A massive cyberattack hit Slovak and Polish Parliaments
The Slovak and Polish parliaments were hit by a massive cyber attack, and the voting system in Slovakia’s legislature was...
News
How will Twitter change under Elon Musk?
Cybhorus CEO Pierluigi Paganini talks to TRT World about Elon Musk completing his $44 billion deal to buy Twitter and...
Multiple vulnerabilities affect the Juniper Junos OS
Juniper Networks devices are affected by multiple high-severity issues, including code execution vulnerabilities. Multiple high-severity security vulnerabilities have been discovered...
Google fixes a new actively exploited Chrome zero-day, it is the seventh one this year
Google Thursday released an emergency patch for Chrome 107 to address the actively exploited zero-day vulnerability CVE-2022-3723. Google released an...
Apple backports fixes for CVE-2022-42827 zero-day to older iPhones, iPads
Apple released updates to backport the recently released security patches for CVE-2022-42827 zero-day to older iPhones and iPads. Apple has...
New York Post hacked? No, the culprit is an employee
Threat actors hacked the website and Twitter account of the New York Post and published offensive messages against US politicians....
Raspberry Robin operators are selling initial access to compromised enterprise networks to ransomware gangs
DEV-0950 group used Clop ransomware to encrypt the network of organizations previously infected with the Raspberry Robin worm. Microsoft has...
How a Cloud Security Broker Reduces SaaS App Risks – SASE Part 4
Responsibility for protecting users and critical data in cloud applications falls to the organizations that use them. Discover how to...
From Bounty to Exploit: Observations About Cybercriminal Contests
From articles to hackathons, cybercriminals are resorting to crowdsourcing to find more ways to exploit systems. In this blog, we...
Attack Surface Management 2022 Midyear Review Part 2
In our 2022 midyear roundup, we examine the most significant trends and incidents that influenced the cybersecurity landscape in the...
Where is the Origin?: QAKBOT Uses Valid Code Signing
Code signing certificates help us assure the file's validity and legitimacy. However, threat actors can use that against us. In...
Thomson Reuters collected and leaked at least 3TB of sensitive data
The multinational media conglomerate Thomson Reuters left a database with sensitive customer and corporate data exposed online Original post at...
SiriSpy flaw allows eavesdropping on users’ conversations with Siri
SiriSpy is a vulnerability affecting Apple iOS and macOS that allowed apps to eavesdrop on users’ conversations with Siri. SiriSpy...
Preparing for the long haul: the cyber threat from Russia
Preparing for the long haul: the cyber threat from Russia In January 2022, ahead of Russia’s invasion of Ukraine, we...
Why vulnerabilities are like buses
Why vulnerabilities are like buses There's an old saying that you wait ages for a bus, and then several come...
Using secure messaging, voice and collaboration apps
Using secure messaging, voice and collaboration apps With 'hybrid working' (a combination of working from home and the office) now...
Log4j vulnerability: what should boards be asking?
Log4j vulnerability: what should boards be asking? The Log4Shell critical vulnerability in the widely used logging tool Log4j has caused concern...
Cyber Security in the Built Environment – considering security throughout a buildings lifecycle
Cyber Security in the Built Environment - considering security throughout a buildings lifecycle A building being designed today is, as...
The Technology Assurance principles
The Technology Assurance principles In this blog post I want to introduce a new family of principles, the Technology Assurance...
‘Transaction monitoring’ & ‘Building and operating a secure online service’ guidance published
'Transaction monitoring' & 'Building and operating a secure online service' guidance published If you're responsible for the designing and running...
Zero Trust migration: where do I start?
Zero Trust migration: where do I start? Following our ‘Zero Trust: is it right for me?' blog, this second installment...
The Cyber Assessment Framework 3.1
The Cyber Assessment Framework 3.1 This latest version of the Cyber Assessment Framework (CAF), 3.1, supports the CAF's core users -...
New SOC guidance 101
New SOC guidance 101 Security operations centres (or SOCs) are notoriously difficult to design, build and operate. But they're also...
Relaunching the NCSC’s Cloud security guidance collection
Relaunching the NCSC's Cloud security guidance collection This week we have launched the updated NCSC’s cloud security guidance. It’s more...
