Threat actors have been taking advantage of an exploited set of Microsoft credentials to embed ransomware attacks into signed drivers: Microsoft-signed malicious Windows drivers used in ransomware attacks (bleepingcomputer.com) And LockBit got through the cyber security defences of California’s Department of Finance: LockBit claims attack on California’s Department of Finance …
Sometimes a cyber incident is not a cyber attack and what you can do to stop it.
The loss of control of your information and it getting into the public domain is not always a cyber attack – many times it is simply a mistake by your team. It has happened to the Australian telecommunications company Telstra: Telstra sorry for publishing up to 130,000 customers’ details online …
Continue reading “Sometimes a cyber incident is not a cyber attack and what you can do to stop it.”
Vulnerable and malicious Android apps
There have been several stories this week highlighting issues with Android apps: Compromised Android keys used to sign info-stealing malware • The Register Android malware apps with 2 million installs spotted on Google Play (bleepingcomputer.com) New ‘Zombinder’ platform binds Android malware with legitimate apps (bleepingcomputer.com) I have written about the …
Cyber Security advice for hybrid working over the holidays
Threat actors are very aware that over the holidays more people will be working from home – I know our team will be. With this new target audience available everyone can expect the hackers to step up the phishing and social engineering attacks and be looking around for that useful …
Continue reading “Cyber Security advice for hybrid working over the holidays”
Hosted Exchange supplier hit by cyber incident. Do you have a plan if your email service goes down? UPDATED
It is ransomware: Rackspace confirms outage was caused by ransomware attack (bleepingcomputer.com) Rackspace has now confirmed that the outage of Exchange email services for its clients is being caused by a ransomware infection inside their systems – but they refer to this as “isolated disruption”. Which I think is a …
