The Information Commissioner’s Office (ICO) has strongly reprimanded the London Borough of Hackney over a series of failings that led to a devastating ransomware attack in October 2020. The Pysa ransomware gang encrypted a total of approximately 440,000 files affecting 280,000 residents of Hackney in East London, after they exploited old, on-premise servers and systems…
Hackney Council reprimanded over 2020 ransomware attack Read More »
Security teams will have a busy few days ahead of them after Microsoft patched close to 140 new common vulnerabilities and exposures (CVEs) in its July Patch Tuesday update, including four zero-day exploits – one of them a third-party update via processor giant ARM. The four zero-days are listed, in numerical order, as follows: CVE-2024-35264,…
Hyper-V zero-day stands out on a busy Patch Tuesday Read More »
The China-backed advanced persistent threat (APT) actor tracked as APT40 has been busy evolving its playbook and has recently been observed actively targeting new victims by exploiting vulnerabilities in small office and home office (SoHo) networking devices as a staging post for command and control (C2) activity during their attacks This is according to an…
Chinese spies target vulnerable home office kit to run cyber attacks Read More »
Cyber Essentials was launched in the UK to much fanfare in June 2014, aiming to help businesses “to guard against the most common cyber threats and demonstrate your commitment to cyber security”. It focuses on five areas of broad ‘technical controls’: firewalls, secure configuration, user access control. malware protection and patch management. Since the scheme…
Cyber Essentials at 10: Success or failure? Read More »
The cloud recently became more complicated and more important than ever; but I’ll leave the best bit to the end. One of the main security concerns with using the cloud, although I accept that there are several, are misconfigurations. These lead to data breaches or, in the case of hacktivism, misconfigurations allow for denial-of-service attacks.…
Security Think Tank: The cloud just got more complicated Read More »
Across EMEA, organisations must up their game when it comes to addressing the human factors leading to data breaches and cyber security incidents, according to telco Verizon, which this week issued a wake-up call in the form of the 17th annual edition of its landmark global Data breach investigations report (DBIR) In the compilation of…
EMEA CISOs must address human factors behind cyber incidents Read More »
Three-quarters of medium and large enterprises in the UK, and four-fifths of high-income charities, have experienced some form of cyber security incident in the past 12 months, but improvements to overall cyber resilience appear to be stagnating, with economic headwinds and high inflation leading to less overall investment, the government has warned. In a report…
UK’s cyber resilience stagnates as more fall victim to attacks Read More »
Cyber attacks against vulnerable instances of the ConnectWise ScreenConnect remote management platform are now being observed following the disclosure of a critical vulnerability in the service, including some by an individual using a leaked variant of LockBit ransomware. CVE-2024-1709 – described as “trivial” to exploit by one researcher who has poked around under the bonnet…
ConnectWise users see cyber attacks surge, including ransomware Read More »
