Ciaran Martin founded the UK’s National Cyber Security Centre (NCSC) and served as its first CEO from 2013 to 2020. He is a distinguished former civil servant who has worked directly with five prime ministers and a variety of senior ministers across three political parties, and has held senior positions at HM Treasury and the…
Ciaran Martin: AI might disturb attacker-defender security balance Read More »
Foreign diplomatic missions and non-governmental organisations (NGOs) in Ukraine are failing to adequately safeguard staffers from basic phishing attacks, putting government personnel and national security at extreme risk, according to research looking into a repeating campaign that uses virtually identical lures, unchanged from previous years. Last year, Palo Alto Networks’ Unit 42 research team reported…
Russia’s luxury car phish continues to prove effective Read More »
Over the first seven-and-a-half months of 2024, the number of newly-disclosed common vulnerabilities and exposures (CVEs) soared 30% year-on-year from 17,114 to 22,254, according to data published by Qualys researchers. However, out of this huge number of flaws, barely a hundredth – 204 or 0.9% – were weaponised by threat actors, said Qualys, the majority…
2024 seeing more CVEs than ever before, but few are weaponised Read More »
The US Cyber Safety Review Board (CSRB) is to conduce a review of cloud cyber security, focusing on what government bodies, industry and cloud service providers need to do better to strengthen identity management and authentication in the cloud. The probe comes in the wake of the July 2023 Microsoft Exchange Online incident, which will…
US Cyber Board to probe cloud security after latest Exchange hack Read More »
A new campaign of social engineering activity targeting organisations of interest to Russian intelligence has been observed in the wild, in which already-compromised Microsoft 365 tenants owned by legitimate small businesses are being used to ensnare victims through bogus Microsoft Teams messages. The activity is attributed to the advanced persistent threat (APT) group most popularly…
Cozy Bear hijacks SME Microsoft 365 tenants in latest campaign Read More »
Users of Ivanti’s Endpoint Manager Mobile (EPMM) mobile device management (MDM) platform have been warned to act now to patch two vulnerabilities – one of them a zero-day – that have been chained by a threat actor in a series of cyber attacks on the Norwegian government. The attack on government bodies in Norway unfolded…
Ivanti MDM users told to patch against two dangerous flaws Read More »
Earlier in July, Meta, the parent company of Facebook, announced the availability of Llama 2, which will be made available in the Microsoft Azure AI model catalogue, as well as AWS. Meta describes Llama 2 as “the next generation” of its open source large language model. But while it is free for research and commercial…
Some of the world’s largest suppliers of networking technology have joined together with the Center for Cybersecurity Policy and Law, a Washington DC-based non-profit, to form an industry alliance focused on aligning technology providers, cyber security experts and non-profits to help solve some of the most pressing cyber security problems affecting data and networks today.…
Cisco, BT and others launch network security coalition Read More »
