Many organisations that we speak to feel that their company is not at risk from cyber attacks, often because they think they are either too small or their data or business wouldn’t be of interest to attackers. Unfortunately, while it would be wonderful if companies could rule themselves out from the risk of attack, criminals…
As we discussed last month, while MFA is a great layer of protection it is not full-proof, something which UBER discovered recently much to it’s dismay. As ever in fraud and ‘cons’, sometimes the simplest methods are the most effective. While there has been a rise in advanced Phishing as a Service (PhaaS) offerings that aim…
While many cyber security attacks are driven by criminal organisations looking to make a pay day, the APT41 hacking groups – who allegedly have close ties to the People’s Republic of China (PRC) government – have been running a sophisticated campaign targeting manufacturing, research and development firms. Their aim? To make off with intellectual property…
While there is always a lot of focus on phishing emails directing users to malicious pages or capturing credentials using cloned websites, a still-very-common scam catches organisations out every day: the ceo impersonation scam. The aim of these scams is to have an employee – often a new one in the organisation – sent an…
Last week, journalist Dmitry Smilyanets published an article on The Record detailing his interview with cyber criminal Mikhail Matveev, who has gone by various monikers (Babuk, BorisElcin, Wazawaka, unc1756 and Orange). Mikhail is provides some very open and interesting insights in to the cyber criminal world, dispelling some myths and discussing the ways he and…
An article today by TechRadar about a new Phishng-as-a-Service with MFA bypass as a key selling point reminded me of something from a few years back, I was at a security event and attending a presentation by a reputable cyber security form on social engineering. Towards the end of the presentation they began summarising some…
A consortium of security and technology companies announced the development of an open source data interchange standard this week at the BlackHat 2022 event in Las Vegas. The standard – which currently has its home on GitHub – is called the Open Cybersecurity Schema Framework and aims to allow for simpler data movement between security…
Security researchers Treillx recently published an article detailing a vulnerability they discovered in the firmware of 29 DrayTek router models that provides attackers with the ability to perform Remote Code Execution (RCE) on the devices with no preconditions or user interaction, assessing it as having a likely security score of 10/10 (tracked as CVE-2022-32548). Trellix…
