Welcome to the Cyber Security Review website.
The growth of the internet has impacted profoundly on everyday life and the global economy. It has evolved into a global, interconnected network of systems and information – cyberspace – that we know today, transforming the conduct of business and opening new markets.
Threats posed by cybercriminals, state and non-state actors are persistent and constantly evolving. With an ever-growing number of cyber attacks on critical infrastructure, manufacturing, online commerce and digital life in general, security experts are finding that their work has become a race against the attackers.
The Cyber Security Review is designed to draw on the combined knowledge, skills and expertise of the cyber security community to identify the emerging threats and facilitate the development of coherent policies and robust capabilities.
Our mission is to promote dialogue and provide a platform for information exchange and cooperation between stakeholders, industry, academia and security experts worldwide.
Latest news
- Log4j vulnerability now used to install Dridex banking malware
December 20, 2021
Threat actors now exploit the critical Apache Log4j vulnerability named Log4Shell to infect vulnerable devices with the notorious Dridex banking trojan or Meterpreter. The Dridex malware ...
- How and why do we attack our own Anti-Spam?
December 20, 2021
We often use machine-learning (ML) technologies to improve the quality of cybersecurity systems. But machine-learning models can be susceptible to attacks that aim to “fool” ...
- Readout Of CISA Call With Critical Infrastructure Partners On Log4j Vulnerabilities And The Need For Increased Vigilance This Holiday Season
December 20, 2021
WASHINGTON – This afternoon, the Cybersecurity and Infrastructure Security Agency (CISA) held a call with critical infrastructure entities from the public and private sectors to ...
- Revisiting the Relevance of the Industrial DMZ (iDMZ)
December 20, 2021
If you enter the term “Purdue Model” into your favorite search engine, the resulting images will vary considerably. There’s almost no better way to stir ...
- New stealthy DarkWatchman malware hides in the Windows Registry
December 19, 2021
A new malware named ‘DarkWatchman’ has emerged in the cybercrime underground, and it’s a lightweight and highly-capable JavaScript RAT (Remote Access Trojan) paired with a ...
- Russian hackers leak confidential UK police data on the ‘dark web’ after their ransom was rejected
December 19, 2021
Confidential information held by some of Britain’s police forces has been stolen by Russian hackers in an embarrassing security breach, The Mail on Sunday can ...
- Apache releases new 2.17.0 patch for Log4j to solve denial of service vulnerability
December 18, 2021
Apache has released version 2.17.0 of the patch for Log4j after discovering issues with their previous release, which came out on Tuesday. Apache said version 2.16 ...
- Conti Ransomware Gang: An Overview
December 18, 2021
Conti ransomware stands out as one of the most ruthless of the dozens of ransomware gangs that we follow. The group has spent more than ...
- CISA Issues Emergency Directive Requiring Federal Agencies To Mitigate Apache Log4j Vulnerabilities
December 17, 2021
WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) issued Emergency Directive (ED) 22-02 today requiring federal civilian departments and agencies to assess their internet-facing network assets for the Apache Log4j vulnerabilities ...
- Over Log4j? VMware has another critical flaw for you to patch
December 17, 2021
VMware customers have probably had a busy week because more than 100 of the IT giant’s products are impacted by the Log4j bug. Now they need ...
- US federal agency compromised in suspected APT attack
December 17, 2021
A sophisticated threat actor has gained access and has backdoored the internal network of a US federal government agency, antivirus maker Avast reported this week. The ...
- Meta bans ‘cyber-mercenaries’ that targeted 50,000 people
December 17, 2021
Meta, Facebook’s parent company, has banned several “cyber-mercenary” groups thought to have been offering surveillance services aimed at activists, dissidents and journalists worldwide. The social media ...
- A deep dive into an NSO zero-click iMessage exploit: Remote Code Execution
December 16, 2021
Google Project Zero researchers want to thank Citizen Lab for sharing a sample of the FORCEDENTRY exploit with them, and Apple’s Security Engineering and Architecture ...
- PseudoManuscrypt: a mass-scale spyware attack campaign
December 16, 2021
In June 2021, Kaspersky ICS CERT experts identified malware whose loader has some similarities to the Manuscrypt malware, which is part of the Lazarus APT ...
