CERT News, Articles and Updates

Chinese Ministry of State Security caught manipulating critical CVE data

Early warnings arrive late: Newly published research from Recorded Future reveals that China has been manipulating critical vulnerability data, and then back dating CVEs to cover up the evidence.

US CERT issues warning on ASLR vulnerability in Windows

US CERT has issued a warning on a vulnerability in Windows' Address Space Layout Randomisation (ASLR) that affects Windows 8, Windows 8.1, and Windows 10 which could allow an attacker to take control of an affected system.

4SICS: making cyber-threat intel work better for ICS pros

Thomas Schreck, principal engineer of Simenes' CERT, alongside Margrete Raaum, leader of the KraftCERT from Norway told an audience at 4SICS 2016 on why cyber-threat intelligence plays an important part in information sharing in the energy industry.

Swiss defence contractor hacked, details released

The details of a years long campaign against a Swiss defence contractor have been released in partnership with Swiss CERT.

RSA Summit: Gibson urges information sharing to beat ransomware

The director of CERT UK laid out some of the problems facing UK cyber-space and outlined what cyber-security could do to help fix them.

Belkin Wi-Fi routers at risk from multiple vulnerabilities

Flaws have not been patched and there are no workarounds for many of them, says US CERT.

UK minister: Cyber-security a 'priority' for government, but no ban on encryption

UK minister Ed Vaizey has dismissed media reports that the Conservative government plans to ban encryption, whilst also promising that cyber-security remains a 'priority' in Whitehall.

FinCERT to help Russian banks respond to cyber-attacks

The Russian Central Bank has established new centre for dealing with cyber-attacks in Russia's financial sector, due to be fully operational this month.

Zeus and Conficker malware return to haunt UK companies

Old malware variants, the Zeus Trojan and the Conficker computer worm, remain a huge problem for most UK companies, according to CERT-UK's first annual report.

CERT-UK: Fighting back against cyber-criminals

Six months after launch and the UK's National Computer Emergency Response Team (CERT-UK) is seeing rising awareness of the group, the CiSP initiative and cyber-crime more generally.

Hundreds of companies face 2,000 cyber-attacks in EU exercise

The European Network and Information Security Agency (ENISA) conducted a 24-hour cyber-exercise in which more than 200 organisations from 25 EU member states faced virtual cyber-attacks from white hat hackers yesterday.

UK's cyber security strategy enters collaborative phase

Cabinet Office Minister Francis Maude looks back at two years of the National Cyber Security Programme and says that public-private collaboration is key to protecting British businesses from cyber attacks.

Update: Government slated as Mumsnet becomes first UK Heartbleed victim

The Government's reaction to the 'Heartbleed' flaw has been criticised after the Mumsnet parenting site became the UK's first known victim of Heartbleed hackers.

CERT UK finally launches to counter cyber threats

The UK government finally launched its first national computer emergency response team, CERT-UK, in London today.

CERT UK reportedly to launch next week

The British government will finally launch the much-delayed Computer Emergency Response Team (CERT-UK) next week, according to report, in a bid to protect the country's critical infrastructure.

Europe's CERTs - share to beat cyber attacks

Europe's computer emergency response teams (CERTs) need to share attack informatio to combat the increasingly complex cyber attacks they face.

UK national CERT launch postponed

The launch of one of the UK Government's most important cyber crime initiatives, the national Computer Emergency Response Team (CERT), has been delayed from this year to 2014.

ENISA receives strengthening vote to appoint executive board and create Cert

The EU's network and information security agency (ENISA) is to be strengthened in-line with the proposed cyber security strategy.

A place for learning and development

Last week I was delighted to attend the Centre for Secure Information Technologies (CSIT) summit in Belfast, in its third year of operating as a think tank and speaker conference.

Virut botnet takedown sinkholes 23 domains

Polish cyber security experts seized domains behind the Virut botnet over the weekend.