Security News

New infosec products of the week: April 9, 2021
2021-04-09 05:15

The new solution will help increase visibility, enable compliance and enhance security for containerized applications from build to production in public cloud and on-premises environments. nFront Weak Password Scanner helps orgs scan breached passwords.

New infosec products of the week: April 2, 2021
2021-04-02 05:00

Elastic announced new updates across the Elastic Security solution in the 7.12 release to accelerate threat hunting and investigation workflows, prevent ransomware, and eliminate blind spots. McAfee unveils MVISION CNAPP, a new security service designed to secure cloud native applications.

Money can buy you insurance against network break-ins but investing in infosec hygiene wouldn't go amiss, says new NCSC chief
2021-03-30 11:18

So-called cyber-attack insurance "Cannot be a substitute for better basic cybersecurity," the National Cyber Security Centre's chief exec has said in her first major speech since taking office. Lindy Cameron took over from founding CEO Ciaran Martin last summer and on Friday made her first public appearance since taking office.

New infosec products of the week: March 26, 2021
2021-03-26 06:30

Magic WAN with Magic Firewall gives customers of all sizes a one-stop-shop to connect and secure data, devices, offices, cloud networks, and more without relying on hardware boxes. Magic WAN is a SaaS solution that connects any traffic source to Cloudflare's global network for secure, fast connectivity, and Magic Firewall integrates with it to enforce security rules across all traffic.

Defence Industrial Strategy suggests the UK is ready to start taking its homegrown infosec industry seriously
2021-03-25 14:48

In a change from its recent bombastic blather, the British government has published a new Defence Industrial Strategy that looks like it wants to put the infosec industry on a gold-plated pedestal. "Government also needs to provide complementary support to industry and ensure that the public sector can access the right skills to remain an intelligent customer," said the Defence and Security Industrial Strategy whitepaper published this week.

New infosec products of the week: March 19, 2021
2021-03-19 09:44

Akamai MFA provides FIDO2 multi-factor authentication without hardware security keys. Akamai Technologies announced the launch of Akamai MFA, a phish-proof solution designed to enable enterprises to quickly deploy FIDO2 multi-factor authentication without the need to deploy and manage hardware security keys.

Ex-asylum seeker with infosec degree loses discrimination claim against UK cyber range provider after storming out
2021-03-16 11:01

A former asylum seeker with a postgraduate degree in cybersecurity who alleged his bosses were spying on him for MI5 has lost his attempt to claim he was racially discriminated against. The anonymous man, who worked for an unnamed company that set up a UK cyber range in mid-2019, told the Employment Tribunal that he had quit after being subjected to racial harassment at work - but judges overruled all of his legal claims.

Malware attack that crippled Mumbai's power system came from China, claims infosec intel outfit Recorded Future
2021-03-01 16:05

Security intelligence firm Recorded Future's Insikt Group has written a paper alleging China was behind attacks on India's electricity grid. The attack is considered the probable source of Mumbai's power outage in October of the same year.

North Korea infected infosec bods with backdoors via dodgy blog pages, Visual Studio files – Google
2021-01-26 04:45

North Korea's hackers homed in on specific infosec researchers and infected their systems with a backdoor after luring them to a suspicious website, Google revealed on Monday. "The researchers have followed a link on Twitter to a write-up hosted on blog.br0vvnn[.]io, and shortly thereafter, a malicious service was installed on the researcher's system and an in-memory backdoor would begin beaconing to an actor-owned command and control server," said Googler Adam Weidemann.

Hallowed Bugtraq infosec list killed then resurrected over the weekend: We heard your feedback, says Accenture
2021-01-18 07:05

Last week ended with news that the venerable infosec mailing list Bugtraq was being shutdown at the end of the month. From its first posts in November 1993, Bugtraq aimed to get details of vulnerabilities, as well as defence and exploitation techniques, onto netizens' radar, and discussed among admins and security researchers.