Adam Parlett

The latest sequel no one asked for has been announced, with the only good news being that it doesn’t involve any of the Avengers. The bad news, however, is that it is another attack campaign by malicious actors targeting Apache Tomcat servers, coming just weeks after we reported on the RCE vulnerability, which was also exploited within 30 hours of disclosure. Nautilus, Aqua Security’s research team, has detailed in a recent blog their findings when they discovered a new and sophisticated attack campaign targeting Apache Tomcat servers. The campaign uses brute-force attacks, encrypted payloads, and persistence mechanisms to hijack resources…

An important recent development in the National Institute of Standards and Technology (NIST) standardization project has seen them select SandboxAQ’s Hamming Quasi-Cyclic (HQC) as the fifth algorithm to be added to their suite of post-quantum cryptography (PQC) standards.  HQC will act as a backup in the event that quantum computers become capable enough in the future to crack the Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM) specified in Federal Information Processing Standard (FIPS) 203. FIPS 203 FIPS 203 is NIST’s primary standard for general encryption. It is based on the CRYSTALS-Kyber algorithm, which was subsequently renamed to ML-KEM – the algorithm it specifies. ML-KEM…

A recently released Policy Statement from the UK Secretary of State for the Department for Science, Innovation and Technology, Peter Kyle MP, has provided some guidance over what areas will be prioritized in the UK government’s Cyber Security and Resilience Bill. The Policy Statement focuses on three key areas: expanding the regulatory framework, empowering regulators, and ensuring the regulatory framework is adaptable. Expanding The Bill seeks to bring more organizations into its scope to understand better digital services and the vulnerabilities supply chains pose. The government believes that increased regulation of this space will help to ensure compliance with cybersecurity…

The infamous Lazarus cyber threat group, famed for their record-breaking $1.5 billion ByBit crypto heist, has unleashed another attack against the crypto community. In their latest criminal campaign, dubbed ClickFake Interview, the gang is using fake job interviews to target cryptocurrency professionals.  Please, Take a Seat The ClickFake Interview operation can be understood as the latest iteration of similar campaigns, such as the DeceptiveDevelopment and Contagious Interview attacks, also undertaken by Lazarus, involving phony job interviews for fictitious positions. In both attacks, candidates were duped into downloading and running BeaverTail downloader malware that delivers InvisibleFerret, a cross-platform Python backdoor equipped…

After announcing plans to ‘turbocharge’ growth in the UK through AI at the start of the year, a recent report from the Public Accounts Committee (PAC) has delivered a sobering assessment of the difficulties the UK government faces in implementing its plan. The report used evidence from the Department for Science, Innovation and Technology (DSIT) and the Cabinet Office on the use of artificial intelligence (AI) in government to highlight the challenges and make considered recommendations regarding AI in the UK.  PAC First appointed in 1861, the PAC is a cross-party group of no more than 16 members of parliament…

Phishing attacks are on the rise, with the latest KnowBe4 Phishing Threat Trends Report observing a 17.3% increase in phishing emails between September 15th, 2024, and February 14th, 2025, compared to the previous six months. Also increasing is the use of Polymorphic phishing, with polymorphic phishing features identified in 76.4% of all phishing campaigns they observed. Not only are attacks increasing, but they are also getting more sophisticated; the report saw a 22.6 percent increase in ransomware payloads, with phishing hyperlinks, malware, and social engineering payloads all bypassing traditional detection methods a lot more frequently. This was identified as an…

Silicon Valley security provider AppSOC has branded DeepSeek-R1, one of the latest highly advanced artificial intelligence (AI) models to emerge from China, a “high-risk model unsuitable for enterprise use.” They strongly recommend that enterprises not use the DeepSeek-R1 model provided on Azure for “any AI applications, especially those involving personal information, sensitive data or IP.”  High Stakes Securing AI is now a stand-alone cyber-market segment anticipated to grow to $255 million by 2027. Although organizations are always on the lookout for a great deal, vulnerability in cybersecurity is one of the most-cited risks of AI adoption. The stakes are sky-high, as…

The latest email threat landscape report from cybersecurity solutions provider Fortra identifies how stolen personal data is being leveraged to curate very detailed email attacks. Almost all these attacks are social engineering or phishing attacks, often across multiple channels, with the misuse of legitimate tools adding to the obfuscation targeted victims must contend with. For the report, Fortra analyzed data from more than 1 million email threats received by corporate users in 2024 to inform its comprehensive report, which identifies trends and makes predictions. Although the situation is undoubtedly concerning now, Fortra believes that Generative AI (Gen AI) will only…

The latest annual Menlo Security State of Browser Security Report recorded a massive jump in browser-based phishing attacks and zero-hour phishing attacks in 2024. Over the last 12 months, they identified more than 752,500 browser-based phishing attacks against over 800 enterprises. Delving into the report, the increase from 2023, a staggering 140% in browser-based phishing attacks and a 130% in zero-hour phishing attacks specifically is largely attributable to the proliferation of Generative AI (Gen AI) for nefarious purposes.  Just Browsing Browsers act as a gateway to the internet in our personal and professional lives. When people find a browser they…

Consumer-grade spyware operation SpyX has been identified on the data breach notification site have I been pwned? as experiencing a data breach in June 2024 that compromised almost 2 million unique email addresses. Among those, interestingly, were thousands of Apple users. The incident highlights not only the structural vulnerabilities of such applications (apps) but also how Apple’s famously robust security practices don’t always make them immune from attacks. More troubling, however, is the nine months between the breach and the incident, with that information coming to light emerging through media reporting rather than the affected organization’s disclosure or communication with…