Saturday, 5 August 2023
Types of Cyber Attacks - 10 Real World Cyber Attacks
Friday, 4 November 2022
The European Aviation Industry’s New Cybersecurity Rules
Saturday, 8 January 2022
Triple Extortion Ransomware - What it is and how to prevent It
The number of organizations impacted by ransomware globally has more than doubled in the first half of 2021 compared with 2020.
The healthcare and utilities sectors are the most targeted sectors while organizations in Asia Pacific are targeted more than any other region.
Since April, researchers at Check Point Research (CPR) have seen an average of over 1,000 organizations being impacted by ransomware every week.
Prominent attacks that have taken place at the end of 2020 and the beginning of 2021 point at a new attack chain – essentially an expansion to the double extortion ransomware technique, integrating an additional, unique threat to the process – that CPR calls the Triple Extortion.
What is Triple Extortion? You can find out HERE.
Thursday, 6 January 2022
A practical guide to Log4shell remediation
Leading researchers and technology companies have warned that hackers with links to foreign governments and ransomware criminal groups seek to exploit vulnerabilities in targets’ computer systems.
Find out more and what you should be doing HERE.
Wednesday, 5 January 2022
You can’t stop the ‘next SolarWinds’ — but you can slow it down
Such attacks have soared by 650% since mid-2020, due in large part to infiltration of open source software, according to a recent study by Sonatype.
But an even bigger driver of the question, of course, has been the unprecedented attack on SolarWinds and customers of its Orion network monitoring platform. In the attack, threat actors compromised the platform with malicious code that was then distributed as an update to thousands of customers, including numerous federal agencies.
Find out more, HERE.
Monday, 3 January 2022
10 worst password snafus of 2021
For its 2021's Worst Password Offenders list, Dashlane looked at the year's 10 worst security mishaps that involved hacked or stolen passwords. These fiascos show that advice about creating a strong password is still being ignored by too many individuals and too many organizations.
Read the full list HERE.
Saturday, 12 June 2021
Essential Geopolitics How a Cyberattack on a Pipeline Revealed Critical Shortcomings
How the cyberattack on the Colonial Pipeline will accelerate efforts to boost the cybersecurity of critical infrastructure. Will it work?
Thursday, 3 June 2021
Kaspersky finds that cryptomining malware was up, financial malware down in Q1 2021
Kaspersky finds that case of cryptomining malware were up, while financial malware was down in Q1 2021.
Kaspersky has published two reports detailing the state of the cybersecurity threat landscape in the first quarter of 2021. The first report, details desktop attacks and found that cryptomining malware has exploded in popularity, while the second report covering mobile devices, revealed that a popular Trojan targeting gamers has made the leap from PC to Android.
Read the article and access the reports HERE.
Cybersecurity: Are false positives real?
Read the article "Cybersecurity: There's no such thing as a false positive" HERE.
Monday, 17 May 2021
Significant Cyber Attacks from 2006-2020
Yet, despite the consequences, cyber criminals continue to wreak havoc across the globe. But some countries seem to be targeted more than others.
Using data from Specops Software, this graphic looks at the countries that have experienced the most significant cyber attacks over the last two decades.
To view the infographic and the full post click HERE.
Wednesday, 16 December 2020
Cyber attacks turn deadly
To view CLICK HERE
Tuesday, 19 March 2019
Smart Home devices are vulnerable to remote attacks
Smart home devices may be vulnerable to attacks due to outdated software, or unpatched security flaws, or weak credentials according to a new report that was recently produced by Avast. This report can be accessed HERE.
16 million different home networks worldwide have been included in Avast’s study. The report focuses on 21 countries in North and South America, Europe, and the Asia Pacific region. 56 million devices were scanned as part of the study. Two out of five (40.8%) smart homes worldwide have at least one device that is vulnerable to attacks, out of which,69.2% are vulnerable due to weak credentials. The UK Government advocates that strong security should be built into internet-connected products by design.
In October 2018, the UK government published the Code of Practice for Consumer IoT Security to support all parties involved in the development, manufacturing and retail of consumer IoT. You can access this HERE.
Aditionally, the NCSC (National Cyber Security Centre) has called for the adoption of Secure by Default which covers the long-term technical effort to ensure that the right security primitivesare built in to software and hardware. Read that HERE.
Wednesday, 22 March 2017
DDoS attacks enter the terabit era
Deloitte Global predicts in 2017, Distributed Denial-of-Service (DDoS) attacks, a form of cyberattack, will become larger in scale, harder to mitigate and more frequent. Over the past few years, it has been a game of cat and mouse in which neither side has become too powerful, but this might change in 2017 due to the abundance of insecure IoT devices and the fact that large-scale attacks which exploit IoT devices' vulnerabilities have become simpler to execute.
Sunday, 26 June 2016
Can our technology really be trusted?
A cyber-attacker outsmarts a “smart contract”
From The Economist –
“IS IT theft if no rules are broken? That is what users of the DAO, a futuristic investment fund, were left pondering after June 17th, when an unknown attacker made off with around 3.6m “ether”, an online currency similar to bitcoin. As cyber-heists go, it was a big one: the ether were worth about $55m at the time of the attack, about a third of the DAO’s assets. But the DAO, which stands for Decentralised Autonomous Organisation, does not have rules as such, or staff to enforce them: instead, it has computer code, which is supposed to embody its purpose and to operate automatically. If the attacker found a flaw in the code, whose fault is that? Indeed, some cyber-libertarians are arguing that whereas the heist was not a crime, altering digital ledgers to retrieve the lost ether would be an affront to the whole project.”
Read More>>
Wednesday, 27 April 2016
Concerns about SWIFT
Saturday, 5 December 2015
Is total cyber-attack prevention possible?
It is impossible to prevent all cyber threats
From Finextra -
“George Quigley, Partner, KPMG, speaks about if financial institutions can possibly prevent cyber-attacks, and explains what the four a’s are – availability, access, accuracy, and agility – and why they are so important.”
Read more>>