Cybersecurity Starts in the Boardroom
Phishing campaigns usually depend on social engineering and threat actors are always looking for new ways to exploit your trust: Phishing scam adds a ‘chatbot-like’ twist to steal credit card information and more – The Record by Recorded Future
The BlackByte “Ransomware-as-a-Service” gang and it’s affiliates have been active worldwide, despite the FBI and US Secret Service issuing a cyber security advisory about the gangs operations. No one is slowing down BlackByte ransomware gang • The Register Ransomware in more hands can only be a bad thing for our …
Continue reading “BlackByte cyber gang active despite the FBI advisory”
This is pretty simple – do you use VMWare if so get it patched or change it. The Spring Cloud framework vulnerability is proving a honey pot for attackers. CISA issues directive for exploited VMware bug after IR team deployed to ‘large’ org – The Record by Recorded Future Patch …
Continue reading “VMWare is a real cyber security issue – fix it or get rid of it CISA warns”
Following the emergence of Bumblebee malware as a significant threat, SANS INternet Storm has a post looking at the function of the malware and transferring ISO files. Bumblebee Malware from TransferXL URLs – SANS Internet Storm Centre This is an excellent post by Brad and not only shows you the …
Continue reading “More on Bumblebee malware – detailed attack examination”
The US Cybersecurity and Infrastructure Security Agency has issued a joint advisory with the cyber security organisations from the UK, New Zealand, Netherlands and Canada listing ten regularly exploited weak security controls, poor configurations, and bad practices that allow threat actors to compromise networks. Here is the article: Weak Security …
Continue reading “CISA joint advisory on access control. Are you still missing MFA?”
