Thing you’re not a target? Think again

Many organisations that we speak to feel that their company is not at risk from cyber attacks, often because they think they are either too small or their data or business wouldn’t be of interest to attackers. Unfortunately, while it would be wonderful if companies could rule themselves out from the risk of attack, criminals…

Read more

Chinese cyber criminals are targetting Intellectual Property (IP)

While many cyber security attacks are driven by criminal organisations looking to make a pay day, the APT41 hacking groups – who allegedly have close ties to the People’s Republic of China (PRC) government – have been running a sophisticated campaign targeting manufacturing, research and development firms.  Their aim?  To make off with intellectual property…

Read more

An interview with a cyber criminal

Last week, journalist Dmitry Smilyanets published an article on The Record detailing his interview with cyber criminal Mikhail Matveev, who has gone by various monikers (Babuk, BorisElcin, Wazawaka, unc1756 and Orange). Mikhail is provides some very open and interesting insights in to the cyber criminal world, dispelling some myths and discussing the ways he and…

Read more

Browser in the Browser (BitB) attack: Visually perfect phishing

Criminals are constantly coming up with novel techniques to launch attacks and there’s a new phishing technique available to them that’s a terrifyingly convincing.  Users have been told for years to double check domain names, look for padlocks to confirm encryption is enabled and that using SSO (Single-Sign On) services is a good thing –…

Read more

SolarWinds Supply Chain Breach: The Worst in History?

SolarWinds touts its Orion enterprise monitoring software as providing a single pane of glass solution, that has quickly turned in to a single glass of pain. A sophisticated supply chain attack against the product has resulted in at least one – and almost certainly hundreds more – high profile breaches, including FireEye, a respected cyber…

Read more

Cyber Security Firm FireEye Hacked

Governments and organisations around the world are steeling themselves for what appears to be an ever-escalating increase in state-sponsored cyber attacks.  The US cybersecurity firm FireEye  recently announced it has attacked by a “highly sophisticated threat actor”, believing the hacking was nation stated sponsored with evidence pointing to Russia.. In a blog post, CEO of…

Read more

WinRAR Vulnerability: A Vintage Threat

For users with might consider themselves of a certain ‘vintage’, they will almost certainly have come across the archiving/zipping tool WinRAR in their cyber travels. For those that don’t know, in medieval times, the ability to compress and uncompress (zip/unzip) files and folder wasn’t natively baked-in to Windows and other operating systems. If you want…

Read more