Hacking Gang Turns To New Tactics In Malware Campaign

It has been reported that Off-the-shelf malware kits and mass phishing campaigns are enabling a small group of Nigerian cybercriminals to conduct hacking campaigns against targets around the world – and the threat they pose to organisations is increasing. The group, dubbed SilverTerrier, isn’t a sophisticated operation, but has access to a number of malware families […]

One Year After WannaCry: What’s Changed & What Hasn’t? (May 12 Marks One Year)

With the one-year anniversary of WannaCry (May 12th) approaching, two cybersecurity experts with Juniper Networks commented below on what’s changed and what hasn’t, and advice on what works to minimize the impacts of ransomware attacks. Mounir Hahad, Head of Juniper Threat Labs at Juniper Networks: “Immediately after the WannaCry epidemic last year, most security researchers advised people to disable SMBv1 […]

GDPR Compliance Countdown: The Final Checklist

Having caused IT teams – and indeed businesses – turmoil throughout the past number of months, the dreaded General Data Protection Regulation (GDPR) enforcement deadline is now just a matter of weeks away from implementation. 25th May marks the day that European industries will see if their exhaustive preparations will finally come to fruition, and find […]

Kaspersky Lab Discovers Critical Vulnerabilities In Popular Industrial Protocol, Affecting Products From Multiple Vendors

Kaspersky Lab ICS CERT has analyzed the OPC UA (Object Linking and Embedding for Process Control Unified Automation) protocol, which is designed for secure data transfer between servers and clients in industrial systems, including critical infrastructure. Analysis discovered 17 zero-day vulnerabilities in the protocol’s implementation, leading to denial-of-service threat attacks, as well as remote code […]

Drupal Campaign Infecting Websites With Cryptomining Malware

Hackers targeting a critical vulnerability in the Drupal Content Management System have been able to infect more than 400 websites with cryptomining malware. Chris Olson, CEO at The Media Trust commented below. Chris Olson, CEO at The Media Trust: “While malware actors have targeted Drupal’s CMS vulnerabilities, there are many ways they have used cryptomining […]

Only 9% Of Millennials Are Interested In A Cybersecurity Career

It has been reported that with the cybersecurity talent shortage projected to hit 1.8 million unfilled roles by 2020, the industry must start attracting younger workers to fill jobs and protect businesses. However, the field faces a problem: Only 9% of millennials said they are interested in pursuing a cybersecurity career at some point in […]

Estimated DDoS IoT Costs

A new study from the Berkeley School of Information* reports that the cost to IoT device owners whose IoT devices that were subverted into a Botnet ande used  in the 2016 DDoS attack on the Krebs on Security site that knocked it offline for four days, found that it may have cost device owners a […]

Trump’s Actions Have Placed US Businesses At Increased Risk Of Cyber Attacks

In response to President Trump’s remarks on the Iran nuclear agreement this evening, Priscilla Moriuchi, Director of Strategic Threat Development commented below. Priscilla Moriuchi, Director of Strategic Threat Development at Recorded Future:  “President Trump’s actions have placed American businesses at increased risk for retaliatory and destructive cyber attacks by the Islamic Republic. We assess that […]

NEW REGULATION: NIS Directive Will Ensure The UK Remains ‘On’ During The Most Extreme Cyber-Attacks

Overshadowed by other regulations, the NIS Directive will come into effect tomorrow, 10th May, to ensure that information systems used by operators of essential services and relevant digital service providers are secured against cyber-attacks. The relevant sectors include energy (electricity, oil and gas), transport (air, rail, water and road), healthcare and digital infrastructure. IT security experts commented below. Charlie Wedin, Cyber Security Expert at Osborne […]

May Patch Tuesday

Greg Wiseman, Senior Security Researcher at Rapid7: “Microsoft has released patches that resolve over 60 separate vulnerabilities including an update for Flash Player that addresses a critical Remote Code Execution (RCE) vulnerability. As usual, the majority of fixes are browser-related, but Microsoft Office is also seeing its fair share this month. Not Microsoft-specific, CVE-2018-8897 is […]