A new research paper looks at the security risks posed by the printers found in most offices and homes – and coins the term PrintJack to mean the hijacking of a printer by a threat actor. The research paper outlines three types of attack that could leverage a compromised printer. The standard TCP/IP port usedRead more
Blog
A new malware campaign dubbed SQUIRRELWAFFLE by Cisco Talos is being spread through malicious spam that makes use of stolen email messages to add authenticity. Malicious spam (malspam) is unsolicited email that seeks to deliver a malicious payload either through a Microsoft Office attachment or by tricking the user into clicking a link in theRead more
A sophisticated Android based malware ring has stolen hundreds of millions of pounds from 10 million victims according to a new report. This Grifthorse trojan malware was used in over 200 Android apps available in the Google Play store. Details of the malware campaign are explained in a report from Zimperium Labs. According to theRead more
The 2021 Data Breach Investigations report provides insights from the analysis of over 29,000 real world cyber security incidents from 2020 helping Security Managers track the evolving behaviour and tactics of threat actors. The Verizon Data Breach Investigations report has become a regular fixture on the annual cyber security calendar over the last 14 years.Read more
Business Email Compromise, and its evil brother CEO Fraud, are both email based fraud attacks that seek to trick the victim into paying a fake invoice or transferring or diverting funds through some other kind of deception. Read on to learn how to protect your business from BEC Fraud. What is BEC fraud? Business EmailRead more
The UK National Cyber Security Centre has issued a stark warning of the dangers posed by an ongoing Russian campaign of cyber espionage and attacks against enterprise systems and cloud environments in Europe and around the world. The Cyber Security Advisory is a joint creation of the NCSC working with the NSA, CISA and FBIRead more
The world’s largest meat producer had to shut down operations in the USA and Australia for several days after a cyberattack at the weekend. JBS Foods operates in 190 countries with 245,000 employees. According to a company statement: On Sunday, May 30, JBS USA determined that it was the target of an organized cybersecurity attack,Read more
New research into the market for exploits on the Dark Web reveals that 61% of exploits sold target Microsoft products including Windows OS, Office, RDP and Internet Explorer. The research presented by Trend Micro at the RSA 2021 Conference this week is the result of a year-long study of 600 dark web forums and marketsRead more
The NSA (National Security Agency) recently published a security advisory about the publicly known vulnerabilities currently being exploited by Chinese state-sponsored actors. While this security advisory is focused on the activities of state-sponsored actors, it does show the threats and vulnerabilities considered most useful for exploitation. Taking a quick look at the list could provideRead more
A new report from Accenture details the rise of the Network Access Seller: expert hackers who secure a beachhead into corporate networks and then sell the access in well organised markets on the dark web. If you are a ransomware operator looking for a juicy corporate target, the Network Access Seller markets on the darkwebRead more
