Cybersecurity Starts in the Boardroom
If you, as a threat actor, could embed your malware into a software module, that is then used by many innocent and unaware software developers in their packages, they release to the general public, wouldn’t you? That looks like a lot of infected machines for a small amount of work. …
Continue reading “Software repositories are a target for threat actors”
Here are some of the leading ransomware stories this week: Greek natural gas operator suffers ransomware-related data breach – Bleeping Computers LockBit ransomware group implicated in crippling attack on French hospital – The Record by Recorded Future New ‘Donut Leaks’ extortion gang linked to recent ransomware attacks (bleepingcomputer.com) RansomEXX claims …
Continue reading “Ransomware this week… with an international flavour and some advice.”
We cannot emphasise how important multi-factor authentication is to your cyber security – however, of course, the threat actors do have ways around it: Cookie stealing: the new perimeter bypass – Sophos News The threat is malware getting into your system and stealing session cookies that are associated with the …
Collecting (stealing) credentials is a favourite pastime of threat actors – either to break into accounts directly or to add them to their credential stuffing attacks (looking for those people who reuse passwords) or just to sell on the dark web! Here they are doing it to users of the …
Continue reading “Credential theft – where the threat actors start and some advice”
Threat actors have to host their malicious login stealing pages somewhere – why not in Amazon’s cloud: Hiding a phishing attack behind the AWS cloud
