On Friday 19 July 2024, the UK awoke to news of a fast-spreading IT outage, seemingly global in its nature, affecting hundreds – if not thousands – of organisations. The disruption began in the early hours of Friday morning in Australia, before spreading quickly across Asia, Europe and the Americas, with the travel industry among…
CrowdStrike update chaos explained: What you need to know Read More »
Hamas hacked into video streams from private security cameras in Israeli homes to gather intelligence before fighters descended on Israeli settlements near the Gaza strip on 7 October 2023, according to the Israel National Cyber Directorate (INCD). For Gaby Portnoy, director general of the INCD, the hacking was no surprise: “But it went deeper than…
Lessons from war: How Israel is fighting Iranian state-backed hacking Read More »
The China-backed advanced persistent threat (APT) actor tracked as APT40 has been busy evolving its playbook and has recently been observed actively targeting new victims by exploiting vulnerabilities in small office and home office (SoHo) networking devices as a staging post for command and control (C2) activity during their attacks This is according to an…
Chinese spies target vulnerable home office kit to run cyber attacks Read More »
Some of the most prominent malware-dropping botnets in operation today, including Bumblebee, IcedID, Pikabot, Smokeloader, SystemBC and Trickbot, have been disrupted in a coordinated law enforcement action orchestrated through the European Union’s (EU’s) Europol agency. Operation Endgame, which enlisted the support of both the UK’s National Crime Agency (NCA) and the US’s FBI, as well…
In what is turning into a tumultuous period for the cyber criminal underground, the ALPHV/BlackCat ransomware crew has turned off its server infrastructure in an apparently self-imposed takedown, amid allegations that the group’s ringleaders had stolen millions of dollars from an affiliate that recently attacked an American healthcare services provider. The takedown at first appeared…
ALPHV/BlackCat gang vanishes amid ransomware ‘turmoil’ Read More »
Nation states have been identified shopping on Russian cyber crime forums for malware they can use to wipe computers of data in hostile hacking attacks. Russian-speaking hacking forums, including Exploit and XSS, run black markets in tools and services used by cyber criminals intent on making money by hacking computer systems and stealing data. According…
Nation states buying hacking tools from underground Russian cyber forums Read More »
The age of malware-driven cyber attacks has peaked, at least when it comes to incidents affecting small and medium-sized enterprises (SMEs), where over half (56%) of attacks observed in the third quarter were “malware-free”, meaning adversaries leveraged scripting frameworks and legitimate tools instead of deploying malware payloads. This is according to a quarterly SME threat…
Over half of SME cyber incidents now ‘malware-free’ Read More »
Automotive industry leaders are struggling with competing cyber risk and security priorities, and as such, many are increasingly concerned that their organisations will be unprepared for new, United Nations (UN)-backed vehicle safety regulations that come into force next year, leaving drivers exposed to unacceptable security risks. The United Nations Economic Commission for Europe World Forum…
As vehicle safety regulations loom, carmakers fret over cyber risks Read More »
A threat actor tracked in Microsoft’s taxonomy as Storm-0324 has been observed switching up its tactics to incorporate social engineering phishing attacks conducted via Microsoft Teams, Redmond has revealed. Storm-0324, a so-called initial access broker (IAB), is linked to several prolific and dangerous ransomware operations, including some known to have deployed the Clop, Gandcrab, Maze…
UK business leaders are far less concerned about the risk of a material cyber attack on their organisation than they were this time last year, according to data compiled by Proofpoint, which suggests a growing sense of alignment between security leaders and boardrooms. In a study published last week, Cybersecurity: The 2023 board perspective report,…
UK boardrooms and CISOs increasingly aligned on cyber risks Read More »
