…but a North Korean threat actor group had and they hijacked the update process to inject malware into the “protected” systems. Researchers at Avast believe the group is the North Korean APT group Kimsuki. The malware installs GuptiMiner – a crypto-miner – and disables several other security precautions if they …
The fast track for better cyber security
Modern cyber security tools are well within the budget of even the smallest organisations- even one person businesses. We have a webinar this week to tell you how. This article will give you some background it includes a link to sign up for either the webinar or to get the …
Has Sellafield been hacked?
The UK Government denies that Sellafield, the nuclear research and processing site located on the Cumbria coast, has been infected with malware since 2015. Sellafield nuclear site hacked by groups linked to Russia and China | The Guardian The fears are that some of the mist confidential information stored on …
You have protection – hackers have evasion
In a forth coming article about our new Security Operations Centre (SOC-as-a-Service), I discuss the different between passive protection – which you must have – and reactive, continuous 24/7 Cyber Security Monitoring. This article from Bleeping Computer illustrates how threat actors carefully take apart the protection you are using to …
Continue reading “You have protection – hackers have evasion”
Just when you thought I had forgotten about ransomware
It is not possible to forget ransomware, just this week our engineers have updated a client’s back-up to one that is ransomware compliant – meaning, among other things, that the threat actors cannot access and so encrypt or alter the back-up during their attacks. Up to this point the client …
Continue reading “Just when you thought I had forgotten about ransomware”
Turkish Malware
The trick with this one is that it will delay installation to avoid detection: Turkish malware used to infect machines in 11 countries through fake Google Translate links – The Record by Recorded Future It appears to be a Google Translate or mp3 downloader link, and has infected machines across …
Pass the cookie attack – but you still need to use MFA and have these extra steps in place
We cannot emphasise how important multi-factor authentication is to your cyber security – however, of course, the threat actors do have ways around it: Cookie stealing: the new perimeter bypass – Sophos News The threat is malware getting into your system and stealing session cookies that are associated with the …