About the Review

Welcome to the Cyber Security Review website.

The growth of the internet has impacted profoundly on everyday life and the global economy. It has evolved into a global, interconnected network of systems and information – cyberspace – that we know today, transforming the conduct of business and opening new markets.

Threats to cyber security are persistent and constantly evolving. With an ever-growing number of cyber attacks on critical infrastructure, online commerce and the private sector worldwide, security experts are finding that their work has become a race against the attackers.

The Cyber Security Review is designed to draw on the combined knowledge, skills and expertise of the cyber security community to identify the emerging threats and facilitate the development of coherent policies and robust capabilities.

Our mission is to promote dialogue and provide a platform for information exchange and cooperation between stakeholders, industry, academia and security experts worldwide.

Latest news 

  • More data lost or stolen in first half of 2017 than the whole of last year

    September 20, 2017

    More data records have been lost or stolen during the first half of 2017 (1.9 billion) than all of 2016 (1.37 billion). Digital security company Gemalto’s Breach Level Index (PDF), published Wednesday, found that an average of 10.4 million records are lost or stolen every day. During the first half of 2017 there were 918 reported data ...

  • Banker helped gang launder £16m for cybercriminals

    September 20, 2017

    A gang of five men, including a corrupt banker, have pleaded guilty to their part in laundering more than £16m for international cybercriminals. Using their man on the inside at Barclays, the gang set up around 400 bank accounts over a three-year period, according to the UK’s National Crime Agency. They shuffled stolen funds through these accounts ...

  • Attackers Use Undocumented MS Office Feature to Leak System Profile Data

    September 18, 2017

    An undocumented Microsoft Office feature allows attackers to gather sensitive configuration details on targeted systems simply by tricking recipients to open a specially crafted Word document—no VBA macros, embedded Flash objects or PE files needed. The undocumented feature is being used by adversaries, according to Kaspersky Lab researchers, as part of a multistage attack that first ...

  • Hackers Hid Backdoor In CCleaner Security App With 2 Billion Downloads — 2.3 Million Infected

    September 18, 2017

    Users of Avast-owned security application CCleaner for Windows have been advised to update their software immediately, after researchers discovered criminal hackers had installed a backdoor in the tool. The tainted application allows for download of further malware, be it ransomware or keyloggers, with fears millions are affected. According to Avast’s own figures, 2.27 million ran ...

  • NCC hires three Bank of England cyber experts to beef up assurance business

    September 15, 2017

    Three of the Bank of England’s cyber specialists have joined NCC Group to lead a newly established threat assurance unit at the UK-based security consultancy firm. In their new roles within NCC’s new Centre for Evolved Next-generation Threat Assurance (CENTA), Phillip Larbey, Anthony Long and Fiona Paterson will be advising governments, regulators and regulated institutions on ...

  • Vevo Music Video Service Hacked — 3.12TB of Internal Data Leaked

    September 15, 2017

    OurMine is in headlines once again—this time for breaching the popular video streaming service Vevo. After hunting down social media accounts of HBO and defacing WikiLeaks website, the infamous self-proclaimed group of white hat hackers OurMine have hacked Vevo and leaked about 3.12 TB worth of internal files. Vevo is a joint venture between Sony Music Entertainment, Universal Music Group, Abu ...

  • Future Navy Accident Investigations Will Look for Cyber Attacks

    September 15, 2017

    Rampant internet speculation aside, there’s no evidence yet that any hostile electronic breach led to recent U.S. Navy mishaps, according to the admiral who leads the service’s cyber operations. In fact, it was mostly to put such speculation to rest that Vice Adm. Jan Tighe said she dispatched a small team to join the Navy’s investigation into the Aug. ...

  • Federal CISOs want more education and training to help boost incident response

    September 13, 2017

    Federal CISOs agree that investment in workforce training and education is the key to increasing incident response capabilities. If budgets weren’t an issue, Department of Homeland Security CISO Jeffrey Eisensmith said during a panel on CISO priorities for 2018 at the Sept. 13 Billington Cybersecurity Summit in Washington, D.C., he would put a “significant investment in ...

  • Equifax Suffered Data Breach After It Failed to Patch Old Apache Struts Flaw

    September 13, 2017

    The massive Equifax data breach that exposed highly sensitive data of as many as 143 million people was caused by exploiting a flaw in Apache Struts framework, which Apache patched over two months earlier of the security incident, Equifax has confirmed. Credit rating agency Equifax is yet another example of the companies that became victims of massive cyber attacks due ...

  • Immediately Patch Windows 0-Day Flaw That’s Being Used to Spread Spyware

    September 13, 2017

    Windows 0-Day Flaw Get ready to install a fairly large batch of security patches onto your Windows computers. As part of its September Patch Tuesday, Microsoft has released a large batch of security updates to patch a total of 81 CVE-listed vulnerabilities, on all supported versions of Windows and other MS products. The latest security update addresses ...

  • Zerodium Offering $1M for Tor Browser Zero Days

    September 13, 2017

    The exploit acquisition vendor Zerodium is doubling down again. Weeks after the company said it would pay $500,000 for zero days in private messaging apps such as Signal and WhatsApp, Zerodium said Wednesday it will pay twice that for a zero day in Tor Browser. The company said it will pay up to $1 million for fully ...

  • BlueBorne: Critical Bluetooth Attack Puts Billions of Devices at Risk of Hacking

    September 12, 2017

    If you are using a Bluetooth enabled device, be it a smartphone, laptop, smart TV or any other IoT device, you are at risk of malware attacks that can carry out remotely to take over your device even without requiring any interaction from your side. Security researchers have just discovered total 8 zero-day vulnerabilities in Bluetooth ...

  • D-Link router riddled with 0-day flaws

    September 12, 2017

    A security researcher has shamed D‑Link by publicly disclosing 10 serious, as-yet unpatched vulnerabilities in a line of consumer-grade routers without notifying the vendor first. Security researcher Pierre Kim went public on a series of flaws in D‑Link DIR 850L wireless AC1200 dual-band gigabit cloud routers without disclosing the issue to D‑Link beforehand because of a ...