Network Security News, Articles and Updates

DarkSky botnet spotted evading security measures

A new botnet has been discovered by security researchers that has anti-virtual machine capabilities to evade security controls such as a sandbox.

Using DNS as part of your cyber-security strategy

DNS is inherently vulnerable. However, when correctly implemented with hardened appliances, securely managed, it can also be an organisation's best weapon in securing its networks.

Could peer-to-peer technology be the key to stopping the next WannaCry?

Software-Defined Enterprise Content Delivery Networks (SD ECDNs) are virtual networks that allow businesses to share large files - like upgrades - at high speeds, regardless of whether they use legacy network infrastructures.

How CISO teams can 'see the things they shouldn't miss'

It's rare that CISOs have a horizontal view across their controls to know where to focus their resources for best overall effect which is why Nik Whitfield says agile analytics is a core capability that security teams already require today.

Protecting your network hive: 4 security trends you need to know about

In our connected society, securing the network "hive" is very much a team effort. Only by assessing and defining the landscape in the first instance can a successful security strategy be put in place says Russell Crampin

Massively prolific Fireballers drenched in Beijing police crackdown

The masters of one of the world's most prolific pieces of adware have been arrested in a crackdown by Beijing police.

UniCredit Bank's third party leads to hack on 400,000 clients

An attack on Italian bank, UniCredit, has led to the accounts of 400,000 loan customers being accessed.

Interview: Abeer Khedr, InfoSec director at National Bank of Egypt

Abeer Khedr has been the Information Security Director at National Bank of Egypt (NBE) since 2010. Since its birth in 1898 with a capital of £1 million, NBE is regarded as one of the oldest and most respected commercial banks in Egypt. SC's Ali Taherian caught up with Khedr to talk about some of the specific problems and solutions she deals with day to day.

Is cybersecurity a risk for fundraisers? The SC guide for charities

Charities are being targeted by cyber-criminals but many are still unaware of the main threats facing them. Martyn and Valerie Croft undress some of the challenges facing charities today....

Lloyd's of London: Major global cyber-attacks could cost £40 billion

Lloyd's of London has come through with a new report that will provide great clarity to cyber insurers

Insider at healthcare giant BUPA Global leaks 547,000 customer records

An insider has compromised health insurance company BUPA, exposing the records of 547,000 customers.

Verizon 3rd party data security vendor exposes six million accounts

A Verizon third party vendor's misconfiguration a storage repository left the data of a potential six million customers out in the open last month.

LeakerLocker ransomware blackmails unwitting mobile app store users

A new kind of mobile ransomware has been found lurking on the Google Play Store.

Little giants in a global market: why upstart security companies are one step ahead of corporations

Garry Kondakov discusses why it is so essential to be able to identify new threats in a world where the attackers are so innovative.

What Moore's Law has to teach us about WanaCrypt0r

Kirsten Bay argues that by switching to a detection-led approach, CISOs can focus less on ensuring every machine on their network is updated, and more on spotting the attacks once they have penetrated the perimeter.

What Breach? AA fails to alert customers after server leaks card data

Though the AA's shop was reportedly leaking payment card data, the motoring association did not alert customers.

Our concept of the network must change in the aftermath of WannaCry

Jay Chaudhry discusses why in the aftermath of WannaCry, our concept of the network has to change.

SQL injection vulnerability found in popular WordPpress plug in, again

Security researchers have found yet another SQL injection vulnerability in a WordPress plugin.

Microsoft: CheckPoint research overestimates global Fireball epidemic

Microsoft has cast doubt on a CheckPoint report earlier this month which said that a piece of adware has infected nine percent of networks globally.

BlackTech: Three campaigns, one 'well funded' group hunts IP

Researchers at Trend Micro have traced three campaigns targeting government and high profile private sector targets to one group they have dubbed BlackTech.

Three-quarters of UK orgs suffer DNS attacks, half of those had data stolen

A new report from EfficientIP reveals a lack of awareness as to the variety of DNS attacks, a failure to adapt security solutions to protect DNS and poor responses to vulnerability notifications among businesses worldwide.

Power industry significantly concerned of cyber-threats, says industry exec

National Grid spokesperson tells SC "gas and electricity networks are isolated from our everyday business systems to ensure our networks remain safe and reliable."

[updated] UK Parliament records "unauthorised attempts" to access MP accounts

Following the theft and attempted sale of login details believed to belong to MPs, peers and parliamentary staff, Parliament has confirmed it has seen "unauthorised attempts" to access "less than one percent" of those accounts.

Clinton's campaign manager: There will be a CISO in every campaign

Clinton's presidential election campaign manager, Robby Mook, told a crowd in London about his experience of 'election hacking.'

Common network security misconceptions that increase expenditure

Subhalakshmi discusses the most common misconceptions about network security, that often cloud an organisation's judgment when it comes to protecting their IT assets.

Declassified report: NSA didn't learn Snowden lessons - open to insiders

A declassified report has slammed the NSA for not fully implementing the recommendations given to the agency after the Snowden leaks.

PanicGuard security app found leaking user data

Wandera researchers spotted an app designed to keep users physically safe putting users at risk by leaking their information.

Trusted IDs keep 'smart' buildings secure for the connected workplace

For a more connected workplace, trusted identities can help organisations take a first step towards integrating building systems by securing, customising and enhancing IoT applications.

Mirai botnet army could have been larger and more destructive

The massive Mirai distributed denial of service (DDoS) attack that took down Dyn DNS last fall knocking out dozens of high-profile websites could have been much worse if the malicious actors had done a bit more research.