Blog

Blog

A Simplified Overview of the MITRE ATT&CK Framework

In the world of cybersecurity, have you ever wondered about the inner workings of threat actors as they attempt to breach systems, their methods, tactics, and strategies, and how they seamlessly converge to execute a successful attack? It's not merely about initiating an attack but also the strategies they utilize to remain concealed within the...
Blog

CherryBlos, the malware that steals cryptocurrency via your photos - what you need to know

What's the deal with CherryBlos? CherryBlos is a rather interesting family of Android malware that can plunder your cryptocurrency accounts - with a little help from your photos. Wait. I've heard of hackers stealing photos before, but what do you mean by malware stealing cryptocurrency via my photos? How does it do that? Well, imagine you have...
Blog

Some Financial Institutions Must Report Breaches in 30 Days

The heat has just been turned up for companies hoping to “hide out” a data breach. Announced October 27th, all non-banking financial institutions are now required to report data breach incidents within 30 days. The amendment to the Safeguards Rule was made by the U.S. Federal Trade Commission (FTC). It will go into effect 180 days after publication...
Blog

Key Highlights from the 2023 UK Cyber Crime Landscape

It’s 2023, and the landscape of cybercrime in the United Kingdom is evolving unprecedentedly. This year's cyber threat landscape is shaped by many factors, from the continuing effects of the global pandemic to the ever-expanding digital footprint of individuals and organizations. In this article, we delve into the key cybercrime statistics for 2023,...
Blog

Looking Ahead: Highlights from ENISA's Foresight 2030 Report

One of the most important factors in the technology and cybersecurity industries is the inevitable presence of constant change. Technology, business, and industry are always evolving, while cybercriminals are always searching for new and innovative ways to attack. While there is no surefire way to account for future developments, some professionals...
Blog

What We Learned From "The Cyber-Resilient CEO" Report

In today's digital landscape, cybersecurity is not just a technical concern; it's a strategic imperative. As we delve into the insights from a recent report from Accenture titled "The Cyber-Resilient CEO," we'll uncover CEOs' critical role in safeguarding their organizations against cyber threats. Discover how a select group of leaders navigates the...
Blog

What is Classiscam Scam-as-a-Service?

"The 'Classiscam' scam-as-a-service operation has broadened its reach worldwide, targeting many more brands, countries, and industries, causing more significant financial damage than before,” touts Bleeping Computer. So just what is it? What is Classiscam? It’s a bird. It’s a plane. It’s - a pyramid? Classiscam is an enterprising criminal...
Blog

Tripwire Patch Priority Index for October 2023

Tripwire's October 2023 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. First on the patch priority is a patch for Microsoft Edge (Chromium-based) that resolves a type confusion vulnerability. Next on the patch priority list this month are patches for Microsoft Office that resolve 3 elevation of privilege...
Blog

Simple Reminders to Conclude Cybersecurity Awareness Month

2023 marked the 20th Cybersecurity Awareness Month which was founded as a collaboration between government and the private industry to raise awareness about digital security and empower everyone to protect their personal data from digital forms of crime. While most of the cybersecurity news articles are about massive data breaches and...
Blog

Massive Surge in Security Breaches of Pensions Prompt Questions

A recent report from RPC has revealed that cybersecurity breaches in UK pension schemes increased by 4,000% from 2021/22 to 2022/23. Understandably, the announcement has raised serious concerns about the efficacy of financial service organization’s cybersecurity programmes. Although the reasons for cyberattacks on financial services are fairly...
Blog

A Scary Story of Group Policy Gone Wrong: Accidental Misconfigurations

In the world of cybersecurity, insider threats remain a potent and often underestimated danger. These threats can emanate not only from malicious actors within an organization but also from well-intentioned employees who inadvertently compromise security with a mis-click or other unwitting action. Having spent many years in system administrator-type...
Blog

Phony Corsair job vacancy targets LinkedIn users with DarkGate malware

Job hunters should be on their guard. Researchers at security firm WithSecure have described how fake job opportunities are being posted on LinkedIn with the intent of spreading malware. A Vietnamese cybercrime gang is being blamed for a malware campaign that has seen bogus adverts posted on LinkedIn, pretending to be related to jobs at computer...
Blog

What you should know about VPN audits

The main reasons internet users choose to use a virtual private network (VPN) are to protect their online identity and bypass geo-restrictions. Cybercrime is on the rise and is expected to grow each year – the largest breach of 2023 so far occurred on Twitter. For those who reside in countries where internet freedom is lacking, a VPN is necessary to...
Blog

Security in the Property Industry: Challenges and How to Avoid Attacks

In recent years, there has been a major ongoing trend toward more digital infrastructure and an increased dependence on technology across a wide variety of sectors. In the property industry, this has manifested heavily in the growth of the property technology (PropTech) market. These developments have had a serious impact on the sector, enabling...
Blog

Cyber Insurance Report: Breach Frequency Down, Breach Severity Up

The past half-decade has been a particularly tumultuous one for cybersecurity. It has borne witness to some of the most damaging attacks in history, unprecedentedly high data breach rates, and a staggering number of emerging threat groups. However, a new report from cyber insurance provider Coalition suggests that things are beginning to stabilize. ...
Blog

Blockchain Security: Understanding vulnerabilities and mitigating risks

In recent years, blockchain technology has garnered significant attention thanks to its remarkable tamper-proof features and robust security. It is also expected that the blockchain technology market will exceed 1.2 billion US dollars by 2030, with an annual growth rate of 82.8 percent. However, recent headlines have exposed numerous...
Blog

Ex-Navy IT manager jailed for selling people's data on the dark web

A former US Navy IT manager has been sentenced to five years and five months in prison after illegally hacking a database containing personally identifiable information (PII) and selling it on the dark web. 32-year-old Marquis Cooper, of Selma, California, was a chief petty officer in the US Navy's Seventh Fleet when he opened an account in August...
Blog

Plastic surgeries warned by the FBI that they are being targeted by cybercriminals

Plastic surgeries across the United States have been issued a warning that they are being targeted by cybercriminals in plots designed to steal sensitive data including patients' medical records and photographs that will be later used for extortion. The warning, which was issued by the FBI yesterday and is directed towards plastic surgery offices...