Cybersecurity Starts in the Boardroom
Today there is an excellent illustration of how a phishing attack works on SANS Internet Storm. It is complete with the offer of something the victim wants and then simply steals the Microsoft credentials the victim supplies – all because of a well-crafted spam email. Credential Harvesting with Telegram API …
This post was first published on 31 August 2022 Update 5 October 2022 The cost of this attack – to the local taxpayer – is now predicted to be £1m. Russia-linked cyber attack could cost Gloucester City Council £1m – BBC News “Every time I ask the question about the …
Continue reading “This cyber attack has still not been fixed… UPDATE”
Steganography When we were looking at steganography cyber attacks – hiding malicious code inside for instance image files – I was surprised just how much malware could be hidden without degrading the image. Here is a real-world example of this rare type if attack, spy are code embedded in a …
PuTTY, KiTTY and Sumatra PDF Reader – I did my due diligence before installing these – and now they have been targeted by ZINC, a state-sponsored group operating out of North Korea. ZINC weaponizing open-source software – Microsoft Security Blog Before writing this blog post I had checked my system …
Continue reading “Here is some of the open-source software I use – and it has all been targeted!”
Black Lotus Labs has discovered a new strain a malware, they are calling it Chaos. The new is very telling – the malware is infecting a wide range of devices and servers, Linux, Windows, small office routers etc. One of the servers infected was hosting an instance of GitHub, bringing …
