0 Comments
A key NHS IT partner that was hit by a ransomware attack last week has said it could take three to four weeks before all systems are back to normal. Advanced runs several key systems for the health service, including clinical patient management software (Adastra) and financial management software (eFinancials). One of its most important
0 Comments
A deep-dive in Zero-trust, to help you navigate in a zero-trust world and further secure your organization. Last week, at ChannelCon in Chicago, I participated on a panel titled ‘Building trust in a Zero Trust world’ with several other industry experts. The core concept of Zero Trust is ‘trust nothing, verify everything’ and for many
0 Comments
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two flaws to its Known Exploited Vulnerabilities Catalog, citing evidence of active exploitation. The two high-severity issues relate to weaknesses in Zimbra Collaboration, both of which could be chained to achieve unauthenticated remote code execution on affected email servers – CVE-2022-27925 (CVSS score: 7.2)
0 Comments
The threat actor known as DeathStalker has continued to target and disrupt foreign and cryptocurrency exchanges around the world throughout 2022 using the VileRAT malware, according to security researchers from Kaspersky. The findings are detailed in an advisory published on August 10 2022, which mentions a number of VileRAT-focussed campaigns  supposedly perpetrated by DeathStalker, starting
0 Comments
Our personal and professional lives are becoming increasingly intertwined with the online world. Regular internet usage has made us all prone to cyber-security risks. You leave a digital footprint every time you use the internet, which is a trace of all your online activities.   When you create new accounts or subscribe to different websites, you
0 Comments
Security researchers from Check Point have spotted 10 malicious packages on Python Package Index (PyPI), the primary Python package index used by Python developers. The first of them was Ascii2text, a malicious package that mimicked the popular art package by name and description. “Interestingly, [threat actors] were smart enough to copy the entire project description without
0 Comments
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed security flaw in the UnRAR utility to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. Tracked as CVE-2022-30333 (CVSS score: 7.5), the issue concerns a path traversal vulnerability in the Unix versions of UnRAR that can be triggered
0 Comments
Authored by Oliver Devane Technical Support Scams have been targeting computer users for many years. Their goal is to make victims believe they have issues needing to be fixed, and then charge exorbitant fees, which unfortunately some victims pay. This blog post covers a number of example actions, that scammers will go through when they
0 Comments
A “perfect storm” of surging threats, economic headwinds and evolving regulations will see many organizations miss out on cyber-insurance in 2023, experts have warned. Insurers have been increasing premiums whilst reducing coverage over recent months in response to the rising frequency, severity and cost of cyber-attacks. UK pricing increased 102% in the first quarter of 2022,
0 Comments
by Paul Ducklin Popular collaboration tool Slack (not to be confused with the nickname of the world’s longest-running Linux distro, Slackware) has just owned up to a cybersecurity SNAFU. According to a news bulletin entitled Notice about Slack password resets, the company admitted that it had inadvertently been oversharing personal data “when users created or
0 Comments
A new botnet named Orchard has been observed using Bitcoin creator Satoshi Nakamoto’s account transaction information to generate domain names to conceal its command-and-control (C2) infrastructure. “Because of the uncertainty of Bitcoin transactions, this technique is more unpredictable than using the common time-generated [domain generation algorithms], and thus more difficult to defend against,” researchers from
0 Comments
Private tech companies gather tremendous amounts of user data. These companies can afford to let you use social media platforms free of charge because it’s paid for by your data, attention, and time.   Big tech derives most of its profits by selling your attention to advertisers — a well-known business model. Various documentaries (like Netflix’s
0 Comments
Learn the basics of zero-trust, and how building a zero-trust environment can protect your organization. This week, ESET’s security evangelist Tony Anscombe participated in a panel on zero-trust architecture during ChannelCon. He explains what zero-trust means, and the basic practises any organisation should implement to protect themselves. Watch the video to learn more.
0 Comments
ReversingLabs researchers discovered a new ransomware family targeting Linux-based systems in South Korea. Dubbed GwisinLocker, the malware was detected by ReversingLabs on July 19 while undertaking successful campaigns targeting firms in the industrial and pharmaceutical space. “In those incidents, it often launched attacks on public holidays and during the early morning hours (Korean time) – looking to
0 Comments
A threat actor working to further Iranian goals is said to have been behind a set of disruptive cyberattacks against Albanian government services in mid-July 2022. Cybersecurity firm Mandiant said the malicious activity against a NATO state represented a “geographic expansion of Iranian disruptive cyber operations.” The July 17 attacks, according to Albania’s National Agency
0 Comments
Whether using the internet for play or work, you want to spend your time online enjoying the peace of mind that comes with having a secure network.  You don’t want to contend with someone taking your personal data — whether it’s credit card information, passwords, or bank account details — via malware or a data