- The future of financial services in the new Covid-19 world
September 1, 2020
City & Financial Global Ltd today announced a media partnership with Cyber Security Review for 10th edition of City Week 2020 – the annual International Financial Services Forum, taking place in virtual format this year.
More than 80 high profile speakers, such as John Glen MP, Economic Secretary to the Treasury; Steven Maijoor, Chairman, European Securities ...
- Benelux Virtual Cyber Security Summit Launches Online this September!
August 14, 2020
On 22nd-23rd September, the Benelux Virtual Cyber Security Summit will bring together hundreds of cyber security leaders from across Benelux’s core industries in a collaborative eﬀort to strengthen their cyber security strategies and maintain resilience amid a landscape shaped by the pandemic.
The interactive agenda is designed to revive, restore and re-connect the region’s cyber security ...
- 3rd Annual UKsec Virtual Cyber Security Summit Returns Online This September!
August 14, 2020
On 10th-11th September, the UKsec Virtual Cyber Security Summit will bring together hundreds of cyber security leaders from across the UK’s core industries in a collaborative eﬀort to strengthen their cyber security strategies.
According to IBM and Ponemon’s Cost of a Data Breach study, the average cost of a data breach for UK enterprises is $3.88 ...
- CISA, DOD, FBI expose new versions of Chinese malware strain named Taidoor
August 3, 2020
Three agencies of the US government have published today a joint alert alerting US private entities about new versions of Taidoor, a malware family previously associated with Chinese state-sponsored hackers.
The alert has been authored by the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (DHS CISA), the Department of Defense’s Cyber Command (CyberCom), and ...
- US defense and aerospace sectors targeted in new wave of North Korean attacks
July 30, 2020
Tracked under the codename of “Operation North Star,” McAfee said these attacks have been linked to infrastructure and TTPs (Techniques, Tactics, and Procedures) previously associated with Hidden Cobra — an umbrella term the US government uses to describe all North Korean state-sponsored hacking groups.
As for the attacks themselves, McAfee said they were run-of-the-mill spear-phishing emails ...
- NSA Urgently Warns on Industrial Cyberattacks, Triconex Critical Bug
July 24, 2020
The U.S. National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued an alert warning that adversaries could be targeting critical infrastructure across the U.S.
Separately, ICS-CERT issued an advisory on a critical security bug in the Schneider Electric Triconex TriStation and Tricon Communication Module. These safety instrumented system (SIS) controllers are ...
- CISA: Nation-State Attackers Likely to Take Aim at Palo Alto Networks Bug
June 30, 2020
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that foreign hackers are likely to exploit a newly disclosed, critical vulnerability in a raft of Palo Alto Networks firewalls and enterprise VPN appliances, which allows for device takeover without authentication.
The Department of Defense (DoD) arm that oversees cyberspace operations has advised all devices affected ...
- Australian PM says nation under serious state-run ‘cyber attack’ – Microsoft, Citrix, Telerik UI bugs ‘exploited’
June 19, 2020
Australian Prime Minister Scott Morrison has called a snap press conference to reveal that the nation is under cyber-attack by a state-based actor, but the nation’s infosec advice agency says that while the attacker has gained access to some systems it has not conducted “any disruptive or destructive activities within victim environments.”
Morrison said the attack ...
- Cyber Security for Critical Assets World Summit Launches Online This June!
June 4, 2020
On June 30th, Cyber Security for Critical Assets World Summit will bring together senior security leaders from 76+ countries worldwide, in a collaborative effort to safeguard their critical assets and infrastructure.
According to the Global State of Industrial Cyber Security, 28% of security leaders expect to see a successful cyber attack carried out on their countries ...
- Paging A Joint Task Force: Cyber Defense Of Pandemic Medical Infrastructure
March 24, 2020
The ongoing global response to COVID-19 infections has become a critical public health, economic, and national security priority. The crisis has been made worse by ransomware and other disruptive intrusion incidents, threatening the continued provision of healthcare services to patients affected by the disease. U.S. Health and Human Services disclosures of known data breaches — even prior ...
- Critical Bugs in Rockwell, Johnson Controls ICS Gear
March 10, 2020
Security vulnerabilities that require very little skill to exploit have been discovered in industrial control systems (ICS) gear from Rockwell Automation and Johnson Controls, which anchor a flurry of bug disclosures impacting critical infrastructure.
First, a set of critical vulnerabilities in Rockwell Automation gear affect MicroLogix 1400 Controllers, MicroLogix 1100 Controllers and RSLogix 500 Software. The ...
- What to know about cyberattacks targeting energy pipelines
March 1, 2020
The Department of Homeland Security (DHS) this past month disclosed a disruptive cyberattack on a U.S. energy facility, raising new concerns about protections for energy providers.
The Cybersecurity and Infrastructure Security Agency (CISA), a division of DHS, said a ransomware attack hit a “natural gas compression facility,” leading to a two-day shutdown for the entire pipeline.
While the agency ...
- RSAC 2020: Ransomware a ‘National Crisis,’ CISA Says, Ramps ICS Focus
February 28, 2020
Industrial control systems (ICS) and critical infrastructure will be a main focus for the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) this year – especially as ransomware looms as a main threat to the sector going forward.
That’s according to Christopher Krebs, director of CISA, speaking at RSA Conference 2020 this week.
“My agency ...
- Assessment of Ransomware Event at U.S. Pipeline Operator
February 19, 2020
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) reported on 18 February 2020 on a ransomware incident impacting a natural gas compression facility at an unidentified U.S. pipeline operator. The ransomware event impacted both IT and ICS assets by causing loss of view and control impacts that caused the facility to implement controlled shutdown processes ...
- Frankfurt shuts down IT network following Emotet infection
December 19, 2019
Frankfurt, one of the largest financial hubs in the world and the home of the European Central Bank, has shut down its IT network this week following an infection with the Emotet malware.
Frankfurt is the fourth German entity that shut down its IT network in the past two weeks because of Emotet.
The other three are ...
- Story of the year 2019: Cities under ransomware siege
December 11, 2019
Overall awareness of the need for security measures is growing, and cybercriminals are increasing the precision of their targeting to locate victims with security breaches in their defense systems.
Looking back at the past three years, the share of users targeted with ransomware in the overall number of malware detections has risen from 2.8% to 3.5%. While ...
- Equipping the Education Sector With Threat Intelligence to Defend Against Cyberattacks
October 17, 2019
When you think about sophisticated cyberattacks, certain targeted industries probably come to mind immediately — government, critical infrastructure, and financial services, to name a few. It’s fair to say that for most people, the education sector isn’t generally first on that list.
Despite this, educational institutions (particularly those in higher education) have become an increasingly popular ...
- 17 US utility firms targeted by mysterious state-sponsored group
September 24, 2019
A mysterious state-sponsored hacking group has targeted at least 17 US utility firms with phishing emails for a five-month period between April 5 and August 29, Proofpoint reported today.
The purpose of these attacks was to infect employees at US utility firms with LookBack, a remote access trojan with an extensive set of features.
While no formal ...
- US wants to isolate power grids with ‘retro’ technology to limit cyber-attacks
July 2, 2019
The US is very close to improving power grid security by mandating the use of “retro” (analog, manual) technologies on US power grids as a defensive measure against foreign cyber-attacks that could bring down power distribution as a result.
The idea is to use “retro” technology to isolate the grid’s most important control systems, to limit ...
- Senior Defence figure raises concerns about future cyber attacks
February 19, 2019
One of Australia’s senior military figures says the threat of cyber attacks against the nation’s infrastructure and military networks is on the rise.
Major General Marcus Thompson leads the Information Warfare Division, which was set up in mid-2017 with the aim of providing both defensive and offensive cyber capabilities.
In his first media major interview, he told ...
- Germany sees big rise in security problems affecting infrastructure
February 17, 2019
Germany has experienced a big increase in the number of security incidents hitting critical infrastructure such as power grids and water suppliers, the BSI cybersecurity agency said on Sunday, adding however that they were not all due to hacking.
The Welt am Sonntag weekly had reported on Sunday that Germany had learned of 157 hacker attacks ...
- Poking the Bear: Three-Year Campaign Targets Russian Critical Infrastructure
December 11, 2018
Nation-state conflict has come to dominate many of the policy discussions and much of the strategic thinking about cybersecurity. When events of geopolitical significance hit the papers, researchers look for parallel signs of sub rosa cyber activity carried out by state-sponsored threat actors—espionage, sabotage, coercion, information operations—to complete the picture. After all, behind every story may lurk ...
- Mattis establishes DOD task force to protect critical tech, information
November 1, 2018
Secretary of Defense James Mattis has established a task force whose sole purpose is to better secure the Department of Defense’s important technology and information.
Mattis issued a memo dated Oct. 24 creating the Protecting Critical Technology Task Force (PCTTF) to report to the deputy secretary of Defense and the vice chairman of the Joint Chiefs of Staff.
“Working with our partners ...