You are here
Home > Author: Peter Glock

NIS Directive: Who are the Operators of Essential Services (OES)?

Work for a bank or ISP? Systems going down because of attacks, or negligence, or both? Congratulations, NIS applies to you...: The NIS Directive does not define explicitly which entities are to be considered as OES under its scope. Instead, it provides criteria that Member States need to apply in order to carry out an identification process to determine which enterprises will be considered operators of essential services and therefore subject to the obligations under the Dir

Mitsubishi Electric reports cyber-attack

6 months ago!...: Mitsubishi Electric says it suffered a cyber-attack last year that may have compromised personal and corporate data. The company is engaged in businesses ranging from household appliances to communications, space and defense. The electronics giant says the hacking came to light after an in-house terminal showed suspicious movements last June. The company did not identify any suspects for the unauthorized access. Mitsubishi says it confirmed there was

New Attack Campaigns Suggest Emotet Threat Is Far From Over

There's life in the old dog yet...: Cisco Talos on Thursday reported seeing increased Emotet activity targeting US military domains and domains belonging to state and federal governments. According to the vendor, the operators of Emotet appear to have successfully compromised accounts of one or more people working for or with the US government and sent out spam emails containing the malware to their contacts. The result was a rapid increase in the volume of messages conta

Zero Trust Trends to Watch Out For in 2020

A lot of the companies I work for are startups where remote working is the norm and some don't even have any physical office or 'network'. Zero trust is the norm. To me there's no such thing as a trusted network. All communication paths should be encrypted, all app access should be authenticated, all endpoints should be validated. It's completely different when I'm consulting with corporate clients where VPNs, flat intranets and unencrypted connections abound. Given the in...

Bad news: Windows security cert SNAFU exploits are all over the web now. Also bad: Citrix …

I've seen some great exploits published over the past few hours but, just a reminder, they sky is not falling in just yet...: [...] One proof-of-concept code sample available to all is a tiny package of just 50-or-so lines of Python. Despite the ease with which the exploit is able to do its work, the author, Yolan Romailler at Swiss security shop Kudelski, said people shouldn't panic over the network traffic eavesdropping aspect of CVE-2020-0601: a snoop has to be able to in

Critical Cisco Flaws Now Have PoC Exploit

If you're a network admin, I suspect I might know what you're doing this weekend...: Proof-of-concept exploit code has been published for critical flaws impacting the Cisco Data Center Network Manager (DCNM) tool for managing network platforms and switches. The three critical vulnerabilities in question (CVE-2019-15975, CVE-2019-15976, CVE-2019-15977) impact DCNM, a platform for managing Cisco data centers that run Cisco’s NX-OS — the network operating system used by Cisc

Spy probe shakes up Brussels lobbying culture

Just a reminder that 'old-fashioned' espionage still goes on...: News of an investigation into a former senior EU diplomat suspected of spying for China is sending shockwaves through Brussels’ closely interlinked circles of lobbyists, officials and politicians. While no one has been charged in the probe in Germany and Belgium, officials and lobbyists in the EU capital are already discussing the potential impact of the bombshell revelation that an EU veteran employed by a

Companies Hit By Iranian Cyberattacks May Not Have Insurance Coverage

Good advice...: [...] So here are a few tips for entities purchasing cyber insurance if they really want to make sure that they have the coverage that they think they have. First, negotiate the removal of the exclusion. I’m not sure that an “act of war” exclusion applies to DDoS, ransomware or other kinds of cyberattacks as a matter of public policy. In fact, it is precisely these kinds of attacks that the insured is buying insurance to cover. Second, if the insurer wo

Google Lets iPhone Users Turn Device into Security Key

I've been using my iPhone as a security device with several providers, but each requires a separate app or an enrolment to something like Google Authenticator. This development should help widespread adoption, as long as you have some trust in Google...: Google today announced updates to its Advanced Protection Program (APP), including the option for Apple iPhone users to use their smartphone as a security key instead of buying a separate physical key. It's also bringing e...

How to identify, avoid and recover from a phishing attack

This is clear advice on phishing from Australian telco Telstra...: [...] According to ACSC, the best way to prevent phishing scams in the workplace is to “educate employees at all levels”. This includes instructing people to not click on links or open attachments on their work phone or computer, or through their work email, that have come from unknown parties. If you’re unclear about how legitimate an email, text or phone call is, play it safe and simply delete or ignore