Cybersecurity Starts in the Boardroom
The US government Cybersecurity and Infrastructure Security Agency (CISA) site in one of my “go to” places for information on vulnerabilities, exploitations and patches. Built for the US Government, and American centric, it is still a great resource. This week it has run an excellent article for security professionals on …
Continue reading “US government Cybersecurity and Infrastructure Security Agency Advisories”
Following the ransomware attack earlier this year, the deadline for Royal Mail to pay the LockBit ransomware gang has passed and the Gang has not released any of the stolen data… yet. Experts think this s because they have not yet given up the hope of monetising the attack: LockBit’s …
Continue reading “Royal Mail ransomware attack – no data exposed yet…”
Threat actors are always changing their malware and tactics to evade the technical solutions the anti-virus and other security solution vendors distribute. So it is no surprise that malware gets patches and updates as well: Colonial Pipeline hackers add startling new capabilities to ransomware operation – The Record by Recorded …
Continue reading “The ups and downs of ransomware software development”
Hacker spent nearly five months inside a US regional government network, downloading files, using software and deleting logs, before deploying Lockbit ransomware. Sophos recreated the attack from what was left of the logs and believe the attackers got in through a public facing remote desktop protocol (RDP) port – something …
Continue reading “Sophos report even government agencies can miss hackers in their network”
