Volume 2022, Issue 7
Contents
Pen testing vs red teaming
GEMMA MOORE
Zero-trust architecture is creating a passwordless society
JONAS IGGBOM
Privacy-enhancing technologies in the design of digital twins for smart cities
GABRIELA AHMADI-ASSALEMI, HAIDER AL-KHATEEB, AMAR AGGOUN
The biggest challenges of manually managing PKI certificates
ANTHONY RICCI
Volume 2022, Issue 6
Contents
The case for threat modelling
COLIN TANKARD
Security service edge: choosing the right solution
NATHAN HOWE
DGAs die hard: detecting malicious domains using AI
BHARATHASIMHA REDDY D, SRILEKHA TALLURI, RUTHVIK REDDY SL, AMIT NAGAL, ADITYA K SOOD
The great security convergence: joining physical devices and cyber security
SCOT STURGES
Volume 2022, Issue 5
Contents
Salvaging security for speedy single-page applications
GARY ARCHER
Securing industrial environments
YOANN DELOMIER
Virtualised network security is not a one-size-fits-all approach
MICHAEL ECKEL
Safeguard the future of your network
MICHAEL WOOD
Incident response: test, don't improvise
ANDREW COOKE
The challenges of Log4j – and how to solve them
TOM MCVEY
Volume 2022, Issue 4
Contents
The state of cyber resilience
GIO COZZOLINO
Continuous authentication for IoT smart home environments
MAX SMITH-CREASEY, STEVEN FURNELL, MUTTUKRISHNAN RAJARAJAN
The importance of cyber security in journalism
ELAD SHERF
Dealing with highly evasive adaptive threats
TOM MCVEY
Volume 2022, Issue 3
Contents
D-F of cyber security
KAREN RENAUD
How to plan for a post-quantum security ecosystem
NILS GERHARDT
Revisiting man-in-the-middle attacks against HTTPS
VYRON KAMPOURAKIS, GEORGIOS KAMBOURAKIS, EFSTRATIOS CHATZOGLOU, CHRISTOS ZAROLIAGIS
Ransomware – one of the biggest threats facing enterprises today
GUIDO GRILLENMEIER
The ‘need to know’ of highly evasive adaptive threats
TOM MCVEY
The Art of Attack
Maxie Reynolds. Wiley
Volume 2022, Issue 2
Contents
Strength through simulation
COLIN TANKARD
The security implications of working-from-anywhere
PHIL CHAPMAN
The evolving threat from China
MARC BURNARD
Is energy the weak link in the UK’s critical national infrastructure?
SCOTT DAVIDSON
Air-gapped networks: the myth and the reality
MILAD ASLANER
Ransomware recap: Learning from 2021
TOM MCVEY
Volume 2022, Issue 1
Contents
Deceptive security to protect your business
ERIC CHAMBAREAU
How AI will transform the cyber security industry
ANURAG GURTU
Bulletproof hosting and the Magecart threat
FABIAN LIBEAU
Using open source software securely
JAVIER PEREZ
Agricultural robot wars
CHARLES MARROW
Staying safe during holiday seasons
TOM MCVEY
Volume 2021, Issue 12
Contents
NEWS
Critical Java flaw puts millions of organisations at risk .....1
Ransomware most serious threat, says NCSC .....2
Iran attack warning .....3
FEATURES
Opening the network to DevOps without letting threats inside .....7
Adopting a robust domain name security strategy .....10
Understanding the evolving threat landscape – APT techniques in a container environment .....13
The hefty price you pay for manual triage .....18
REGULARS
ThreatWatch .....3
Report Analysis .....4
News in brief .....5
Threat Intelligence .....6
The Firewall .....20
Events .....20
Volume 2021, Issue 11
Contents
NEWS
Unicode flaw leaves most software open to malicious code injection .....1
Computer crimes soar .....2
US bans spyware .....3
FEATURES
After the pandemic: securing smart cities .....7
Smart plugs invite cyber criminals into the home .....9
Coming off the tracks: the cyberthreats facing rail operators .....12
Protecting Active Directory against modern threats .....15
Layering identity and access management to disrupt attacks .....17
REGULARS
ThreatWatch .....3
Report Analysis .....4
News in brief .....5
Threat Intelligence .....6
The Firewall .....20
Events .....20
Volume 2021, Issue 10
Contents
NEWS
Iran-based hackers target defence, aerospace and telco firms, but Russia still biggest threat .....1
Major telecoms firm hacked for five years .....3
FEATURES
A network with nowhere to hide .....7
CISOs should work closely with their ITAM colleagues .....9
How financial services firms can mitigate the next wave of attacks .....12
The future of security in a remote-work environment .....15
Shining a light on organisational risk .....18
REGULARS
ThreatWatch .....3
Report Analysis .....4
News in brief .....5
Threat Intelligence .....6
The Firewall .....20
Events .....20
Volume 2021, Issue 6
Contents
NEWS
US authorities recover most of Colonial Pipeline ransom .....1
Phishers impersonate USAID .....2
FEATURES
Applying the principles of zero-trust architecture to protect sensitive and critical data .....7
Grid cyber security: secure by design, continuous threat monitoring, effective incident response and board oversight .....9
Attack graph reachability: concept, analysis, challenges and issues .....13
REGULARS
ThreatWatch .....3
Report Analysis .....4
News in brief .....5
Threat Intelligence .....6
The Firewall .....20
Events .....20
Volume 2021, Issue 5
Contents
NEWS
Supply chain attack puts thousands of firms at risk .....1
Pulse zero-day exploited by APT groups .....2
Bolstering IoT security .....3
FEATURES
Facing up to security and privacy in online meetings .....7
Security misconfigurations and how to prevent them .....13
When is the right time to outsource your security function? .....16
REGULARS
ThreatWatch .....3
Reviews .....4
News in brief .....5
Threat Intelligence .....6
The Firewall .....20
Events .....20
Volume 2021, Issue 4
Contents
NEWS
More than a billion Facebook and LinkedIn records leaked .....1
Exchange woes continue .....2
FEATURES
A threshold-based, real-time analysis in early detection of endpoint anomalies using SIEM expertise .....7
Gamification – can it be applied to security awareness training? .....16
Securing connectivity for remote workforces .....18
REGULARS
ThreatWatch .....3
Report Analysis .....4
News in brief .....5
Threat Intelligence .....6
The Firewall .....20
Events .....20
Volume 2021, Issue 3
Contents
NEWS
Accellion vulnerabilities lead to breaches of major organisations .....1
North Korea targets defence firms and Pfizer .....2
FEATURES
Investigating cyber attacks using domain and DNS data .....6
Looking to the future of the cyber security landscape .....8
Locking the door: tackling credential abuse .....11
REGULARS
ThreatWatch .....3
Report Analysis .....4
News in brief .....5
The Firewall .....20
Events .....20
Volume 2021, Issue 2
Contents
NEWS
Florida facility hacked in attempt to poison water .....1
More fallout from SolarWinds hack .....2
FEATURES
Who’s that knocking at the door? The problem of credential abuse .....6
The state of zero trust in the age of fluid working .....15
Avoiding costly downtime – how MSPs can manage their networks .....17
REGULARS
ThreatWatch .....3
Report Analysis .....4
News in brief .....5
The Firewall .....20
Events .....20
Volume 2021, Issue 1
Contents
NEWS
SolarWinds supply chain breach threatens government agencies and enterprises worldwide .....1
FEATURES
How can mobile networks protect critical infrastructure? .....6
Relying on firewalls? Here’s why you’ll be hacked .....9
The event data management problem: getting the most from network detection and response .....12
Shining a light on UEFI – the hidden memory space being exploited in attacks .....14
Now is the time to move past traditional 3-2-1 back-ups .....18
REGULAR
ThreatWatch .....3
Book Reviews .....4
News in brief .....5
The Firewall .....20
Events .....20
Volume 2020, Issue 12
Contents
NEWS
UK reveals existence of its military cyber operations unit .....1
Security firms breached .....3
FEATURES
How SASE is defining the future of network security .....6
When it comes to cyber security, ignorance isn’t bliss – it’s negligence .....8
Nation-state attacks: the escalating menace .....12
Where conventional security control validation falls short when evaluating organisational threats .....18
REGULARS
ThreatWatch .....3
Report Analysis .....4
News in brief .....5
The Firewall .....20
Events .....20
Volume 2020, Issue 11
Contents
Governments implement sanctions against nation-state attackers
Can graphs mitigate against coronavirus-related cybercrime?
Bot mitigation – how gaps in understanding and ownership are exposing businesses to greater threats
The future of 5G smart home network security is micro-semicro-segmentation
Volume 2020, Issue 10
Contents
Zerologon flaw exploited in the wild
Exploitable hosts used in cloud native cyber attacks
How threat actors abuse ICS-specific file types
How organisations can ethically negotiate ransomware payments
Volume 2020, Issue 9
Contents
US presidential election already under attack
The problem with (most) network detection and response
The security implications of quantum cryptography and quantum computing
Critical infrastructure under attack: lessons from a honeypot
Volume 2020, Issue 8
Contents
Intel and other major firms suffer source code leaks
Why organisational readiness is vital in the fight against insider threats
Managing endpoints, the weakest link in the security chain
Zoombombing – the end-to-end fallacy
Volume 2020, Issue 7
Contents
Australian Government claims ‘sophisticated’ attack by nation-state actors
Strong security starts with software development
The 2020 Data Breach Investigations Report – a CSO’s perspective
Avoiding the most common vulnerability- management pitfalls
Volume 2020, Issue 6
Contents
Russian nation-state attackers target Exim mail servers
How data can be the lingua franca for security and IT
Keeping a secure hold on data through modern electronic content management
Keeping critical assets safe when teleworking is the new norm
Volume 2020, Issue 5
Contents
Chinese hackers attacking Covid-19 researchers, US warns
Optimising storage processes to reduce the risk of ransomware
lorian Malecki, StorageCraft
Hybrid intrusion detection system using machine learning
Amar Meryem and Bouabid EL Ouahidi, Mohammed V University, Rabat
Volume 2020, Issue 4
Contents
DDoS defence: new tactics for a rising shadow industry
Terry Ray
Are your IT staff ready for thepandemic-driven insider threat?
Phil Chapman
Essentials for selecting a network-monitoring tool
Cary Wright
The security risks created by cloud migration and how to overcome them
Simon Kelf
Innovation and risk walk hand-in-hand with 5G and IoT
David Higgins
Uncovering the cyber security challenges in healthcare
Alyn Hockey