Iranian Hackers Hit U.K. Cybersecurity Universities

Iranian Hackers have attempted to hack into UK universities offering government-certified cybersecurity courses. Students and employees with UK university log-ins were sent phishing emails in an attempt to trick them into giving their passwords. IT security experts commented below. Dr Guy Bunker, SVP of Products at Clearswift: “While this is not unexpected, we know that phishing and hacking attacks occur every […]

New McAfee Report Finds Data In The Cloud Is More Exposed Than Organisations Think

Sensitive information stored in the cloud, SaaS collaboration and IaaS/PaaS configuration mistakes, along with cloud threats, are at all-time highs—creating significant risks to enterprise data  Key Findings: Twenty-one percent of all files in the cloud contain sensitive data, demonstrating a steady increase year-over-year (YoY) The sharing of sensitive data with an open, publicly accessible link, […]

UK Government Rightly Commits Defence Budget To Securing Software From Cyber Attacks

Nation-State Cyberattacks

Earlier, at the Autumn Budget Statement, Chancellor Philip Hammond announced £1 billion on funding will go into securing UK organisations and interests. There was a big focus on spending in cyber and making sure software used by UK firms are being secured and about the cyber calamity of WannaCry in May 2017. Paul Farrington, Director EMEA and […]

Democratic Fundraising Firm Leaves Data-Filled NAS Open To Public

A consumer-grade network attached storage (NAS) device owned by Rice Consulting, a fundraising firm working primarily with the Democratic Party, containing client data and passwords giving access to other organizations, was left publicly accessible, a cyber security research firm discovered. The factory-set authentication of the Buffalo TeraStation NAS device was disabled, leaving it open to being […]

Critical Vulnerability Discovered In Popular Cisco WebEx Service

Secunia Vulnerability

A new critical remote code execution vulnerability flaw has been discovered in Cisco’s WebEx online and video collaboration software. The vulnerability can allow malicious attackers to remotely execute commands through a component of the WebEx client even when WebEx does not listen for remote connections. Lane Thames, Senior Security Researcher at Tripwire:  “This is an interesting vulnerability. I […]

Swing State Election Websites Easily Spoofed

20 key swing states have non-.gov domains and can easily be spoofed to spread dis-information according to Steve Grobman, CTO of McAfee. Mike Bittner, Digital Security & Operations Manager at The Media Trust: “Government websites in general are popular targets of malicious campaigns because they make bad actors’ jobs easy. They are too often poorly secured; […]

Newly Discovered FilesLocker Ransomware Targeting Chinese And English Speaking Victims

A new ransomware called FilesLocker is being distributed as a Ransomware as a Service, or RaaS, that targets Chinese and English speaking victims. This ransomware was first spotted by MalwareHunterTeam who posted about it on Twitter. At the time, it looked like your standard small little C# ransomware with little or no distribution. It turns out, though, that this ransomware is being […]

Four Steps To Firewall Automation Success

Firewall automation projects are seemingly all the rage these days, with everyone looking to automate at least some portion of the process. Usually, the goal is to save time and money by automating firewall administration and policy management. However, these two categories have grown exponentially in scope and complexity in recent years, so automation projects […]

Another Windows Zero-Day Vulnerability Gets Disclosed On Twitter

Flash Zero Day vulnerabilities

It has been reported that another zero-day security hole in Windows 10 has been made public on Twitter. SandboxEscaper tweeted about the bug (and released a proof of concept), noting that it was difficult to exploit, but still unpatched. The vulnerability affects all flavors of Windows 10 – including the latest October 2018 Update, for those who have installed it – along […]