Welcome to the Cyber Security Review website.
The growth of the internet has impacted profoundly on everyday life and the global economy. It has evolved into a global, interconnected network of systems and information – cyberspace – that we know today, transforming the conduct of business and opening new markets.
Threats to cyber security are persistent and constantly evolving. With an ever-growing number of cyber attacks on critical infrastructure, online commerce and the private sector worldwide, security experts are finding that their work has become a race against the attackers.
The Cyber Security Review is designed to draw on the combined knowledge, skills and expertise of the cyber security community to identify the emerging threats and facilitate the development of coherent policies and robust capabilities.
Our mission is to promote dialogue and provide a platform for information exchange and cooperation between stakeholders, industry, academia and security experts worldwide.
Latest news
- Poland pressured to say if it bought Israeli phone spyware
September 4, 2019
The Polish government is coming under pressure to clarify whether it has purchased sophisticated and potentially illegal phone surveillance technology that has been used to ...
- Hackers exploiting popular social engineering ‘toolkits’ to refine cyber attacks
September 4, 2019
Hackers are regularly using highly customisable online resources to add social engineering components to render their attacks more effective, according to new research from Malwarebytes. One website identified by ...
- BRATA Android RAT Steals Banking Info in Real Time
September 4, 2019
The RAT targets users via fake WhatsApp updates in Google Play. A powerful Android remote access tool (RAT) family dubbed BRATA is proliferating, with at least ...
- Android Zero-Day Bug Opens Door to Privilege Escalation Attack, Researchers Warn
September 4, 2019
Researchers are warning of a high-severity zero-day vulnerability in Google’s Android operating system, which if exploited could give a local attacker escalated privileges on a ...
- ACSC helps power energy sector’s cybersecurity capabilities
September 4, 2019
The Australian Cyber Security Centre (ACSC) has plugged into energy sector organisations and government agencies to help power their cybersecurity capabilities. The nationwide program — which started in ...
- ‘USBAnywhere’ Bugs Open Supermicro Servers to Remote Attackers
September 3, 2019
Trivial-to-exploit authentication flaws can give an unsophisticated remote attacker ‘omnipotent’ control over a server and its contents. Authentication vulnerabilities in the baseboard management controllers (BMCs) of ...
- Data Leak Impacts Millions of Yves Rocher Cosmetics Company Customers
September 3, 2019
International cosmetics brand Yves Rocher found itself caught in a third-party data exposure incident that leaked the personal information of millions of customers. UPDATE Cosmetics giant Yves ...
- Android Zero-Days Now Worth More Than iPhone Exploits
September 3, 2019
Exploit broker Zerodium has implemented a $2.5 million price tag for a zero-click 0-day in Android. An Android zero-day exploit is now worth more than one ...
- Fraudsters use AI voice manipulation to steal £200,000
September 2, 2019
Cyber criminals have used artificial intelligence (AI) and voice technology to impersonate a UK business owner, resulting in the fraudulent transfer of $243,000 (£201,000). In March this year, ...
- Some of Russia’s surveillance tech leaked data for more than a year
August 30, 2019
A Russian security researcher has found that hardware equipment meant to be used by Russian authorities to intercept internet traffic had been leaving data exposed ...
- Google finds malicious sites pushing iOS exploits for years
August 30, 2019
Security researchers at Google said they found malicious websites that served iPhone exploits for almost three years. The attacks weren’t aimed at particular iOS users, as ...
- Hiding in Plain Text: Jenkins Plugin Vulnerabilities
August 30, 2019
Jenkins is a widely used open-source automation server that allows DevOps developers to build, test, and deploy software efficiently and reliably. In order to make the most ...
- French Cyber Police Takedown Paris-based Botnet
August 29, 2019
C3N cybercrime unit, along with the FBI and Avast, take down French botnet that infected 850,000 computers French cyber police have reportedly taken down a botnet, ...
- Google launches bounty program to spot misuses of Google API, Chrome, and Android user data
August 29, 2019
Google announced today a new bug bounty program through which security researchers can report cases of abuse where third-party apps are stealing or misusing Google ...
- Russian police take down malware gang that infected 800,000+ Android smartphones
August 29, 2019
Russian authorities have arrested members of the TipTop cybercrime group, believed to have infected more than 800,000 Android smartphones with malware since 2015. The group operated ...
- FIN6 Switches Up PoS Tactics to Target E-Commerce
August 29, 2019
The group is using the More_eggs JScript backdoor to anchor its attack. The financial cybergang known as the FIN6 group, known for going after brick-and-mortar point-of-sale ...
- Patch now: Cisco IOS XE routers exposed to rare 10/10-severity security flaw
August 29, 2019
Cisco is urging customers to install updates for a critical bug affecting its popular IOS XE operating system that powers millions of enterprise network devices ...
- Exploitation of Windows CVE-2019-0708 (BlueKeep): Three Ways to Write Data into the Kernel with RDP PDU
August 29, 2019
In May 2019, Microsoft released an out-of-band patch update for remote code execution vulnerability CVE-2019-0708, which is also known as “BlueKeep” and resides in code to ...
- ‘Heatstroke’ Campaign Uses Multistage Phishing Attack to Steal PayPal and Credit Card Information
August 29, 2019
Despite having an apparent lull in the first half of 2019, phishing will remain a staple in a cybercriminal’s arsenal, and they’re not going to ...
