Cyber criminals would much rather log in than hack in. That’s why infostealer malware, designed to exfiltrate user credentials, browser data, messages, documents, images, and device information, is becoming more widespread. Stealing sensitive information opens a lot of doors for cyber criminals. They can log in using the stolen credentials and bypass multi-factor authentication with…
What is driving the rise of infostealer malware? Read More »
Florence Mottay started her career in cyber security, researching exploits for security vulnerabilities in a small US startup. Today, she is the group chief information security officer (CISO) at Zalando, a high-tech online fashion retailer that boasts over 50 million customers in 26 markets. Zalando, she says, is more of a technology company than a…
Interview: Florence Mottay, global CISO, Zalando Read More »
Almost a billion early stage cyber attacks and user attempts to access dangerous websites have been blocked by the National Cyber Security Centre’s (NCSC’s) Share and Defend service, a joint project developed with partner BT that is designed to protect Britons from fraud and cyber crime. Quietly launched earlier this year, Share and Defend collates…
The UK government will forge ahead with changes to the Computer Misuse Act (CMA) of 1990, introducing long-called-for changes to the 35-year-old law that will finally offer statutory protection from prosecution for cyber security professionals and threat researchers. Speaking on 3 December at the Financial Times Cyber Resilience Summit 2025, security minister Dan Jarvis said:…
UK government pledges to rewrite Computer Misuse Act Read More »
If 2024 was the year AI crashed into cyber security, 2025 was the year interdependence became impossible to ignore. Looking back over the past 12 months, the most important lesson I’ve learned is an uncomfortable one for security people: you are not really “in control” of your risk, you are sharing it. You are sharing…
In 2026, collaboration, honesty and humility in cyber are key Read More »
A remote code execution (RCE) vulnerability in the React JavaScript library, which earlier today caused disruption across the internet as Cloudflare pushed mitigations live on its network, is now being exploited by multiple threat actors at scale, according to reports. Maintained by Meta, React is an open source resource designed to enable developers to build…
Cyber teams on alert as React2Shell exploitation spreads Read More »
The US Cybersecurity Information Sharing Act (CISA) of 2015, a Barack Obama-era cyber security intelligence-sharing law that was allowed to lapse at the end of September as the US government entered a prolonged shutdown, is to receive a new lease of life as part of a continuing resolution to reopen the federal government. Politicians in…
US cyber intel sharing law set for temporary extension Read More »
The Netherlands is preparing to implement the NIS2 directive, which will make boardroom executives personally liable for cyber security incidents. While the European deadline passed in October 2024, Dutch implementation has been delayed until early to mid-2026. However, according to Bibi van den Berg, professor of cyber security governance at Leiden University, the legislation will…
Dutch boardroom cyber security knowledge gap exposed Read More »
Industrial organisations continue to face growing cyber threats from adversaries – ranging from sophisticated state-sponsored groups to hacktivists and financially motivated criminals. These actors are not just targeting data or demanding ransoms, they are affecting physical processes and critical services. A common risk across many of these incidents is one that is still underestimated: insufficient…
Why asset visibility matters in industrial cyber security Read More »
I don’t imagine there are many CISOs who use Bruce Lee as a point of reference for enhancing cyber security strategies? However, the philosophy of his hybrid martial art – Jeet Kune Do – is based on many principles relevant for staying ahead of ransomware hackers. The UK’s National Crime Agency recently highlighted how the ransomware…
Ransomware resilience: It’s time to be ‘more Bruce Lee’ Read More »
