Bleeping Computers is reporting on the discovery of a new cyber-criminal gang, Metador, who have apparently been infiltrating ISPs, telecos and universities for the last two years: New hacking group ‘Metador’ lurking in ISP networks for months (bleepingcomputer.com) The group have been involved in some complex operations using Windows and …
Are you SQL servers secure? What, you do not know if you use SQL servers!
Many office and web based applications, both commercial and bespoke use SQL servers of varying flavours – you or your cyber security consultant should know if your organisation is dependent on a Microsoft SQL server and what actions have been taken to protect it. Here is the threat, ransomware targeting …
Continue reading “Are you SQL servers secure? What, you do not know if you use SQL servers!”
Here is the fallout for Indian privacy…
I have reported previously on India’s new laws that will weaken the privacy offered to users of VPN technology: The new laws require the VPN vendors to record identifiable information about the users, and then make that information available to organisations authorised by the government, so effectively removing privacy from …
Reflections
Here is a threat that is being actively researched, but probably is not that big a deal – that is of course until we get to reality resolution screens and webcams… [2205.03971] Private Eye: On the Limits of Textual Screen Peeking via Eyeglass Reflections in Video Conferencing (arxiv.org) However… The …
Back to the supply chain and software compromise
When a threat actor compromises the coding of software the problems can be widepread – the SolarWinds attack and subsequent distribution of the infected software through legitimate update channels is a classic example. (Ironic but the SolarWinds customers who avoided the attack, were those with a poor cyber security stance …
Continue reading “Back to the supply chain and software compromise”
