A new ransomware group dubbed Royal that formed earlier this year has significantly ramped up its operations over the past few months and developed its own custom ransomware program that allows attackers to perform flexible and fast file encryption. “The Royal ransomware group emerged in early 2022 and has gained momentum since the middle of the year,” researchers from security firm Cybereason said in a new report. “Its ransomware, which the group deploys through different TTPs, has impacted multiple organizations across the globe. The group itself is suspected of consisting of former members of other ransomware groups, based on similarities researchers have observed between Royal ransomware and other ransomware operators.”

To read this article in full, please click here

Read More

Interesting discussion of vulnerabilities and exploits against Boston’s CharlieCard.

Read More

Free OSV-Scanner searches transitive dependencies

Read More

In a world before smartphones, social media, and hybrid workplaces, an acceptable use policy was a lot easier to write—and to enforce. These days, it’s a lot more complicated. Work can take place almost anywhere, on any number of devices. An employee can accept a job and then never physically set foot in the office, working from home (or the Caribbean) on their personal laptop. That’s why an acceptable use policy, or AUP, is more critical than ever—not just to protect the organization, but to protect employees as well.

What is an acceptable use policy?

From an IT perspective, an AUP outlines the acceptable use of corporate data, devices, and networks. In a hybrid workplace, that policy should also include terms and conditions for working on personal devices or home networks. And it should include guests, gig workers, contractors, and other non-employees who use company systems and networks.

To read this article in full, please click here

Read More

FCA warns of pressure tactics as cost of living bites

Read More

Close to 50 CVEs addressed this month

Read More