Mitre ATT&CK helps security managers defend their networks by providing a framework for categorising the techniques and tactics used in real world cyberattacks. Founded in 2013 in order to document the common threats, tactics and procedures used to attack Windows networks, Mitre ATT&CK has gathered data and telemetry on real world attacks which can beRead more
Blog
Security Information and Event Management – SIEM – is the ability to collate and analyse events from across the network in real time in order to detect security incidents and attacks. Many organisations first encounter SIEM when it becomes a compliance exercise in order meet the requirements of a security framework such as PCI-DSS orRead more
Fileless malware attacks have increased over 300% in 2019. What is fileless malware and how does it work? According to their mid-year Cybersecurity report, Trend Micro asserts that fileless malware attacks have increased 365% over the same period the previous year. In order to understand why this is increasing and how fileless malware works, weRead more
Reading about the latest hacks by alleged nation state sponsored groups from China or Russia may make for interesting lunchtime reading. But do these groups pose a real threat to the typical business? Many security managers ask themselves: Do I really need to worry about nation state actors? In this article, we will answer thatRead more
What is the cyber kill chain and how can it help shape your security policy? The idea of the cyber kill chain was first proposed by computer scientists at the defence contractor Lockheed Martin in 2011. Given the background of the business, it is not surprising that their approach to defining a cyber-attack was heavilyRead more
The number of cyber attacks in the UK is continuing to rise and small businesses are continuing to bore the brunt of these attacks. In fact, it is estimated that small businesses in the UK are targeted by 65,000 cyber attacks per day. Thankfully, the majority of these attacks are unsuccessful. However, a worrying numberRead more
Nansh0u is a crypto-mining attack which has infected 50,000 MSSQL servers since February 2019 It is notable because its primary attack vector is poor SecOps on the part of victims and not a vulnerability per se First detected by security firm Guardicore, Nansh0u was observed infecting some 700 new servers each day. A study ofRead more
Since early May, the city of Baltimore has struggled to recover IT systems following a ransomware attack that has left many departments unable to function or even send and receive emails. Citizens have been unable to complete house sales, pay their water bills or receive health alerts. The RobbinHood malware that has attacked the city’sRead more
Formjacking is a type of cyber attack that can be used by an attacker to steal sensitive information that is entered by website users through forms. Most usually this type of attack targets ecommerce sites to obtain payment card details and personal information that are entered by customers; however, Formjacking attacks can target any website whichRead more
In the eternal arms race between malware creators and security vendors, a novel new tactic has emerged. Trend Micro has recently reported that Windows executables (.EXE files) are being created that target non-windows platforms such as MacOS. Because .EXE files are not supported as an executable on MacOS the built in Gatekeeper protection layer inRead more
