Cybersecurity Starts in the Boardroom
First see what I have to say about “sophisticated attacks” then we will get into this leak of personal information by an organisation that should have a reasonable spend on cyber-security! Twilio – a communications and phone company based in San Francisco – is reluctant to give away much information on …
Continue reading “Personal data leaked in another “sophisticated” attack”
In any cyber attack where the criminals want to make money, there is usually a server somewhere out there on the internet, being used for command and control of the malware. Now there this is being offered as a service the threat actors can purchase, to save them the full …
The Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Cyber Security Centre (ACSC) have released a report on the top malware strains observed in 2021. 2021 Top Malware Strains | CISA Here is their list of top malware, some of which has been active for over a decade! Agent …
The US Government Cybersecurity and Infrastructure Security Agency has published a report examining the malware that infected an organisation with unpatched Log4Shell vulnerability in a VMware Horizon server. CISA Releases Log4Shell-Related MAR | CISA
Research is showing that with Microsoft now blocking Office VBA macros from the internet, threat actors are moving to other attachments that can execute malicious instructions, such as Windows Shortcut .lnk, .iso and .rar. As Microsoft blocks Office macros, hackers find new attack vectors (bleepingcomputer.com) My advice: Make sure your …
