Resources

Blog

Snap Map Feature Stirs Privacy Concerns among Parents and Schools

Snapchat's new Snap Map location-sharing feature is stirring concerns among parents and schools for the privacy and safety of their children. Launched on 21 June 2017, Snap Map allows Snapchat users to view publicly shared "Snaps" (photos and videos) from around the world. They can also use it to share their exact location with their "friends". The...
Blog

Why Small Businesses Don’t Care About Cyber Security

With millions of small businesses out there, why don’t they care about cyber security? You may be reading this and own a small business or know someone that does. Think to yourself: why would small businesses not care about cyber security? You may find that it is not a problem of caring but a problem of understanding. Let’s take a look at some of...
Blog

June 2017: The Month in Ransomware

When it seemed that ransomware authors hit the lowest of the low with their attacks a long time ago, they managed to take it a notch further last month. With the revamped Petya Trojan that surfaced on June 27, the crooks broke new ground and started waging a real cyber war against a particular country. This toxic code renders computers inoperable,...
Blog

Servers of MeDoc Maker Seized by Police Following NotPetya Outbreak

Ukrainian police have seized the servers of the firm that created MeDoc accounting software on the suspicion the company unwittingly helped spread NotPetya malware. Col. Serhiy Demydiuk, head of Cyberpolice Ukraine, confirmed on 3 July 2017 that Intellect Service is under investigation. The officer said Ukraine's police is looking into the company...
Blog

Cyber Security Heroes: Dr. Jessica Barker

They say you should never meet your heroes, often they will just disappoint you, but thankfully there’s also exceptions to this rule. In this five-part series, I will be introducing you to five of my key cyber security/infosec heroes. These individuals inspire me to continuously strive for more, in one case move across the pond, and all five gave...
Blog

Email Server Vulnerability and Anti-Spam Protection Techniques

The role of cyber security in modern business is hard to overstate. Almost all business processes are automated to a degree and thus need to be thoroughly protected from any potential tampering. Vendors use anti-malware and anti-reverse engineering techniques to protect their products, but they can’t possibly weed out every vulnerability. One...
Blog

No One Cares About Digital Security... Until it Breaks

I'm sure that everyone out there identifies with the title of this article in some way. We've all faced an issue where we were trying to get the attention of someone outside of the security field, so that they would pay attention to some sort of digital security issue. Basically, they were outside of the digital security field and decided not to...
Blog

Blank Slate Delivering Ransomware via Microsoft-Themed Malspam

The Blank Slate attack campaign is pushing out one of two ransomware to unsuspecting Windows users via Microsoft-themed malspam. An attack begins when a user receives a malicious spam ("malspam") email message. As in previous instances of Blank Slate, the email's subject line doesn't give away the attack. It incorporates seemingly random numbers and...
Blog

How to Choose a WordPress Security Plugin that’s Right for You

There are currently 50,416 plugins available in the WordPress repository. Out of these, roughly seven percent are security-based plugins. At the same time, when you search Google for "WordPress security plugin," 14,600,000 results come up. How can you choose a plugin from all these options? To answer that question, it's important to understand what...
Blog

8tracks Hacked: 18 Million User Account Details Stolen

There's bad news for internet music fans, as it has been revealed that the details of millions of users of the 8tracks internet radio service and music social network have been stolen by hackers. In a message posted on its corporate blog, 8tracks confirms it has suffered a security breach: "We received credible reports today that a copy of our user...
Blog

NotPetya: Timeline of a Ransomworm

On June 27, 2017, a digital attack campaign struck banks, airports and power companies in Ukraine, Russia and parts of Europe. Security experts who analyzed the attack determined its behavior was consistent with a form of ransomware called Petya. They also observed the campaign was using a familiar exploit to spread to vulnerable machines. Let's...
Blog

The CISO Challenge

Security concerns at firms continue to increase. It’s estimated that the cost of a single data breach is $4 million. Analysts estimate that cyber security attacks have caused the value of shares of publicly traded companies to drop by over $52 billion. The losses incurred by firms are only going into grow. Increasingly, bad actors are focusing on...
Blog

Ransomware: Building Cyber Resilience

In our first article, we defined a ransomware attack and its impact on non-profit organisations, and we made some recommendations for preventing such attacks. In this article, we look at ransomware in more depth to provide a better understanding of how to build cyber resilience. There is a growing threat to cyber-security in various dimensions but...
Blog

How To Protect Yourself Against Petya Ransomware

The latest attack the world has seen recently is a variant of the Petya ransomware virus. As of this writing, it appears a new variant of Petya has been released with EternalBlue exploit code built in, which WannaCry utilised to propagate around organisations. Unlike WannaCry, Petya is a different kind of ransomware. Common delivery methods are via...
Blog

Petya Ransomware Outbreak Hits Ukraine, Russia, and Europe

A new variant of Petya ransomware has reportedly struck banks, airports, and power utilities in an apparent outbreak affecting Ukraine, Russia, and parts of Europe. Ukraine's national bank, state power company, and airport appear to have been some of the attack campaign's first victims. In a statement, the National Bank of Ukraine attributed the...
Blog

Windows XP Spotted Running Aboard Royal Navy Aircraft Carrier

A new aircraft carrier built for the Royal Navy appears to be running the outdated 2001 Windows XP operating system on at least some of its machines. During a tour of the £3.5 billion HMS Queen Elizabeth, someone reportedly spotted a screen inside the aircraft carrier's control room running Windows XP. Microsoft hasn't supported this operating...
Blog

Book Review: Ghost in The Wires – Kevin Mitnick

While attending the RSA show in February, I met Kevin (@KevinMitnick) and obtained a copy of The Art of Invisibility, which I immediately read. Due to the great many references to Kevin’s past, I thought it would be informative and worthwhile to read Ghost in the Wires. It’s also listed on the Tripwire 10 must-read books for information security...