I am often asked how threat actors get their malicious packages past both the latest technical monitoring and a well-trained staff. The quick answer is the hackers are always looking for and changing to new attack vectors – such as this one: MalDoc in PDFs: Hiding malicious Word docs in …
The wrong way to manage security patches…
…let the UK Government scrutinise your security patches before you are allowed to publish them to your vulnerable customers! Sounds like a bad dream. Read on. Security Patches are Important Alarm surrounds a clause in the UK’s Investigatory Powers Act. According to the proposed legislation, tech firms will be mandated …
Continue reading “The wrong way to manage security patches…”
Ransomware will always be changing – so does your response
As cyber security professionals come to understand the current ransomware threat and vendors and MSPs provide services and training to deal with the threat – the threat actors will always change their tactics. Here is one of the latest – using torrents to extract data from compromised systems: Clop ransomware …
Continue reading “Ransomware will always be changing – so does your response”
Microsoft Office under attack… again…
So most organisations use Microsoft Office in some way. Even if it they do not use it, someone will email them a Word or Excel document. You cannot avoid it – even on a Mac or Linux computer. That makes it a juicy target for threat actors – there are …
A Zero-day Primer
The zero-day threat is a serious one for any vendor or organisation to deal with and you should understand how it can defeat your technical defences. Here is a three-part mini-series that takes you through the zero-day threat in a straightforward way so you can make some decisions on how …