


As tax season approaches, criminals know that it is a ripe opportunity to take advantage of organisations of all sizes looking to submit their tax filings.
This is not a new avenue, but it is increasing in popularity. In 2017, the NotPetya attack was spread as a result of Ukrainian accounting software being infected.
It's a good reminder that organisations need to invest in effective security measures to prevent these attacks from being successful. These include the likes of endpoint
.....Read More
All organisations of all sizes and in all verticals need to foster a culture of cyber security so that all aspects of security and design are taken into account. The leak at West Ham Utd is likely down to an internal error or misconfiguration, which is an easy enough error to make. This is why it's important to have in place the proper security controls, particularly where customer data is concerned so that there can be assurance that the data is being handled correctly.

We've seen ransomware evolve, not only is it enough for criminals to encrypt data, but they will spend time within the victim's organisation, stealing valuable data, working out which data is worth encrypting, and how much they should set the ransom at.
In many cases, these criminals go undetected in victim organisations for many months at a time.
So, it's important that organisations have the right controls in place to prevent these attacks from being successful in the first place and have

While many people will applaud the takedown of fascist or extremist groups of any kind and exposing its members. We cannot overlook the fact that it was an unauthorised and illegal hack and therefore cannot condone it.
Additionally, whenever anyone's personal information is leaked, it can lead to real-world consequences - and in the case of mistaken identity, could lead to innocent people being harassed or worse.

Criminals are continually evolving their methods and ways in which they can extort victims or cause embarrassment. Anyone can publish details on the dark web claiming it comes from a breach, but people should be careful before jumping to conclusions.
However, if someone suspects their details could have been exposed in any breach, they should ensure that any passwords that may have been compromised are changed, not only on the impacted service but also on any other sites which may have used
.....Read More
SMS phishing, or Smishing has been gaining popularity as a phishing channel to target unsuspecting victims. With the right software, it can be almost as easy to send mass smishing messages as it can be to send email phishes.
People receiving links via SMS are often less suspicious when compared to links in emails, and have fewer tools available on their phone to easily validate the authenticity of a message. Therefore, it's vital that people are made aware of these scams and remain vigilant
.....Read More
We've seen an increase in attacks against government departments and local councils over the last year, with many cases of ransomware. In all these cases, the affected parties have only been aware of the incident once ransomware has been deployed and have been unable to confirm if any data was exfiltrated prior to ransomware.
Ransomware attacks are not going to slow down any time soon, especially since the majority of attacks are successful through social engineering such as phishing
.....Read More
This new attack shows how invested criminals are in phishing attacks. With each iteration, we see new techniques put in place designed to fool users into believing an email or website is legitimate.
While technical controls can help to block some of these, they won't be successful all of the time. Which is why it's important to educate and train users to be able to identify and report any suspicious emails or websites. Organisations also need to have monitoring and threat detection controls
.....Read More
We often hear of breaches and incidents where some information is stolen, but often the focus is on financial information. However, phone numbers are an increasingly important part of users' identities, not just as a way to link people to numbers, but also they create a new avenue of attack with SMS phishing (Smishing) attacks.
It's also worth remembering that SMS is used by many online services to send an authentication code to log onto accounts. If the number for an individual is known, it
.....Read More
Whenever there is a newsworthy incident or event, criminals are quick to jump on the bandwagon with phishing scams and attacks to try and obtain personal details, compromise organisations, or steal money.
The pandemic has provided ample opportunities for criminals who have been adapting their techniques over the last year with phishing attacks claiming to originate from health organisations like the WHO, or playing on peoples financial difficulties with emails which claim to be from HMRC.
Wi
.....Read More