Cybersecurity Starts in the Boardroom
I reported on the information leak that LockBit suffered when one of the hacker developers has a spat and leaked the software code. Security software vendors would have been checking out this code to improve their defences but there was also the opportunity for less experienced hackers to improve their …
Continue reading “New ransomwareattacks following the leak of LockBit software by a hacker insider”
The latest release of Windows 11, now includes Enhanced Phishing Protection, which sounds complicated, and I am sure the implementation of it is complex, but the security advantage it offers is obvious and simple. Windows 11 will warn you when you type a password into an insecure website or application. …
Bleeping Computers is reporting on the discovery of a new cyber-criminal gang, Metador, who have apparently been infiltrating ISPs, telecos and universities for the last two years: New hacking group ‘Metador’ lurking in ISP networks for months (bleepingcomputer.com) The group have been involved in some complex operations using Windows and …
Many office and web based applications, both commercial and bespoke use SQL servers of varying flavours – you or your cyber security consultant should know if your organisation is dependent on a Microsoft SQL server and what actions have been taken to protect it. Here is the threat, ransomware targeting …
Continue reading “Are you SQL servers secure? What, you do not know if you use SQL servers!”
When a threat actor compromises the coding of software the problems can be widepread – the SolarWinds attack and subsequent distribution of the infected software through legitimate update channels is a classic example. (Ironic but the SolarWinds customers who avoided the attack, were those with a poor cyber security stance …
Continue reading “Back to the supply chain and software compromise”
