Welcome to the Cyber Security Review website.
The growth of the internet has impacted profoundly on everyday life and the global economy. It has evolved into a global, interconnected network of systems and information – cyberspace – that we know today, transforming the conduct of business and opening new markets.
Threats posed by cybercriminals, state and non-state actors are persistent and constantly evolving. With an ever-growing number of cyber attacks on critical infrastructure, manufacturing, online commerce and digital life in general, security experts are finding that their work has become a race against the attackers.
The Cyber Security Review is designed to draw on the combined knowledge, skills and expertise of the cyber security community to identify the emerging threats and facilitate the development of coherent policies and robust capabilities.
Our mission is to promote dialogue and provide a platform for information exchange and cooperation between stakeholders, industry, academia and security experts worldwide.
Latest news
- New Sunspot malware found while investigating SolarWinds hack
January 12, 2021
Cybersecurity firm CrowdStrike has discovered the malware used by the SolarWinds hackers to inject backdoors in Orion platform builds during the supply-chain attack that led ...
- Free decrypter released for victims of Darkside ransomware
January 11, 2021
Cybersecurity firm Bitdefender has released today a free tool that can help victims of the Darkside ransomware recover their encrypted files for free, without paying ...
- Sunburst backdoor – code overlaps with Kazuar
January 11, 2021
On December 13, 2020, FireEye published a blog post detailing a supply chain attack leveraging Orion IT, an infrastructure monitoring and management platform by SolarWinds. ...
- Capitol attack’s cybersecurity fallout: Stolen laptops, lost data and possible espionage
January 11, 2021
When hostile actors penetrated the Capitol Building on January 6, they gained access to individual chambers and offices and remained at large within the Capitol ...
- United Nations data breach exposed over 100k UNEP staff records
January 11, 2021
Today, researchers have responsibly disclosed a security vulnerability by exploiting which they could access over 100,000 private employee records of United Nations Environmental Programme (UNEP). The ...
- Parler social network drops offline after Amazon pulls support
January 11, 2021
Parler has dropped offline after Amazon pulled support for its so-called “free speech” social network. The platform had been reliant on the tech giant’s Amazon Web ...
- UK: Fake NHS text asks for bank details in return for coronavirus vaccine
January 8, 2021
People are being warned about a fake NHS text which is demanding bank details from people waiting for a coronavirus vaccine. Liverpool City Council said in ...
- Malicious Shell Script Steals AWS, Docker Credentials
January 8, 2021
We recently spotted new attacks where, again, threat actors used shell scripts to perform their malicious activities. Based on previous attacks, these malicious scripts were ...
- Investigation launched into vulnerabilities found within US Judiciary case file system
January 8, 2021
The United States Judiciary has announced an audit into its systems, following concerns its case file system has been compromised. In making the announcement, the Judiciary ...
- Nissan NA source code leaked due to default admin:admin credentials
January 8, 2021
Multiple code repositories from Nissan North America became public this week after the company left an exposed Git server protected with default access credentials. The entire ...
- Nvidia releases security update for high-severity graphics driver vulnerabilities
January 8, 2021
Nvidia has released a round of security fixes tackling high-severity issues in the Nvidia GPU display driver and vGPU software. Released on Thursday, the technology giant ...
- Adversary Infrastructure Report 2020: A Defender’s View
January 8, 2021
Recorded Future tracks the creation and modification of new malicious infrastructure for a multitude of post-exploitation toolkits, custom malware frameworks, and open-source remote access trojans. The ...
- TA551: Email Attack Campaign Switches from Valak to IcedID
January 7, 2021
TA551 (also known as Shathak) is an email-based malware distribution campaign that often targets English-speaking victims. The campaign discussed in this blog has targeted German, ...
- FBI warns of Egregor ransomware extorting businesses worldwide
January 7, 2021
The US Federal Bureau of Investigation (FBI) has sent a security alert warning private sector companies that the Egregor ransomware operation is actively targeting and ...
- Windows PsExec zero-day vulnerability gets a free micropatch
January 7, 2021
A free micropatch fixing a local privilege escalation (LPE) vulnerability in Microsoft’s Windows PsExec management tool is now available through the 0patch platform. PsExec is a ...