Cybersecurity Starts in the Boardroom
These two articles from Bleeping Computer shows the wide range of cyber security issues an organisation has to be aware of and take action about. One is the traditional malware getting into your systems and stealing sensitive information which it then sends out to the threat actors, to be used …
Continue reading “Two very different hacking campaigns in the wild now”
The first is that threat actors have compromised a media company and are using its infrastructure to distribute malware: Hundreds of U.S. news sites push malware in supply-chain attack (bleepingcomputer.com) The company has not yet been named but the attack has impacted to many hundreds of news sites. The second …
Continue reading “A couple of stories about supply chain compromise”
This original post was made on 23 August 2022 Update 21 October 2022 There has been another “mis-configuration story this week – Microsoft exposed thousands of client records when they mis-configured a server. Following a report in the summer of patient information leaking from a health care company because of …
Yesterday CyberAwake published my article looking at how snippets of information can leak out of a company and aid a threat actor:
Google’s Tag Manager (GTM) is a system for managing HTML and Javascript analytic tags on website, especially ecommerce sites. A report by The Recorded Future has found that threat actors have been installing malicious e-skimmers scripts that can steal customer card data and other personally identifiable information exploiting GTM. Google …
