Cyber-Commentary: Microsoft Warns of Continued Attacks by the Nobelium Hacking Group

Microsoft Azure Marketplace

The Microsoft Threat Intelligence Center said it’s been tracking recent activity from Nobelium, a Russia-based hacking group best known for the SolarWinds cyberattack of December 2020, and that the group managed to use information gleaned from a Microsoft worker’s device in attacks. Microsoft said it “detected information-stealing malware on a machine belonging to one of […]

5 Tips for Avoiding Your Security Program Pitfalls

Conceptualizing, developing, implementing, and maintaining an effective security program is a critical necessity for organizations to successfully achieve compliance with internal and regulatory controls. An effective security program is also paramount in an organization’s ability to meet contractual requirements with customers. Once initial compliance is achieved for the adopted, in-scope controls, the perpetual focus should […]

Bitcoin-inspired Cyber Attacks Surge By Nearly 200% Since October 2020

Phishing impersonations and business email compromise attacks designed to steal victims’ bitcoin surged by 192% between October 2020 and May 2021, closely following the rising demand and increasing price of bitcoin over the last eight months [FIGURE 1], according to new analysis by Barracuda Networks, the trusted partner and leading provider for cloud-enabled security solutions, […]

Cyber Insurance May Be Making Ransomware Crisis Worse, Expert Weighs In

BACKGROUND: A research paper by defence think tank Royal United Services Institute (RUSI) examining cyber insurance and the cybersecurity challenge has found that cyber insurance isn’t just encouraging cyber criminals, it’s also not sustainable for the cyber insurance industry. “To date, cyber insurance has failed to live up to expectations that it may act as a tool […]

Comment: Cisco ASA Flaw Under Active Attack

New PCI DSS 3.1

BACKGROUND: A security vulnerability in Cisco Adaptive Security Appliance (ASA) that was addressed by the company last October and again earlier this April, has been subjected to active in-the-wild attacks following the release of proof-of-concept (PoC) exploit code. The PoC was published by researchers from cybersecurity firm Positive Technologies on June 24, following which reports […]

DeltaNet International Launches Phishing Simulation Tool to Help Organisations Combat Phishing Attacks with Cybersecurity Awareness Training

IRS Warns of Nasty W-2 Phishing Scheme

DeltaNet International, a global eLearning provider of compliance training solutions, has today announced the availability of its Phishing Simulator, to help organisations strengthen their cybersecurity awareness training against phishing attacks. This solution enables organisations to assess the effectiveness of their cybersecurity education, diagnosing vulnerabilities and identifying urgent skills gaps through realistic phishing simulations.   The phishing simulation tool can be used simply to test the susceptibility of an organisation from falling victim to a phishing attack, but when combined with follow-up training to close knowledge and […]