REvil ransomware producers have ported their malware over to Linux to expand their campaigns. The primary objective appears to be to infect VMware’s ESXi virtual machine management software and Network-attached storage (NAS) devices. Researchers at AT&T’s Alien Labs have identified four samples in the wild. Whilst not unheard of, Linux attacks are rarer than compromises […]
19
May
May
Ransomware is affecting increasing numbers of organisations, causing the UK to be the second most attacked country globally (in 2020) for ransomware attacks. Which is costing UK businesses a total of £365 million for the year. It’s a huge figure. What can you do to reduce that figure? The answer to that question is, protect […]
Ransomware Readiness Assessment Identify, protect, detect, respond & recover from a ransomware attack Request a Quote
02
Feb
Feb
Two CVE’s associated with VMWare ESXi are being exploited in the Wild. One major ransomware gang abuses vulnerabilities on the ESXi platform to take over virtual machines deployed in enterprise environments by encrypting their virtual hard drives. CVE’s 2019-5544 and 2020-3992 impact the Service Location Protocol (SLP), used by devices on the same network to […]
20
Jan
Jan
The Windows utility developer IObit forums hacked over the weekend, for the threat actors to distribute a peculiar strain of ransomware called “DeroHE” to its forum members. IObit is known for Windows system optimisation and anti-malware programs such as Advanced SystemCare. Members of the forum received an email claiming to be from the company, stating that […]
19
Jul
Jul
Not many companies anticipate being the focal point of a significant data breach incident. However, cybercriminals can infiltrate around 93% of businesses within an average of two days. In the third quarter of 2022 alone, approximately 150 million data records were compromised In today’s competitive business landscape, companies increasingly rely on data systems like cloud […]
Risk Rating: CRITICAL Affected Products: MOVEit Transfer Affected Version: 2023.0.0 (15.0), 2022.1.x (14.1), 2022.0.x (14.0), 2021.1.x (13.1), 2021.0.x (13.0), 2020.1.x (12.1) Patched Version: CVE-2023-34362, CVE-2023-35036 Proof-of-Concepts available: no Vendor: Progress Software Corporation Date: 31/05/2023, 09/06/2023 Introduction: A severe Zero-Day vulnerability was disclosed, which posed a significant risk to Progress MOVEit File Transfer software users. “Progress” […]
23
Mar
Mar
Guest Contributor: Benjamin Turner, Chief Operating Officer, Agrimetrics Shortly after Russia’s invasion of Ukraine, I advocated in a BBC news article and North American technology podcast (The Feed) that we should regard parts of the UK’s agriculture and agrifood system as critical national infrastructure. What does it mean to be critical national infrastructure, and why […]
20
Feb
Feb
“There has been a 742% average annual increase in software supply chain attacks over the past 3 years”[i] The above statistic might seem implausible, but supply chain cyber attacks have become a pressing issue for businesses as the reliance on technology and interconnected systems have grown. These attacks can compromise sensitive information, disrupt operations, and […]
27
Sep
Sep
The cyber security industry has failed. Are you still reading this? If so, you’ve probably seen the evidence. It’s clearly visible all around us and is overwhelming. If you agree that the cyber security industry was founded on the fundamental objective of preventing information technology (IT) systems from breaches and data theft, then you must […]