MITRE ATT&CK Framework Not Just for the Big Guys
I’ve used the framework to create tailored deception campaigns for clients as it’s a great way of identifying the likely threats. When combined with Threat Modelling, this can be used […]
Dark Reading
Lenovo NAS Firmware Flaw Exposes Stored Data
Thought you (or your supply chain) had your data secured by encryption and authentication?…: Thousands of users of Lenovo network-attached storage devices are at risk of data compromise via a […]
Flaws in Telegram & WhatsApp on Android Put Data at Risk
TL;DR – Time to check settings on your Android devices. Make sure you save media files to internal storage…: […] In the blog post on the vulnerability, the researchers point […]
Data Center Changes Push Cyber Risk to Network’s Edge
Pressure on the ‘fortress data centre’ model means that application loads are being moved closer to their users. That brings considerable risk…: […] “Edge computing” in this context is computing […]
Researchers Poke Holes in Siemens Simatic S7 PLCs
These things are used widely in industrial control systems so it’s vitally important that they are protected. I’ve worked on deception projects to intercept attempts to compromise PLCs, looks like […]
Android App Publishers Won’t Take ‘No’ for an Answer on Personal Data
For the small percentage of users that actually take notice of privacy notices, sometimes it doesn’t matter what they click…: […] At the Federal Trade Commission’s PrivacyCon 2019, held in […]
New MacOS Malware Discovered
Here’s a quote that would have been laughed out of court until recently. Keeping yourself secure is really about behaviour and a default-mistrust position than the platform you use. MacOS […]
New Exploit for Microsoft Excel Power Query
Check that you’re following the advice (linked below)…: Organizations now have one more reason to pay attention to the security settings of their Microsoft Office applications. Researchers at Mimecast have […]
Global Cyberattack Campaign Hit Mobile Carrier Networks
This story has been wandering around twitter for a few days, mostly because of who it’s being attributed to. Whether it is actually APT10 (“The Chinese”) is debatable. What’s also […]
A Socio-Technical Approach to Cybersecurity’s Problems
In terms of damage to business reputation a social media ‘attack’ is up there with ransomware and denial of service. This is worth a read…: […] Pablo Breuer, innovation officer […]