Cybersecurity Starts in the Boardroom
When a threat actor compromises the coding of software the problems can be widepread – the SolarWinds attack and subsequent distribution of the infected software through legitimate update channels is a classic example. (Ironic but the SolarWinds customers who avoided the attack, were those with a poor cyber security stance …
Continue reading “Back to the supply chain and software compromise”
CISA Has Added One Known Exploited Vulnerability to Catalog | CISA
As you have read ransomware has been in the news for because one of the major ransomware gangs, BlackCat/ALPHV updated and expanded its capability to carry out the double extortion tactic and because another major ransomware player LockBit suffered an insider attack of its own: The threat actors are also …
The highly respected security software vendor Malwarebytes, slipped up this time, classifying Google and YouTube as malware for short time: Malwarebytes mistakenly blocks Google, YouTube for malware (bleepingcomputer.com) I recently wrote about false positives and their possible impact on the cyber security stance of an organisation – if you did …
Threat actors are always changing their malware and tactics to evade the technical solutions the anti-virus and other security solution vendors distribute. So it is no surprise that malware gets patches and updates as well: Colonial Pipeline hackers add startling new capabilities to ransomware operation – The Record by Recorded …
Continue reading “The ups and downs of ransomware software development”
