This post was originally made on 2 March 2022. It will be updated as the Russian Ukraine Conflict develops and will highlight the cyber security issues facing organisations and individuals at this time. The National Cyber Security Centre (NCSC) is advising all UK organisations to review and improve their cyber …
Windows Calculator as an attack vector
Threat actors have to find a way to get their malware onto your systems – phishing emails is an obvious method – Qakbot malware is the next step. This malware also known as Qbot, has been found to be to be intermediate software used by threat actors to infect victim’s …
It all starts with a phishing email
In most of our business cyber security training and work, we eventually get to the question of how cyber security defences are breached – and most often the answer is, using email. Even the biggest cyber criminal gangs attacking the highest profile targets, just use email. North Korean hackers attack …
Zero-Days are back in the news
Zero-Days – will always be a problem and both Google and Mandiant are reporting rises in such exploitations in 2021. I have reported on this before but the point that comes out in Bruce Schneier’s piece is the numbers these research groups are reporting are detected or declared Zero-Days. What …
Zero-day security vulnerabilities exploited in 2021 – UPDATED 25 4 2022
This post was first made on 22 April 2022 I regularly write about the issues around the zero-day vulnerability and our Social Engineering and Email Cyber Security Training course aims to equip individuals and organisations to meet the challenge that the zero-day poses. Google’s Project Zero has reported on it’s …
Continue reading “Zero-day security vulnerabilities exploited in 2021 – UPDATED 25 4 2022”