The US government Cybersecurity and Infrastructure Security Agency (CISA) site is one of the “go to places” for me and my team to keep up with vulnerabilities in our client’s software. Although aimed at the US Government and US users it is still really useful. Here is a round-up of …
A good news cyber security story
The police forces from seven nations, with Europol and Eurojust have broken up and arrested members of a ransomware gang that has been attributed with cyber-attacks in 71 countries. Police dismantle ransomware group behind attacks in 71 countries (bleepingcomputer.com) The operation based primarily in Ukraine with assistance for investigators from …
The anatomy of a phishing email
Phishing email cyber-attacks have to be the most common cyber-attack directed at any organisation. Most are trying to get the victim to reveal their credentials, often for Microsoft 365. Every week I spend time with clients discussing or investigating phishing emails and helping them put systems in place to help …
Defence in Depth
One of the things that came out of the conference I attended on Tuesday in London, was defence in depth, combatting the ways in which the threat actors have expanded their attack vectors and tactics to evade various modern technical and human defences. The message we should all take from …
Have you ever heard of a ZPAQ file?
I hadn’t, but the threat actors are now using ZPAQ files to distribute malware. A ZPAQ file is an archive file, like .ZIP and .RAR, it is open source and is used on a command line – so not something the average office-based user would need to know about or …