Cyber Security Archive
If there were a business degree for criminals, I’m sure that the evolution of the ransomware business model would be a key case study. The original concept was elegantly simple: deploy malware onto a target company’s devices, encrypt the hard …
Oracle releases a quarterly Critical Patch Update (CPU) and the most recent, released this April, apparently fixes 390 bugs across the Oracle software suite. 41 vulnerabilities are ranked as critical, five of which achieve a perfect CVSS score of 10. …
Proliferation of phishing scams, aimed at people working from home, demonstrates extent to which cyber criminals systematically exploit vulnerabilities – particularly those that can be socially engineered. With high numbers of people working from home, and the explosion over the …
Published last week, the UK’s Cybersecurity Breaches Survey contains a number of interesting facts. Although it was not surprising that most organisations found that Covid-19 made cyber security harder, it was surprising that the vast majority of organisations still do …
DMARC is a technology that enables responsible organisations to ensure that their domains are not spoofed in phishing attacks. In today’s cyber crime environment, it should be a standard aspect of every organisation’s security configuration. DMARC, however, won’t protect organisations targeted …
Ransomware is not just a type of cyber attack – it is an entire eco-system of supply, facilitated by a legitimate economy that, inadvertently perhaps, keeps the ransomware show on the road: Inside the Ransomware Economy | SecurityWeek.Com. The challenge …
As Windows ships a massive 89 security patches (14 critical, 74 important), Adobe ships critical patches for its software (although it doesn’t think they’ll be exploited!), and WordPress reveals a critical vulnerability that allows a bad actor to completely take …
Ada Lovelace (1815 – 1852), daughter of Lord Byron, is increasingly and widely recognised as the first person to see that a calculating machine – such as Charles Baggage’s Analytical Engine – could be programmed to solve problems of any …
FBI reports for 2019 show BEC (Business email compromise) attacks generating far better returns for cyber criminals than ransomware. BEC attacks do not require the same level of technology or human resource as do ransomware attacks, nor do they generate …
The number of identified criminal gangs targeting Critical National Infrastructure had, by the end of 2020, increased to 15 – from just 5 in 2018. These gangs target Industrial Control Systems (ICS) and Operations Technology (OT) in the electric energy …
