Cybersecurity Starts in the Boardroom
Hacker spent nearly five months inside a US regional government network, downloading files, using software and deleting logs, before deploying Lockbit ransomware. Sophos recreated the attack from what was left of the logs and believe the attackers got in through a public facing remote desktop protocol (RDP) port – something …
Continue reading “Sophos report even government agencies can miss hackers in their network”
Here is something I wrote for the Octagon Technology blog last month. It started out looking at the zero-day issue and then explored the tools available to create “defence in depth” cyber security and finished with an explanation of how you can keep up with this blog in using Outlook …
Continue reading “Why keeping up with the cyber security news is important”
US federal alert warns of the discovery of malicious cyber tools | US national security | The Guardian I use the Cybersecurity and Infrastructure Security Agency, (CISA) a lot. Many of the blog posts I run here, start there. However there is a vast amount of information on the CISA …
Apache has issued another patch for a vulnerability in Struts 2 framework for Java applications as the one issued in 2020 did not quite work. Apache says 2-year-old Struts bug wasn’t fully fixed • The Register S2-062 – Apache Struts 2 Wiki – Apache Software Foundation
As you can see from the image above this was a worldwide effort, including the National Crime Agency and Europol, to close the doors on RaidForums, a resource that cyber criminals used to buy and sell stolen information. Unusually this site was on the internet – you and I could …
