WannaCry Detections At An All-Time High
Given that EternalBlue has been patched for two years, it’s a reflection on organisations’ patching and update practises that this is still flying around…: […] “The vulnerability that caused WannaCry […]
Dark Reading
How Cybercriminals Exploit Simple Human Mistakes
Worth a read, if only to confirm how fallible we all are…: “People make mistakes” is a common and relatable phrase, but it’s also a malicious one in the hands […]
Saudi IT Providers Hit in Cyber Espionage Operation
I’m not sure if dwell times are over a year in these middle east attacks but this shows what a determined attacker can do and why you need a way […]
MITRE Releases 2019 List of Top 25 Software Weaknesses
In the absence of secure software development practises, it’s still a case of “Plus ça change…”: […] There were no surprises in this year’s Top 25, agree Buttner and Chris […]
Escaping Email: Unlocking Message Security for SMS, WhatsApp
Some good points here about threats inherent in moving from email to messaging apps. Because I work with a variety of organisations I have to use (in no particular order): […]
Instagram Bug Put User Account Details, Phone Numbers at Risk
Want to harvest account details for potential targets? Facebook is your friend it seems…: A now-patched Instagram vulnerability could have exposed users’ account data and phone numbers to cyberattackers, parent […]
Third-Party Features Leave Websites More Vulnerable to Attack
I’m a s ‘guilty’ of this habit as many others. It’s worth a reality check of all the third-party includes you have in your own websites…: […] One of the […]
More Than 99% of Cyberattacks Need Victims’ Help
Think about securing your group and aliased email accounts…: […] Today’s campaigns are increasingly targeted; however, attackers are demonstrating variety in the types of people they target and how they […]
Multicloud Businesses Face Higher Breach Risk
Complexity is the enemy of good security. This highlights the need for a comprehensive threat modelling program for each and every cloud application…: […] The higher likelihood of a breach […]
Cybercriminals Impersonate Chief Exec’s Voice with AI Software
This is a worrying step-up from business email compromise (BEC) scams. The old adage ‘trust but verify’ needs to be applied even if it appears your CEO is telling you […]