I spend a lot of time with clients, in training courses and on this blog, explaining the significance of the “zero day” issue and how every organisation (and individual) needs to have a plan to deal with it. This post from SANS Internet Storm looks at the life cycle of …
More malware on the rise – cybergangs are using new malware Bumblebee
Research has shown that cybergangs are moving on (for the time being) from BazarLoader to other malware designated Bumblebee. The researchers have timed this change to the compromise of information and operations relating to the Conti cybercriminal gang – who were key in BazarLoader. This research highlight the inevitable situation …
Continue reading “More malware on the rise – cybergangs are using new malware Bumblebee”
Zero-Days are back in the news
Zero-Days – will always be a problem and both Google and Mandiant are reporting rises in such exploitations in 2021. I have reported on this before but the point that comes out in Bruce Schneier’s piece is the numbers these research groups are reporting are detected or declared Zero-Days. What …
Zero-day security vulnerabilities exploited in 2021 – UPDATED 25 4 2022
This post was first made on 22 April 2022 I regularly write about the issues around the zero-day vulnerability and our Social Engineering and Email Cyber Security Training course aims to equip individuals and organisations to meet the challenge that the zero-day poses. Google’s Project Zero has reported on it’s …
Continue reading “Zero-day security vulnerabilities exploited in 2021 – UPDATED 25 4 2022”
When you improve your defences – the hackers change their tactics
Following up on the two articles I posted yesterday, to give you an awareness of the threat landscape, here are two articles discussing how that landscape is constantly changing. Criminals adopting new methods to bypass improved defenses • The Register Cybercriminals are finding new ways to target cloud environments | …
Continue reading “When you improve your defences – the hackers change their tactics”
