An air-gapped system is designed to be very secure. It is not connected to any other system, network or internet – literally a physical gap between it and the rest of the IT world. If it is not connected, then threat actors cannot connect to it. Mordechai Guri, from Ben-Gurion …
A few of the ransomware stories in the media at the moment – to give you some idea of the scale of the cyber security risk you have to plan for. Do you need training?
I have gathered here just a selection of the ransomware stories that have made the headlines – for these there are many more that go unreported in the media or even outside the organisation. ‘Lives are at stake’: hacking of US hospitals highlights deadly risk of ransomware | Hacking | …
The story of Pegasus spyware continues UPDATED 12 July 2022
This post was first published on 15 June 2022 Update 12 July 2022 President Bidens’ administration’s decision to blacklist the NSO Group is proving to be a problem for L3Harris, a US defence contractor that wants to buy the Pegasus spyware part of the business: L3Harris in move to buy …
Continue reading “The story of Pegasus spyware continues UPDATED 12 July 2022”
Are you trying to improve your organisation’s cyber security? Lessons from the largest data theft ever. UPDATED 11 July 2022.
This post was first published on 5 July 2022. The Chinese President, Xi Jinping, is calling for improved cyber security, in the country following the unprecedented alleged data theft by ChinaDan: Security warning after sale of stolen Chinese data – BBC News Details of the theft are starting to be …
What can you buy on the Dark Web?
Here are a couple of connected articles about how easy it is for even inexperienced threat actors, let alone state sponsored ones, to access the raw materials they need to carry out cyber security attacks. The Dark Web is a market like any other – well almost… If you need …
Ransomware via IoT
I have written before about the security limitations of “Internet of Things” (IoT) devices. Many of them are simple devices, possibly based on older tech, they tend to lack the hardware to allow for regular security updates, etc, etc etc. At least the UK Government is enacting laws to make …
I wrote some simple malware to steal credit card data and how that connects to a Texas data breach
OK it was part of my Master course, and it was an attack against a sand-boxed compromised server, and the malware, to be honest, would not last a moment in the real world with the current state of the art when it comes to protecting customer payment information. However the …