Asia's leading source of security and threat news
Ransomware’s decline equals cryptomining’s rise
ESET’s Security Days Conference recently took place to go over the current threat environment and what to look out for next.
IoT and DDoS attacks: A match made in heaven
A10 Network’s Adrian Taylor uses findings from a number of reports to illustrate his point that advances in technology are facilitating cybercrime.
ForgeRock launches Sandbox-as-a-Service to facilitate compliance
The cloud-based testing environment for APIs enables banks to accelerate compliance with Open Banking and PSD2 deadlines.
Cloud application attacks in Q1 up by 65% - Proofpoint
Proofpoint found that the education sector was the most targeted of both brute-force and sophisticated phishing attempts.
Singapore firm to launch borderless open data sharing platform
Singapore-based Ocean Protocol, a decentralised data exchange that promotes data sharing, has revealed details of what could be the kickstart to a global and borderless data economy.
Huawei picks up accolades for software-defined camera ecosystem
"The company's software defined capabilities enable it to future-proof its camera ecosystem and greatly lower the total cost of ownership (TCO), as its single camera system is applicable to a variety of application use cases."
Barracuda expands MSP security offerings with RMM acquisition
Managed Workplace delivers an RMM platform with security tools and services, such as site security assessments, Office 365 account management, and integrated third-party antivirus.
Flashpoint: APAC companies must factor geopolitics in cyber strategies
The diverse geopolitical and economic interests of the states in the region play a significant role in driving and shaping cyber threat activity against entities operating in APAC.
Expert offers password tips to aid a stress-free sleep
For many cybersecurity professionals, the worries of the day often crawl into night-time routines - LogMeIn says better password practices can help.
SolarWinds extends database anomaly detection
As organisations continue their transition from purely on-premises operations into both private and public cloud infrastructures, adapting their IT monitoring and management capabilities can pose a significant challenge.
Adura launches new SOC and MSP in Singapore
The new SOC focuses on the needs of businesses to gain insight into their organization’s security posture and increase their ability to react promptly.
NATO picks BlackBerry's encrypted voice technology to secure calls
The NCI Agency acquires, deploys and defends communication systems for NATO's political decision-makers and command centres
Was Citrix unaware of its own data breach until the FBI got involved?
According to a blog post from Citrix’s CSIO Stan Black, the FBI contacted Citrix on March 6 and advised that international cybercriminals had allegedly gained access to Citrix’s internal network.
How business leaders must prioritise cyber risk - Palo Alto Networks
Prioritising threats ensures organisations are taking a logical approach to cybersecurity, focusing their time and money on the most pressing dangers.
Carbon Black integrates with Chronicle security analytics platform
Backstory will correlate telemetry from Carbon Black’s endpoint detection and response (EDR) solution to deliver incident investigation and threat hunting.
Forcepoint launches new converged cybersecurity solutions
Forcepoint is addressing the need for consolidated, cloud-based security solutions in a deployment-agnostic delivery model.
Logitech Harmony Hub vulnerabilities leave devs fuming
Logitech has bowed to public pressure and reinstated a developer firmware version of its popular Harmony Hub, after it was revealed that the Hub had critical security flaws.
How using syslog-ng to store logs could help your business
Syslog-ng is a high-speed data processor that parses both structured and unstructured log messages.
Digitally transform or fall behind - 3 key points to remember
In this report Unisys details three key areas focus on when implementing a successful digital transformation as with every opportunity comes risk.
How Veritas aims to enhance the protection of enterprise data
“We’re making it simpler for customers to access critical information about their infrastructure and providing them with a one-stop shop for all reporting requirements."
An insider's tips on how to get more from your Splunk platform
Having the right tools is only half the battle, not until you can leverage them most effectively can you see the gains that properly managed data can provide.
Mobile document management policies impair workers
Most employees need access to company documents on their mobile devices, but almost half can’t get that access because organisations aren’t keeping up.
From magstripe to mobile: The evolution of access management
HID Global examines solutions available today, the future of mobile access, and why it’s critical to ensure that each component of the access control ecosystem is as secure as possible.
VMware launches service-defined firewall
VMware’s new internal firewall solution locks down known good behaviour at both the network and host level to reduce the attack surface.
Verizon report spotlights mitigating insider threats
Companies are too often hesitant to recognise, report or take action against employees who have become a threat to their organisation.
Whitepaper: How classifying your log messages makes for happier sysadmins
Operating systems, applications, and network devices generate text messages of the events that happen to them.
It's an ultimatum: Mobile security or securing mobility
Move your organisation towards the mobile-first world, securely.
Scytale Enterprise streamlines authentication management
By consolidating authentication practices for all services, organizations will greatly simplify IT service orchestration as they transition to cloud environments while achieving security assurance."
Accenture Security launches IAM capability for user privileges
When it comes to managing user privileges, the provisioning of access should be based on precise knowledge of who a person is and why they need it.
The cyber kill chain: Moving laterally in Active Directory
Using different techniques, attackers move laterally through the network, gaining more and more privileged access until they gain entry to their target domain controllers.
LogRhythm launches solution to address network-borne threats
“Security teams are often understaffed, overwhelmed by false positives and lack the necessary network visibility.”
IBM Security: Cybercriminals focusing on cryptojacking
The report found that more than half of cybercriminal attacks pivot away from malware-based attacks.
Cybercriminals earning over $3billion annually exploiting social platforms
Social media platforms contain up to 20% more methods by which malware can be delivered to users – e.g. through adverts, shares, plug-ins – than comparable sources.
Study: Is it possible to detect breaches as they happen
Breaches often happen when businesses least expect them, causing slow reaction times and possibly catastrophic loss.
Navigating the complicated world of DNS security
Over the years, DNS, both the protocol and the servers, have become the target of a variety of attacks, including the Lion worm.
German firm’s camera platform could monitor your mood
MOBOTIX and Konica Minolta are developing a platform for camera networks that will allow AI-powered surveillance of people and places.
Whitepaper: Simplify compliance and SIEM better with efficient logging
IT environments generate log messages with a variety of functions and significance to an organisation – but they’re only useful if they trigger the necessary responses.
How to optimise the performance of SIEMs
Optimising your SIEM is most easily and effectively done by also optimising your log management.
CrowdStrike announces endpoint detection for mobile devices
The workforce is more reliant than ever on business-critical applications, accessing confidential information from multiple devices anytime, anywhere.
ImageWare unveils biometric-based digital identity platform
"Identity is the new security perimeter," declares ImageWare CEO Jim Miller.
Whitepaper: Five essential steps to protect your company’s critical data
The increase in devices being used by employees and the number of cloud apps necessitate multiple different channels of accessing a company’s information in a secure manner.
D-Link’s latest 5-megapixel surveillance cameras
The two cameras have been designed with robustness and durability in mind and are able to withstand a range of adverse conditions.
ManageEngine introduces user and entity behaviour analytics in its SIEM solution
"In today’s IT security landscape, rigid alert rules and conventional threat detection systems no longer make the cut.”
Where to from here? Women in cybersecurity speak up
International Women’s Day is an opportunity to reflect on how far the industry has come in treating women more equally, but also to rally together and look at how this can be improved.
Asia Pacific feeling financial brunt of breaches - but it's not all bad news
CISOs are now acknowledging the adage of ‘it’s not about if there’s a breach, but when’.
The 3 essential elements to consider with SaaS security
Speed, ease of use, and low capital expenses are just some of the factors driving the continued growth in SaaS security adoption.
Interview: Why log management is crucial to modern business
One Identity's IT veteran Balázs Scheidler shares his insights on log management's history and where it's going to next.
Are you building (or breaking) digital trust?
Business leaders can wait and be forced to respond to market change, or they can embrace digital and lead market change themselves.
Sonicwall announces network, cloud apps, endpoint protection solution
SonicWall introduced new cloud-managed Wi-Fi access points and wireless planning tools designed to ease the deployment of global wireless networks.
Whitepaper: How to manage mobile risk in a perimeter-less work environment
Enabling mobility and the ability to access data seamlessly is a great development for enterprise productivity, but it causes a serious challenge to security teams.
Should you run your central log server in Docker?
Collecting logs can be especially important in a containerized environment, where you start and stop containers around the clock.
Cradlepoint debunks common connectivity and security myths
Many misconceptions have arisen, causing businesses to fear adopting new technologies.
SSL/TLS certificate marketplaces thriving on dark web - study
These services deliver machine-identities-as-a-service to cybercriminals who wish to spoof websites, eavesdrop on encrypted traffic, perform man-in-the-middle attacks and steal sensitive data.
Whitepaper: How to improve your cybersecurity sales pitch
Boards and executives who normally approve funding for IT security projects do not speak tech - they speak the language of ROI, NPV, etc.
Unisys women offer advice on how to build a career in IT
"Be brave and accept the challenge because the IT industry offers diverse opportunities for someone willing to have a go."
Product review: LogRhythm CloudAI a revolutionary tool
SANS has provided an independent review of a new AI analytics solution designed to rescue businesses 'drowning in data' from SIEM platforms.
Check Point names February’s most disruptive malware
Check Point’s researchers confirm Coinhive holds the top position in February's Top Malware index for fifteenth successive month before it shut down, while GandCrab distribution campaigns increase.
Report: How IT Is responding to digital disruption and innovation
Today “every company is in the software business" to get a competitive edge, and this survey reveals how app dev is affecting IT teams.
GitHub's Bug Bounty program gets bigger
GitHub’s Bug Bounty program is now five years old and to mark the occasion it has revamped the program’s scope, rewards, and new legal rules.
Capgemini and IDEMIA launch IoT device management platform
“Capgemini’s agreement with IDEMIA will provide a fully agnostic, configurable and secure platform from an endpoint device to the cloud.”
State of the channel: A/NZ MSPs still grappling with ransomware
Issues range from SaaS infections to SMBs that don’t report ransomware attacks to the appropriate authorities, and much more.
Insider threats & breach reports: Why security needs more investment
Insider threats (those that come from within your organisation) are a serious concern - here's why.
Sextortion attacks targeting education orgs - Barracuda
“Employees are more likely to receive a sextortion scam than an employee impersonation or business email compromise attack.”
Healthcare breaches down, but impacts more significant - Bitglass
Of the 11.5 million individuals affected by healthcare breaches in 2018, 67% had their information exposed by hacking and IT incidents.
How cybercriminals are most likely to be caught
Fifteen per cent of IT managers at Australian companies who were victim to one or more cyber attacks last year can’t pinpoint how the attackers gained entry.
Healthcare breaches on the rise - here’s how Philips protects data
As healthcare becomes increasingly digitalised, medical institutions need to ensure the systems they are using are storing patient data in a reliable and secure way.
How businesses should handle cybersecurity skill shortage - Sungard AS
Resilient businesses have a laser focus on cybersecurity, all too aware of the negative impact a breach can have.
Built-in email security measures inadequate - Trend Micro
The Cloud App Security report details how escalating email threat levels are exposing organisations to an increased risk of fraud, spying, information theft, and spoofing.
Whitepaper: The key to maximising office space efficiency
Most offices worldwide are approximately 50% under-utilised on any given day, causing issues for facility management in understanding the number of people in a facility.
Gartner’s top security and risk management trends
Leaders in the space must properly prepare to improve resilience and support business objectives.
Okta to acquire Azuqua to connect business apps in the enterprise
The average Okta customer has 83 cloud apps, and 9% of customers have more than 200 cloud apps.
W3C and FIDO Alliance finalise web standard for passwordless logins
Major browsers and platforms now have built-in support for the new WebAuthn security standard.
Count the hours (or the weeks): DNS attacks are a severe downtime threat
Attackers can conduct DNS attacks, including Distributed Denial of Service (DDoS) attacks that can take servers offline for minutes, hours, days, or even weeks.
Can your vulnerability assessments protect your organisation?
33% of enterprises surveyed are at a low maturity, conducting only limited assessments of selected assets.
Case Study: Infoblox protects the network that hosts City University’s curriculum
After recovering from a ransomware attack, City University began to work with Infoblox to bring its network security to the next level.
Whitepaper: The Mobile Risk Matrix - how exposed are you?
The proliferation of cloud services has increased the attack surface to include applications, devices, networks, and external web and content delivery methods.