I have published a lot on the log4j and log4shell exploits and vulnerability. CISA issued a special warning about the long term impact of the issue: CISA advisory for continued exploitation of Log4Shell in VMware Horizon Systems – Smart Thinking Solutions Here is another real world example of the exploitation …
New ransomware article on CyberAwake
Before heading out of the office on leave, I wrote an article looking at “pay” or “not pay” the ransom:
The money involved in ransomware
Research has shown that payments to threat actors, demanded by ransomware, has dropped, but the double action of stealing the data and threatening exposure and encrypting that data at source is increasing: Ransom payments fall as fewer victims choose to pay hackers (bleepingcomputer.com) This next story wasn’t really surprising, that …
Advice from the National Cyber Security Centre and the UK Government – actions to take when the cybersecurity risk is high (Russia Ukraine Conflict) – UPDATED 2 May 2023
This post was originally made on 2 March 2022. It will be updated as the Russian Ukraine Conflict develops and will highlight the cyber security issues facing organisations and individuals at this time. The National Cyber Security Centre (NCSC) is advising all UK organisations to review and improve their cyber …
LockBit and the Italian Revenue Agency
The prolific cyber criminal gang, LockBit, have released screens shots apparently showing that they have stolen 100GB of data from the Agenzia delle Entrate, or the Italian Government Tax Department. At the moment only a small sample of the data has been made public by LockBit, to convince the Italian …