Organisation News, Articles and Updates

£3.74 billion in BEC scams last year, FBI arrests 74, of which 29 Nigerian

Last year, the US FBI announced that between October 2013 and December 2016, organisations across 131 countries suffered as many as 40,203 successful Business Email Compromise (BEC) attacks, stealing £3.74 billion.

Organisations can't just flirt with their disaster plan

A cyber-disaster plan must not only be designed to keep an organisation or business functioning in the wake of a cyber-attack, but it also must be practiced regularly in order to be fully effective.

Open Bug Bounty creates free bug bounty programme

Open Bug Bounty has added a free service that will allow organisations to create their own bug bounty programme.

Hackers replacing volumetric DDoS attacks with "low and slow" attacks

By the middle of last year, organisations across the UK had woken up to the threat of DDoS attacks that had, by November, increased in frequency by a massive 91 percent over Q1 2017 and 35 percent over Q2 figures.

Cost of DNS attacks on UK businesses more than doubled since last year

In June last year, a report from EfficientIP revealed that 76 percent of organisations around the world suffered DNS-based attacks and almost a third of UK organisations experienced data exfiltration via DNS.

Supreme Court to hear Google privacy settlement case

A settlement with Google set to award US$ 8.5 million (£6.2 million) to privacy rights groups, universities and other organisations - instead of victims of privacy violations by the company - will go before the US Supreme Court.

GravityRAT malware detects virtualised environments using infected machines

A previously unidentified remote access tool (RAT) primarily targeting Indian organisations uses seven different techniques for sniffing out researchers' virtual machines and sandbox environments.

May 2018 Product Reviews: SIEM and UTM-NGFW

All the tools reviewed allow organisations to collect, sift through and interact with the mounds of information and events generated by networks and devices, says technical writer Dan Cure.

SamSam ransomware inundates targeted networks with thousands of copies

The ongoing SamSam ransomware campaign responsible for recently infecting the US city of Atlanta, the Colorado Department of Transportation and an array of health care organisations represents an emerging operational model.

Cyber-security isn't perfect, but you can cut the risks by doing the basics

Implementation of basic cyber-security practices isn't just down to the IT department, however, but needs to be enforced at all levels of an organisation, from the very top to the very bottom.

Hackers using flaw in Cisco switches to attack

US Homeland Security warned Russian state actors behind attacks on US energy grid. Security researchers have warned that hackers are using badly-configured Cisco switches to gain entry into the infrastructure of organisations.

Same but different: Ensuring fraud and infosec teams speak one language

Even once there's buy-in from fraud and infosec teams, there are often fundamental disconnects in perceptions and points of view that can get in the way of working together.

Despite risks, a majority of firms are allowing the use of Wi-Fi hotspots

While experts have warned about the perils of connecting to unsecured public Wi-Fi hotspots in the past, new research has revealed that organisations are suffering more from security issues than in the past.

Trump admin imposes sanctions on Russia for election interference, NotPetya

A day after PM Teresa May tossed Russian diplomats out of the country following a nerve agent attack on a former Russian spy in a British town, the Trump administration imposed sanctions on Russian individuals and organisations.

Report: Age verification tool for porn sites raises privacy concerns in UK

The UK-based digital watchdog organisation Open Rights Group is expressing concern that an age verification tool for pornography sites could potentially expose users' sensitive data, according to a report from the BBC.

Phishing campaign found to be targeting humanitarian organisations

Security researchers recently uncovered a phishing campaign that suspected Korean hackers had, since August 2017, unleashed on humanitarian aid organisations by using topics on North Korean politics.

Healthcare sector's biggest threats come from insiders, report

Healthcare is the only industry in which internal threat actors are the biggest threat to an organisation, a recent study posits.