three-year period, according to the UK’s National Crime Agency. They shuffled stolen funds through these accounts ...

  • CCleaner Malware Infects Big Tech Companies With Second Backdoor

    September 20, 2017

    The group of unknown hackers who hijacked CCleaner’s download server to distribute a malicious version of the popular system optimization software targeted at least 20 major international technology companies with a second-stage payload. Earlier this week, when the CCleaner hack was reported, researchers assured users that there’s no second stage malware used in the massive attack and affected users ...

  • Singapore to have new academy to train cybersecurity professionals

    September 19, 2017

    More needs to be done even as Singapore has made “good progress” in building up its cybersecurity capabilities, as it is more exposed than many other countries to cyberattacks, said Acting Prime Minister Teo Chee Hean on Tuesday (Sep 19). To address this, and as part of efforts to invest in its people, Mr Teo said the ...

  • Attackers Use Undocumented MS Office Feature to Leak System Profile Data

    September 18, 2017

    An undocumented Microsoft Office feature allows attackers to gather sensitive configuration details on targeted systems simply by tricking recipients to open a specially crafted Word document—no VBA macros, embedded Flash objects or PE files needed. The undocumented feature is being used by adversaries, according to Kaspersky Lab researchers, as part of a multistage attack that first ...

  • Hackers Hid Backdoor In CCleaner Security App With 2 Billion Downloads — 2.3 Million Infected

    September 18, 2017

    Users of Avast-owned security application CCleaner for Windows have been advised to update their software immediately, after researchers discovered criminal hackers had installed a backdoor in the tool. The tainted application allows for download of further malware, be it ransomware or keyloggers, with fears millions are affected. According to Avast’s own figures, 2.27 million ran ...

  • NCC hires three Bank of England cyber experts to beef up assurance business

    September 15, 2017

    Three of the Bank of England’s cyber specialists have joined NCC Group to lead a newly established threat assurance unit at the UK-based security consultancy firm. In their new roles within NCC’s new Centre for Evolved Next-generation Threat Assurance (CENTA), Phillip Larbey, Anthony Long and Fiona Paterson will be advising governments, regulators and regulated institutions on ...

  • Vevo Music Video Service Hacked — 3.12TB of Internal Data Leaked

    September 15, 2017

    OurMine is in headlines once again—this time for breaching the popular video streaming service Vevo. After hunting down social media accounts of HBO and defacing WikiLeaks website, the infamous self-proclaimed group of white hat hackers OurMine have hacked Vevo and leaked about 3.12 TB worth of internal files. Vevo is a joint venture between Sony Music Entertainment, Universal Music Group, Abu ...

  • Future Navy Accident Investigations Will Look for Cyber Attacks

    September 15, 2017

    Rampant internet speculation aside, there’s no evidence yet that any hostile electronic breach led to recent U.S. Navy mishaps, according to the admiral who leads the service’s cyber operations. In fact, it was mostly to put such speculation to rest that Vice Adm. Jan Tighe said she dispatched a small team to join the Navy’s investigation into the Aug. ...

  • Federal CISOs want more education and training to help boost incident response

    September 13, 2017

    Federal CISOs agree that investment in workforce training and education is the key to increasing incident response capabilities. If budgets weren’t an issue, Department of Homeland Security CISO Jeffrey Eisensmith said during a panel on CISO priorities for 2018 at the Sept. 13 Billington Cybersecurity Summit in Washington, D.C., he would put a “significant investment in ...

  • Equifax Suffered Data Breach After It Failed to Patch Old Apache Struts Flaw

    September 13, 2017

    The massive Equifax data breach that exposed highly sensitive data of as many as 143 million people was caused by exploiting a flaw in Apache Struts framework, which Apache patched over two months earlier of the security incident, Equifax has confirmed. Credit rating agency Equifax is yet another example of the companies that became victims of massive cyber attacks due ...

  • Immediately Patch Windows 0-Day Flaw That’s Being Used to Spread Spyware

    September 13, 2017

    Windows 0-Day Flaw Get ready to install a fairly large batch of security patches onto your Windows computers. As part of its September Patch Tuesday, Microsoft has released a large batch of security updates to patch a total of 81 CVE-listed vulnerabilities, on all supported versions of Windows and other MS products. The latest security update addresses ...