Davey Winder

WFH awareness training becomes important as Covid-19 phishing scams increase

WFH awareness training becomes important as Covid-19 phishing scams increase

KnowBe4 notes dismal results in phishing test; Barracuda Network notes surge in Covid-related phishing activity globally

Evolution of malware obfuscation poses security concerns

Evolution of malware obfuscation poses security concerns

Researchers discovered cryptomining module that uses new obfuscation techniques

As Turla attacks evolve, do enterprise security teams need to defend differently?

As Turla attacks evolve, do enterprise security teams need to defend differently?

The Russian group hijacked the computer network operations infrastructure of Iranian threat actor APT 34

Eternal Blue 'dominates honeypot attack traffic' -- why is that?

Eternal Blue 'dominates honeypot attack traffic' -- why is that?

A little over a billion attacks were recorded by F Secure honeypots for the whole of 2018; by 2019 the total was 5.7 billion attacks - dominated by attacks hitting the Server Message Block (SMB) protocol.

The feral app threat: Lack of visibility worsens threat for enterprises

The feral app threat: Lack of visibility worsens threat for enterprises

The number of 'blacklisted' malicious apps have declined in 2019, but feral apps continue to work undetected, warns RiskIQ report

Industrial control system security needs urgent revamp, says study

Industrial control system security needs urgent revamp, says study

Study identified 438 industrial control system (ICS) vulnerabilities in 2019; More than 25 percent of advisories had no patch available at the time of disclosure

Coronavirus, Trump threats, geopolitical campaigns - how they affect your business & what you should do
Zero trust systems faces zero confidence in implementation

Zero trust systems faces zero confidence in implementation

Security professionals tasked with implementing zero-trust systems admit lack of confidence in their ability to apply it to the organisational security access architecture

Enterprises ill-prepared for memory lane attacks despite defences

Enterprises ill-prepared for memory lane attacks despite defences

DMA attacks enable attackers to read & write memory off a victim system directly, bypassing the main CPU & OS. Using Dell and HP laptops, researchers found two different vulnerabilities, now mitigated.

Data exfiltration used to 'encourage' ransom payment

Data exfiltration used to 'encourage' ransom payment

BitPyLock threat actors are now exfiltrating data before the ransomware encryption begins