-
Ransom Cartel Linked to Russia-Based REvil Ransomware Group
PRIVACY PRIVACY The collection became increasingly clear through the tools used by both threat actors Read More
-
Fine for Shein! Fashion site hit with $1.9 million bill after lying about data breach
PRIVACY PRIVACY The parent company of women’s fashion site Shein has been fined $1.9 million after being accused of lying about the extent of data breach, and notifying “only a fraction” of affected customers. Read more in my article on the Hot for Security blog. Read More
-
CIS-CAT Pro is Now Even Better! Here’s How We’ve Improved It
PRIVACY PRIVACY We’re retiring CIS-CAT Pro Dashboard v2.x and releasing CIS-CAT Pro Dashboard v3.x, which will embed CIS-CAT Pro Assessor v4 Service.[…] Read More
-
Kolide, endpoint security for teams that want to meet SOC 2 compliance goals without sacrificing privacy
PRIVACY PRIVACY Graham Cluley Security News is sponsored this week by the folks at Kolide. Thanks to the great team there for their support! In 2021, our company went through the SOC 2 Type 1 audit, and we found out just how challenging it can be to prove compliance to a third-party auditor. We also…
-
Stories from the SOC: Feeling so foolish – SocGholish drive by compromise
PRIVACY PRIVACY Executive summary: SocGholish, also known as FakeUpdate, is a JavaScript framework leveraged in social engineering drive by compromises that has been a thorn in cybersecurity professionals’ and organizations’ sides for at least 5 years now. Upon visiting a compromised website, users are redirected to a page for a browser update and a zip…
-
Spanish Police Bust Region’s “Biggest Narco Bank”
PRIVACY PRIVACY Underground organization said to have laundered €300m annually Read More
-
Hackney Council Ransomware Attack Cost £12m+
PRIVACY PRIVACY Local government’s travails highlight devastating impact of breaches Read More
-
Top skill-building resources and advice for CISOs
PRIVACY PRIVACY The role of the CISO has evolved, and so have the responsibilities. Some believe a CISO must have technical knowledge and experience as a cybersecurity professional, others think leadership skills such as being able to communicate with boards are what matters most. Ultimately, the hiring organisations will define what it needs in terms…
-
Global Cops Arrest Dozens Linked to Financial Crime Gang
PRIVACY PRIVACY Black Axe syndicate responsible for multimillion-dollar losses Read More
-
True Security Requires a Holistic Approach
PRIVACY PRIVACY In the eyes of hackers, scammers, and thieves, your online privacy and identity look like a giant jigsaw puzzle. One that they don’t need every piece to solve. They only need a few bits to do their dirty work, which means protecting every piece you put out there—a sort of holistic view on…