Welcome to the Cyber Security Review website.
The growth of the internet has impacted profoundly on everyday life and the global economy. It has evolved into a global, interconnected network of systems and information – cyberspace – that we know today, transforming the conduct of business and opening new markets.
Threats to cyber security are persistent and constantly evolving. With an ever-growing number of cyber attacks on critical infrastructure, online commerce and the private sector worldwide, security experts are finding that their work has become a race against the attackers.
The Cyber Security Review is designed to draw on the combined knowledge, skills and expertise of the cyber security community to identify the emerging threats and facilitate the development of coherent policies and robust capabilities.
Our mission is to promote dialogue and provide a platform for information exchange and cooperation between stakeholders, industry, academia and security experts worldwide.
Latest news
- Only three of the Top 100 international airports pass basic security checks
February 3, 2020
Only three of the world’s Top 100 international airports pass basic security checks, according to a report published last week by cyber-security firm ImmuniWeb. The three are the Amsterdam Schiphol ...
- TrickBot Switches to a New Windows 10 UAC Bypass to Evade Detection
February 3, 2020
The TrickBot trojan has evolved again to bolster its ability to elude detection, this time adding a feature that can bypass Windows 10 User Account ...
- EKANS Ransomware and ICS Operations
February 3, 2020
EKANS ransomware emerged in mid-December 2019, and Dragos published a private report to Dragos WorldView Threat Intelligence customers early January 2020. While relatively straightforward as ...
- Threat Actors Still Exploiting SharePoint Vulnerability to Attack Middle East Government Organizations
February 3, 2020
On September 10, 2019, we observed unknown threat actors exploiting a vulnerability in SharePoint described in CVE-2019-0604 to install several webshells on the website of a Middle ...
- Matters of Life and Death: Cyber Security and Medical Devices
February 3, 2020
Concerns about the vulnerabilities of medical devices to cyber attacks are spurring a new focus on the need to protect patient safety, data and hospital ...
- Hackers are hijacking smart building access systems to launch DDoS attacks
February 2, 2020
Hackers are actively searching the internet and hijacking smart door/building access control systems, which they are using to launch DDoS attacks, according to firewall company ...
- FBI launches investigation into Pegasus spyware vendor over US citizen hacks
January 31, 2020
The US Federal Bureau of Investigation (FBI) has launched an investigation into NSO Group based on suspicions that US residents and companies may have been ...
- Burn, drown, or smash your phone: Forensics can extract data anyway
January 31, 2020
Damaged mobile phones are still filled with plenty of useful data, according to researchers at the National Institute of Standards and Technology (NIST), which is ...
- Abusing DLL Misconfigurations — Using Threat Intelligence to Weaponize R&D
January 31, 2020
Dynamic-link library (DLL) side-loading occurs when Windows Side-by-Side (WinSxS) manifests are not explicit about the characteristics of DLLs being loaded by a program. In layman’s terms, DLL side-loading can ...
- Emotet Uses Coronavirus Scare in Latest Campaign, Targets Japan
January 31, 2020
Threat actors behind the Emotet malware used the novel coronavirus (2019-nCoV) scare as a hook for their spam email campaign against targets in Japan. 2019-nCoV, which is ...
- UK’s HMRC tax authority seeks tools to track down cryptocurrency criminals
January 31, 2020
The UK’s Her Majesty’s Revenue and Customs (HMRC) tax collection agency is asking for a blockchain analytics tool useful in the hunt for cybercriminals — ...
- Facebook to Pay $550M to Settle Class Action Case Over Facial Recognition
January 30, 2020
Facebook has agreed to pay $550 million to Illinois users to settle a class action lawsuit filed over the use of its face-tagging technology to collect facial-recognition ...
- Over 30 Million Stolen Credit Card Records Being Sold on the Dark Web
January 30, 2020
Cybercriminals were found selling over 30 million credit card records on the dark web, purportedly from a data breach suffered by a U.S.-based gas station and convenience ...
- Google Sets Record High in Bug-Bounty Payouts
January 29, 2020
Google paid out $6.5 million in bug-bounty rewards in 2019, which doubles the internet behemoth’s previous annual top total. It has also highlighted additional bonuses ...
- Attacker’s Tactics and Techniques in Unsecured Docker Daemons Revealed
January 29, 2020
Between September and December 2019, Unit 42 researchers periodically scanned and collected metadata from Docker hosts exposed to the internet (largely due to inadvertent user ...
- A Ransomware Prescription for the Healthcare Industry
January 29, 2020
To paraphrase Mark Twain, reports of ransomware’s death have been greatly exaggerated. Ransomware attacks resumed with a vengeance last year, despite conjecture by some researchers that CPU mining ...
- Security Analysis of Devices That Support SCPI and VISA Protocols
January 28, 2020
When a legacy protocol is connected via Ethernet, and subsequently to the internet, security issues arise. Standard Commands for Programmable Instruments (SCPI) is a legacy ...
