Welcome to the Cyber Security Review website.
The growth of the internet has impacted profoundly on everyday life and the global economy. It has evolved into a global, interconnected network of systems and information – cyberspace – that we know today, transforming the conduct of business and opening new markets.
Threats to cyber security are persistent and constantly evolving. With an ever-growing number of cyber attacks on critical infrastructure, online commerce and the private sector worldwide, security experts are finding that their work has become a race against the attackers.
The Cyber Security Review is designed to draw on the combined knowledge, skills and expertise of the cyber security community to identify the emerging threats and facilitate the development of coherent policies and robust capabilities.
Our mission is to promote dialogue and provide a platform for information exchange and cooperation between stakeholders, industry, academia and security experts worldwide.
Latest news
- Happy New Fear! Gift-wrapped spam and phishing
February 7, 2020
In the run-up to Christmas and New Year, scam е-mails mentioning easy pickings, lottery winnings, and other cash surprises are especially popular. All the more ...
- Researchers Use Smart Light Bulbs to Infiltrate Networks
February 6, 2020
Researchers successfully infiltrated networks through a vulnerability in Philips Hue light bulbs. The CVE-2020-6007 vulnerability, which involves the ZigBee communication protocol, can be abused to remotely install ...
- Bouygues Construction falls victim to ransomware
February 5, 2020
Bouygues Construction has confirmed falling victim to ransomware that it detected across its network on January 30. “As a precautionary measure, information systems have been shut ...
- SORA and UNSTABLE: 2 Mirai Variants Target Video Surveillance Storage Systems
February 5, 2020
Trend Micro researchers encountered two variants of the notorious internet of things (IoT) malware, Mirai, employing a new propagation method. The two variants, namely SORA (detected as ...
- Gamaredon APT Improves Toolset to Target Ukraine Government, Military
February 5, 2020
The Gamaredon advanced persistent threat (APT) group has been supercharging its operations lately, improving its toolset and ramping up attacks on Ukrainian national security targets. Vitali ...
- Ransomware Attack Hinders Toll Group Operations
February 4, 2020
Australian transportation and logistics giant Toll Group said a ransomware attack is to blame for several key services being debilitated and delivery operations being delayed ...
- Twitter API Abused to Uncover User Identities
February 4, 2020
Twitter said that malicious actors, with potential ties to state-sponsored groups, were abusing a legitimate function on its platform to unmask the identity of users. The ...
- U.S. Battleground County Website Security Survey
February 3, 2020
Today McAfee released the results of a survey of county websites and county election administration websites in the 13 states projected as battleground states in ...
- Ethics of red team security testing questioned in new report
February 3, 2020
Workers in areas like HR and finance are more likely than IT or security professionals to object to internal security testing, a report has found, raising serious ...
- Only three of the Top 100 international airports pass basic security checks
February 3, 2020
Only three of the world’s Top 100 international airports pass basic security checks, according to a report published last week by cyber-security firm ImmuniWeb. The three are the Amsterdam Schiphol ...
- TrickBot Switches to a New Windows 10 UAC Bypass to Evade Detection
February 3, 2020
The TrickBot trojan has evolved again to bolster its ability to elude detection, this time adding a feature that can bypass Windows 10 User Account ...
- EKANS Ransomware and ICS Operations
February 3, 2020
EKANS ransomware emerged in mid-December 2019, and Dragos published a private report to Dragos WorldView Threat Intelligence customers early January 2020. While relatively straightforward as ...
- Threat Actors Still Exploiting SharePoint Vulnerability to Attack Middle East Government Organizations
February 3, 2020
On September 10, 2019, we observed unknown threat actors exploiting a vulnerability in SharePoint described in CVE-2019-0604 to install several webshells on the website of a Middle ...
- Matters of Life and Death: Cyber Security and Medical Devices
February 3, 2020
Concerns about the vulnerabilities of medical devices to cyber attacks are spurring a new focus on the need to protect patient safety, data and hospital ...
- Hackers are hijacking smart building access systems to launch DDoS attacks
February 2, 2020
Hackers are actively searching the internet and hijacking smart door/building access control systems, which they are using to launch DDoS attacks, according to firewall company ...
- FBI launches investigation into Pegasus spyware vendor over US citizen hacks
January 31, 2020
The US Federal Bureau of Investigation (FBI) has launched an investigation into NSO Group based on suspicions that US residents and companies may have been ...
- Burn, drown, or smash your phone: Forensics can extract data anyway
January 31, 2020
Damaged mobile phones are still filled with plenty of useful data, according to researchers at the National Institute of Standards and Technology (NIST), which is ...
- Abusing DLL Misconfigurations — Using Threat Intelligence to Weaponize R&D
January 31, 2020
Dynamic-link library (DLL) side-loading occurs when Windows Side-by-Side (WinSxS) manifests are not explicit about the characteristics of DLLs being loaded by a program. In layman’s terms, DLL side-loading can ...
- Emotet Uses Coronavirus Scare in Latest Campaign, Targets Japan
January 31, 2020
Threat actors behind the Emotet malware used the novel coronavirus (2019-nCoV) scare as a hook for their spam email campaign against targets in Japan. 2019-nCoV, which is ...
