Cybersecurity Starts in the Boardroom
If the patch is not effective or worse it breaks something else whilst fixing the vulnerability. This happened to Microsoft: Microsoft fixes Windows authentication woes • The Register But you still have to run those patches and updates as an unpatched system is a target for threat actors. Better to …
Continue reading “I love patches as part of a cyber security plan – but there is a problem!”
Cyber security investigations often mean carrying out tasks that by the letter of the (US or UK) are illegal – it is the nature of the job. In the United Kingdom we have two critical pieces of legislation that a cyber security consultant could fall foul of: Computer Misuse Act …
This article was first published on 5 May 2022 Update 20 May 2022 The Indian government has moved on it’s hard line approach to incident report reporting, and some of the other provisions in their new cyber security laws – except the rules on VPNs! India slightly softens infosec incident …
Continue reading “India in the news – when is privacy not so private? UPDATED 20 May 2022”
The BlackByte “Ransomware-as-a-Service” gang and it’s affiliates have been active worldwide, despite the FBI and US Secret Service issuing a cyber security advisory about the gangs operations. No one is slowing down BlackByte ransomware gang • The Register Ransomware in more hands can only be a bad thing for our …
Continue reading “BlackByte cyber gang active despite the FBI advisory”
Wizard Spider, is the gang that is behind the malware Conti, Ryuk and Trickbot. Research by PRODAFT has examined their growth and operations over the last five years that has built an illicit corporate-like multimillion-dollar organisation. Terms like “full-service”, “it manages the entire lifecycle of a cyberattack” and “it invests …
