-
Iranian cyberspies use multi-persona impersonation in phishing threads
PRIVACY PRIVACY One of the most prolific state-sponsored Iranian cyber espionage groups is targeting researchers from different fields by setting up sophisticated spear-phishing lures in which they use multiple fake personas inside the same email thread for increased credibility. Security firm Proofpoint tracks the group as TA453, but it overlaps with activity that other companies…
-
ISACs’ Possible Role in Software Supply Chain Assurance
PRIVACY PRIVACY Currently, there are two main roles that ISACs can serve in the software supply chain assurance process. Let’s examine both. Read More
-
Weird Fallout from Peiter Zatko’s Twitter Whistleblowing
PRIVACY PRIVACY People are trying to dig up dirt on Peiter Zatko, better known as Mudge. For the record, I have not been contacted. I’m not sure if I should feel slighted. Read More
-
Patch now! Microsoft issues critical security updates as PCs attacked through zero-day flaw
PRIVACY PRIVACY Windows users are once again being told to update their systems with the latest security patches from Microsoft, following the discovery of critical vulnerabilities – including ones which are already being exploited in the wild, or could be used to fuel a fast-spreading worm. Read more in my article on the Hot for…
-
8 blockchain security issues you are likely to encounter
PRIVACY PRIVACY This blog was written by an independent guest blogger. Blockchain technology has grown up in popularity in recent years. Excluding its initial application in cryptocurrency, it’s currently getting used in property, healthcare, smart contracts and many other fields. The technology collects and stores information in groupings referred to as “blocks” and every block…
-
Four-Fifths of Firms Hit by Critical Cloud Security Incident
PRIVACY PRIVACY Data leaks, breaches and intrusions caused headaches over past year Read More
-
Recommended security resources for Microsoft Active Directory
PRIVACY PRIVACY Many firms are still firmly in an Active Directory (AD) world. They may have moved some applications to the cloud, but key line-of-business applications still use AD. Do you remember the last time you reviewed your Active Directory security posture? Microsoft has not kept up to date with its Best practices for Securing…
-
DDoS Attacks on UK Firms Surge During Ukraine War
PRIVACY PRIVACY Overall incidents fell in H1 2022, according to FOI data Read More
-
Microsoft Fixes Two Zero-Days This Patch Tuesday
PRIVACY PRIVACY Redmond passes 1000 CVEs for the year already Read More
-
Wormable Flaw, 0days Lead Sept. 2022 Patch Tuesday
PRIVACY PRIVACY This month’s Patch Tuesday offers a little something for everyone, including security updates for a zero-day flaw in Microsoft Windows that is under active attack, and another Windows weakness experts say could be used to power a fast-spreading computer worm. Also, Apple has also quashed a pair of zero-day bugs affecting certain macOS…