Welcome to the Cyber Security Review website.
The growth of the internet has impacted profoundly on everyday life and the global economy. It has evolved into a global, interconnected network of systems and information – cyberspace – that we know today, transforming the conduct of business and opening new markets.
Threats posed by cybercriminals, state and non-state actors are persistent and constantly evolving. With an ever-growing number of cyber attacks on critical infrastructure, manufacturing, online commerce and digital life in general, security experts are finding that their work has become a race against the attackers.
The Cyber Security Review is designed to draw on the combined knowledge, skills and expertise of the cyber security community to identify the emerging threats and facilitate the development of coherent policies and robust capabilities.
Our mission is to promote dialogue and provide a platform for information exchange and cooperation between stakeholders, industry, academia and security experts worldwide.
Latest news
- Spar shops across northern UK shut after cyber attack hits payment processing abilities
December 6, 2021
The British arm of Dutch supermarket chain Spar has shut hundreds of shops after suffering an “online attack,” the company has confirmed to The Register. “This ...
- NICKEL targeting government organizations across Latin America and Europe
December 6, 2021
The Microsoft Threat Intelligence Center (MSTIC) has observed NICKEL, a China-based threat actor, targeting governments, diplomatic entities, and non-governmental organizations (NGOs) across Central and South ...
- U.S. State Department phones hacked with Israeli company spyware
December 3, 2021
Apple Inc iPhones of at least nine U.S. State Department employees were hacked by an unknown assailant using sophisticated spyware developed by the Israel-based NSO ...
- Sensitive information of 30k Florida healthcare workers exposed in unprotected database
December 3, 2021
More than 30,000 US healthcare workers’ personal information was recently exposed due to a non-password protected database, according to security researcher Jeremiah Fowler and a ...
- Vulnerabilities Exploited for Monero Mining Malware Delivered via GitHub, Netlify
December 3, 2021
Earlier this year, a security flaw identified as CVE-2021-41773 was disclosed to Apache HTTP Server Project, a path traversal and remote code execution (RCE) flaw ...
- Indicators of Compromise Associated with Cuba Ransomware
December 2, 2021
The FBI has identified, as of early November 2021 that Cuba ransomware actors have compromised at least 49 entities in five critical infrastructure sectors, including ...
- Colorado energy company loses 25 years of data after cyberattack while still rebuilding network
December 2, 2021
Colorado’s Delta-Montrose Electric Association (DMEA) is still struggling to recover from a devastating cyberattack last month that took down 90% of its internal systems and ...
- DHS Announces New Cybersecurity Requirements for Surface Transportation Owners and Operators
December 2, 2021
WASHINGTON – DHS’s Transportation Security Administration (TSA) today announced two new Security Directives and additional guidance for voluntary measures to strengthen cybersecurity across the transportation ...
- Hackers are turning to RTF template injections technique to install malware on PCs
December 2, 2021
Nation state-backed hacking groups are exploiting a simple but effective new technique to power phishing campaigns for spreading malware and stealing information that’s of interest ...
- APT Expands Attack on ManageEngine With Active Campaign Against ServiceDesk Plus
December 2, 2021
Over the course of three months, a persistent and determined APT actor has launched multiple campaigns which have now resulted in compromises to at least ...
- Planned Parenthood LA: Ransomware attack leaks health data of 400,000 patients
December 2, 2021
Planned Parenthood Los Angeles has sent out breach notification letters to about 400,000 patients after the organization suffered from a ransomware incident between October 9 ...
- Vulnerability Spotlight: Use-after-free condition in Google Chrome could lead to code execution
December 2, 2021
Cisco Talos recently discovered an exploitable use-after-free vulnerability in Google Chrome. Google Chrome is a cross-platform web browser — and Chromium is the open-source version of ...
- Play Your Cards Right: Detecting Wildcard DNS Abuse
December 1, 2021
The domain name system (DNS) maps names to addresses so that computers can communicate. The directions within the DNS exist largely in records where a ...
- Widespread ‘Smishing’ Campaign Defrauds Iranian Android Users
December 1, 2021
Attackers are impersonating the Iranian government in a widespread SMS phishing campaign that is defrauding thousands of Android users by installing malware on their devices ...
