Risks in Telecommunications IT

Telecommunications is just one aspect of a 200-year-old field of research in IT. In our latest report, “Islands of Telecoms: Risks in IT,” we liken this field to what seems to be separate islands that are in fact connected by Read More …

Biden pushes for stronger cybersecurity in critical infrastructure, wants companies to do more

President Joe Biden will sign a national security memorandum on Wednesday that aims to strengthen cybersecurity for critical infrastructure, as concern mounts about the vulnerability of the U.S. in the wake of a series of recent ransomware attacks. The memo Read More …

U.S., U.K., And Australia Issue Joint Cybersecurity Advisory

WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA), Australian Cyber Security Centre (ACSC), United Kingdom’s National Cyber Security Centre (NCSC) and Federal Bureau of Investigation (FBI) released a joint cybersecurity advisory today, highlighting the top Common Vulnerabilities and Exposures Read More …

Russia, US launch cybersecurity dialogue, three rounds already held

Russia and the US have launched bilateral cybersecurity dialogue, with three formal rounds already held, Russian Deputy Foreign Minister Sergey Ryabkov told reporters on Wednesday. “We are beginning to have a better understanding of security issues in the cyber sphere Read More …

Even after Emotet takedown, Office docs deliver 43% of all malware downloads now

Malware delivered over the cloud increased by 68% in Q2, according to data from cybersecurity firm Netskope. The company released the fifth edition of its Cloud and Threat Report that covers the cloud data risks, threats and trends they see Read More …

Industrial Networks Exposed Through Cloud-Based Operational Tech

The benefits of using a cloud-based management platform to monitor and configure industrial control systems (ICS) devices are obvious — efficiency, cost-savings and better diagnostics just for starters. But new research found critical vulnerabilities in these platforms that could be Read More …

DHS Announces New Cybersecurity Requirements for Critical Pipeline Owners and Operators

WASHINGTON – Today, in response to the ongoing cybersecurity threat to pipeline systems, DHS’s Transportation Security Administration (TSA) announced the issuance of a second Security Directive that requires owners and operators of TSA-designated critical pipelines that transport hazardous liquids and Read More …

TeamTNT Campaigns Emphasize Importance of Addressing Cloud Security Gaps

Having covered TeamTNT in several of our blog entries over the past couple of years, we embarked on a research that encompasses the malicious actor group’s campaigns, tools, and techniques in 2020 and early 2021. Although believed to have been Read More …

Bug bounty platform urges need for firms to have vulnerability disclosure policy

Organisations should provide a proper channel through which anyone can report vulnerabilities in their systems. This will ensure potential security holes can be identified and plugged before they are exploited. Establishing a vulnerability disclosure policy (VDP) also would provide assurance Read More …

Cybercriminals took advantage of WFH to target financial services companies, says Financial Stability Board report

Criminals targeted security gaps at financial services firms as their staff moved to working from home, according to a report issued by the Financial Stability Board (FSB) on Tuesday. Established after the G20 London summit in April 2009, the FSB Read More …