You are here
Home > Be Aware

Hospital patient dies following botched ransomware attack

During WannaCry I'm sure there were UK deaths that could have been attributed to the shutdown of NHS systems. This case in Germany is the first time I've seen a direct causal link potentially being made...: When a ransomware attack knocked out systems at a major hospital in Düsseldorf, Germany, there were tragic consequences.

U.K. warns of surge in ransomware threats against education sector

It seems that the bad guys have also been taking notice of 'Back to School' and 'Freshers Week' signs everywhere...: The U.K. National Cyber Security Centre (NCSC), has issued an alert about a surge in ransomware incidents targeting educational institutions, urging them to follow the recently updated recommendations for mitigating malware attacks. [...]

Cyber Risk In A New Era: Remedy First, Prevent Second

I like this analysis. I'd add in a 'mindfulness' statement so that organisations are aware of the threats before they attempt risk management...: Cybersecurity is a key risk that S&P Global Ratings embeds, as relevant, in its overall assessment of an entity's creditworthiness. The increasing frequency of attacks and the potential for rapid deterioration in credit profiles after an attack are risk factors that are relevant for our rating assessments now. Leade...

New MrbMiner malware has infected thousands of MSSQL databases

Time to take a look for these Indicators of Compromise (IoCs) in any instances of MSSQL you might be running...: [...] In a report published earlier this month, Tencent Security has named this new malware gang MrbMiner, after one of the domains used by the group to host their malware. The Chinese company says the botnet has exclusively spread by scanning the internet for MSSQL servers and then performing brute-force attacks by repeatedly trying the admin account with vari

How security theater misses critical gaps in attack surface and what to do about it

The classic 'security theatre' (yes, UK spelling) you can see any day at an airport near you. Most of what you see makes little difference to your safety but is designed to reassure travellers. I've had discussions with CISOs that want tools that show how 'compliant' they are in reports to the board. I've come at the problem in terms of IT asset management, particularly discovery of unknown or misconfigured assets, they've often been looking instead for platforms that measure...

How a CISO’s Approach to Security Strategy Can Be Shaped By Philosophy

This is one of those "Hmm, made me think" articles. I drew the conclusion that I'm probably an Epicurean when it comes to my personal life but a Stoic when it comes to my professional approach to cyber risk...: [...] To effectively manage cybersecurity risk, we can draw inspiration from the famous Stoic philosopher and slave Epictetus, who believed the greatest goal in life was to “identify and separate matters so that I can say clearly to myself which are externals not unde

Attacked by ransomware? Five steps to recovery

"Don't start from here" is the kind of advice you'll receive when undergoing a ransomware attack. There are some things you should do now as part of best practise. One thing that I'd add here is to make a distinction between backups (which change) and archives (which don't). Keep both...: [...] Given the rising number of ransomware attacks targeting businesses, the consequences of not having a secure backup and detection system in place could be catastrophic to your business

Magento online stores hacked in largest campaign to date

My business maintains a few 'legacy' Magento-based sites that no longer take payments but are needed for historic data. We see multiple attacks every day. This seems to be a significant ramp-up though. Time to check your site for patch status and any nasties...: More than 2,000 Magento online stores have been hacked over the weekend in what security researchers have described as the "largest campaign ever." The attacks were a typical Magecart scheme where hackers breached

From Threat Intel to Detection & Response

We're running a cyber defence webinar. If you've managed to avoid being spammed by our mailing list or Facebook ad, there's still no escape. We'll get at you via LinkedIn/Twitter/Carrier Pigeon.... Interested? Join Peter Glock and Sahir Hidayatullah, CEO, Smokescreen to learn how to simplify threat detection across the whole attack chain from knowing you’re under surveillance to being able to effectively respond to an attack. We'll cover: What is deception technology an

Phishing Drill Prepares Community for Email Scams

I once held a meeting with a large cigarette manufacturer. My company was managing their mail gateway and had spam, av and phishing protection in place. They had complained that some spam was still getting through. At the meeting we presented a simple chart showing, of the mail arriving at the gateway, only 2% was deemed legitimate and sent on the the recipient. We advised that turning up the filter was start to result in some legitimate traffic being blocked. These stats fro...