If you crank up the Wayback Machine and load the websites of today’s biggest managed security service providers (MSSPs), you’ll get a neat reminder of a time before the huge proliferation in services that we see today. Most providers offered only a handful of services then, compared to the dozens they do now. If that…
Jack of all managed security services, or master of none? Read More »
In the wake of four young people being arrested over suspected involvement in the recent Marks & Spencer, Co-op and Harrods ransomware attacks, it is easy to rush to censure those responsible for the disruption caused. But are we being too hasty in our condemnation? In an era of ongoing skills shortages, high numbers of…
Financially motivated threat actors – including ransomware crews – remain the single biggest source of cyber threat in the world, accounting for 55% of active threat groups tracked during 2024, up two percentage points on 2023 and 7% on 2022, demonstrating that cyber crime really does, to a certain extent, pay. At least, this is…
Financially motivated cyber crime remains biggest threat source Read More »
In the wake of the abrupt termination of the Mitre contract to run CVE Programme, a group of vulnerability experts and members of Mitre’s existing CVE Board have launched a new non-profit with the intention of safeguarding the programme’s future. The CVE Foundation’s founders want to ensure the continuity, viability and stability of the 25-year-old…
CVE Foundation pledges continuity after Mitre funding cut Read More »
September 2020: An affiliate of the ransomware company REvil reveals the details of a cyber attack he carried out a few months earlier against the French company Elior. At the time, ransomware was already a significant threat, but nowhere near the scale it was about to take on. It was at this time, however, that…
Ransomware: from REvil to Black Basta, what do we know about Tramp? Read More »
By Published: 12 Jun 2024 The public cloud is a cloud computing model that enables resources such as applications, data storage, and virtual machines to be accessed remotely and on demand. While largely a benefit, it also leaves organisations open to public cloud security risks, particularly when they allow users to access on-demand services from…
How to ensure public cloud services are used safely and securely Read More »
Microsoft has learned an important lesson after having to clean up a major data leak resulting from an “overly permissive” shared access signature (SAS) token accidentally disclosed by one of its employees. The incident took place in June 2023, when a Microsoft researcher shared a URL for an Azure Blob store in a public GitHub repository…
38TB Microsoft data leak highlights risks of oversharing Read More »
