I am often asked how threat actors get their malicious packages past both the latest technical monitoring and a well-trained staff. The quick answer is the hackers are always looking for and changing to new attack vectors – such as this one: MalDoc in PDFs: Hiding malicious Word docs in …
The wrong way to manage security patches…
…let the UK Government scrutinise your security patches before you are allowed to publish them to your vulnerable customers! Sounds like a bad dream. Read on. Security Patches are Important Alarm surrounds a clause in the UK’s Investigatory Powers Act. According to the proposed legislation, tech firms will be mandated …
Continue reading “The wrong way to manage security patches…”
A Zero-day Primer
The zero-day threat is a serious one for any vendor or organisation to deal with and you should understand how it can defeat your technical defences. Here is a three-part mini-series that takes you through the zero-day threat in a straightforward way so you can make some decisions on how …
Where am I today?
Edinburgh Napier University at The 6th International Conference on Big Data, Cybersecurity & Critical Infrastructure – not the snappiest of titles but it should be a good day. With the launch of our Security Operations Centre coming up I am particularly interested in the session that covers how a SOC …
