On Friday 19 July 2024, the UK awoke to news of a fast-spreading IT outage, seemingly global in its nature, affecting hundreds – if not thousands – of organisations. The disruption began in the early hours of Friday morning in Australia, before spreading quickly across Asia, Europe and the Americas, with the travel industry among…
CrowdStrike update chaos explained: What you need to know Read More »
Hamas hacked into video streams from private security cameras in Israeli homes to gather intelligence before fighters descended on Israeli settlements near the Gaza strip on 7 October 2023, according to the Israel National Cyber Directorate (INCD). For Gaby Portnoy, director general of the INCD, the hacking was no surprise: “But it went deeper than…
Lessons from war: How Israel is fighting Iranian state-backed hacking Read More »
The China-backed advanced persistent threat (APT) actor tracked as APT40 has been busy evolving its playbook and has recently been observed actively targeting new victims by exploiting vulnerabilities in small office and home office (SoHo) networking devices as a staging post for command and control (C2) activity during their attacks This is according to an…
Chinese spies target vulnerable home office kit to run cyber attacks Read More »
With the country heading to the polls, ensuring the cyber security of the electoral infrastructure couldn’t be more crucial. The government has warned that rising geopolitical tensions across the globe have the potential to impact elections as at least 64 countries gear up to head to the polls, representing 49% of the world’s population. Beyond…
Safeguarding democracy from cyber threat peril Read More »
Who is responsible for security in the public cloud? This is a question businesses need to consider as they increasingly deploy more workloads and use cloud-based IT infrastructure, platform services and applications. In Gartner’s How to make integrated IaaS and PaaS more secure than your own data center report, analysts discuss the benefits of adopting…
Security in the public cloud explained: A guide for IT and security admins Read More »
The US Department of Commerce’s Bureau of Industry and Security (BIS) has banned Kaspersky Lab from directly or indirectly providing antivirus software and cyber security products or services, meaning Kaspersky will be prohibited from conducting or participating in certain information and communication technology service transactions in the US. “The Russian Government has proven that it…
Kaspersky says it can continue to sell cyber threat intelligence in spite of US ban Read More »
The cloud recently became more complicated and more important than ever; but I’ll leave the best bit to the end. One of the main security concerns with using the cloud, although I accept that there are several, are misconfigurations. These lead to data breaches or, in the case of hacktivism, misconfigurations allow for denial-of-service attacks.…
Security Think Tank: The cloud just got more complicated Read More »
Some of the most prominent malware-dropping botnets in operation today, including Bumblebee, IcedID, Pikabot, Smokeloader, SystemBC and Trickbot, have been disrupted in a coordinated law enforcement action orchestrated through the European Union’s (EU’s) Europol agency. Operation Endgame, which enlisted the support of both the UK’s National Crime Agency (NCA) and the US’s FBI, as well…
Europol sting operation smokes multiple botnets Read More »
Banning ransomware payments is a simple, elegant idea, with the potential for terrible unintended consequences. It’s attractive because it would, if it worked, stop the incentive for ransomware. If you can’t get paid, what’s the point? Cyber crime is a business like any other. If the paying customers suddenly stop paying, it’s time to pivot…
The UK may not have a choice on a ransomware payment ban Read More »
Banning ransomware payments is the only viable deterrent to cyber criminal gangs in the long term. Recent attacks on the British Library, Boeing, and even government departments indicate the ongoing popularity of this brutal form of cyber attack. The most obvious point in favour of enacting a blanket ban on ransomware payments is that it…
Ransomware payment bans need universal buy-in Read More »
