Articles about Security

Critical national infrastructure (CNI) has had a rough 2024 in the UK when it comes to cybercrime. From the chaos caused by a teenager who hacked into TfL to the dangerous impact on the NHS after the Synnovis breach. And let us not forget the ongoing fallout from the Sellafield breach in December 2023.

These are just a few of the notable cases of a much wider problem, with Bridewell finding that 60 percent of UK CNI organizations experiencing at least one ransomware attack over the past 12 months.

Continue reading →

In 2024, opposing nation-states have utilized cyberattacks to project power and disruption from within their own borders. This shift has been epitomized by the rise of the “Axis of Upheaval,” dominated by the CRINKs nations -- China, Russia, Iran, North Korea -- who share a common reliance on using cyberattacks to wreak havoc in an affordable manner.

Whether it’s North Korea using ransomware to generate revenue for its isolated regime, or Russia focusing on disrupting and eroding public trust in democratic institutions, each state is finding its niche to cause harm. Despite these varied goals and techniques, it’s the same sectors again and again in the crosshairs. Whether it’s CNI, healthcare, or finance, these organizations now must protect against a wide range of attack styles and techniques.

Continue reading →

As we navigate an increasingly digital landscape, the threats posed by cybercriminals are evolving at an alarming pace. The latest predictions highlight a future where AI-driven technologies, particularly deep fakes, will become more sophisticated, making it challenging for individuals and organizations to distinguish between genuine and malicious entities.

This article explores three critical predictions regarding the future of cyber threats: the rise of hyper-realistic deep fakes, the escalation of browser-based ransomware attacks targeting essential infrastructure, and the growing risk of insider threats in remote work environments. Understanding these trends is crucial for developing effective strategies to safeguard against the next wave of cybercrime.

Sophisticated AI-Driven Deepfakes Will Bypass Traditional Security Measures

Continue reading →

There are still various obstacles in the way of updating to Windows 11 24H2, but Microsoft has just removed one of them. Until now, systems with a USB scanner that used the eSCL scan protocol were blocked from installing the update, but this block has now been lifted.

This is not all that is to be found in the update, of course. There is a somewhat controversial switch to a shortened date format in the taskbar as well as a batch of important security fixes.

Continue reading →

Despite decades of technological advancement, email remains the predominant attack vector for cybercriminals, with estimates suggesting that 80-90 percent of cyberattacks originate through email channels. While the cybersecurity industry has made significant strides in other areas, many businesses continue to rely on outdated email security measures that leave them vulnerable to increasingly sophisticated threats. This protection gap demands immediate attention from IT leaders.

Traditional secure email gateways (SEGs) like Mimecast and Proofpoint have served as the backbone of organizational email security for years. Similar to how traditional firewalls operate at network perimeters, these gateways excel at blocking known threats through signature-based detection and basic filtering rules. However, just as modern network security has evolved beyond simple perimeter defenses, email security requires a more sophisticated approach.

Continue reading →

In an era when successful hacks are now an inevitability, too many organizations have a false sense of security when it comes to their data. Unfortunately, cyber criminals are ready and willing to take advantage of this complacency.

Gone are the days when CISOs could simply focus on building up frontline cyber defenses alone. Today’s cyber adversaries are using AI technologies like ChatGPT to augment and elevate the sophistication and effectiveness of their attacks on an industrial scale. Whether that’s automating how they scan for vulnerabilities or initiating highly adaptive attacks that can evade traditional perimeter security measures.

Continue reading →

0patch has revealed a 0day vulnerability that affects all desktop versions of Windows as well as Windows Server. In all, a staggering 21 different editions of Windows have the security issue which is described as a URL File NTLM Hash Disclosure vulnerability.

The security patching firm has reported the issue to Microsoft but -- as has been the case in the past -- the Windows-maker has yet to produce a fix. Stepping up to fill the void, 0patch has released free micropatches for all affected versions of Windows.

Continue reading →

Thanks to the proliferation of smartphones, QR code usage globally has surged by 57 percent, and by 2025, it is forecast to increase by another 22 percent. And up to eight new QR codes are generated per minute globally.

It is no surprise then why QR codes are everywhere -- on billboards, shopping malls, event brochures, restaurant menus, charity websites, parking spaces, you name it! Of course, the genius of QR codes is their ease of use and convenience. For users, one scan and the job is done, be that registering for an event or purchasing an item.  

Continue reading →

Gartner predicts that public cloud end-user spending will surpass $675 billion by the end of 2024. In 2025, as AI systems proliferate and organizations increasingly store sensitive data in public cloud infrastructure, many stakeholders will begin demanding more robust cloud security measures.

Additionally, cybercriminals are becoming more inventive than ever. They now rely on AI and machine learning (ML) to improve and iterate on their methods, just as we all do. Interestingly, despite advances in cloud security, research suggests that common vulnerabilities like unenforced multi-factor authentication (MFA) and long-lived credentials continue to expose many companies to risk. Patching these known vulnerabilities will be crucial next year.

Continue reading →

Cybersecurity is often frustratingly seen as a boardroom burden -- a compulsory cost to keep threats at bay. This “necessary evil” mindset is holding businesses back and leading to a critical opportunity to leverage security as a driver of success being missed.

It’s time we looked at cybersecurity investments differently. Rather than the board reluctantly seeing the investments solely as a necessity for threat prevention, organizations should see cybersecurity also as a powerful enabler of productivity and growth. As digital transformation accelerates across manufacturing, healthcare, and other critical infrastructure sectors where cyber-physical systems (CPS) underpin operations, security needs to keep up with the pace of innovation, supporting -- and even driving -- new efficiencies, customer trust, and competitive advantages which all come with improving cyber and operational resilience.

Continue reading →

Linux-based operating systems have long been heralded as being inherently more secure than Windows. Whether or not this is true is open to debate, as is the impact of user numbers on making an OS a target for malware writers.

A key security concern in recent times has been UEFI bootkits, and it has been something affecting only Windows-based systems. Now, however, security firm ESET has revealed details of Bootkitty, the first UEFI bootkit designed for Linux systems.

Continue reading →

Although the cyber threat landscape rarely stands still, some age-old attack vectors will continue to be revisited by cyber criminals. For example, the cyber security risks of removable media -- which have persisted for years -- are presenting fresh challenges for security teams. 

This is because, thanks to its convenience and cost, removable media remains a cornerstone of the operations of critical national infrastructure (CNI) sectors. Devices such as USB drives are used by CNI operators and their third-party service partners to handle sensitive data, perform physical data transfer, and carry out vital operational tasks such as firmware updates in air-gapped networks. 

Continue reading →

Phishing is on the rise. Egress' latest Phishing Threat Trends Report shows a 28 percent surge in attacks in the second quarter of 2024 alone. But what’s behind the increase? There are a few factors in play. Like any other form of threat, phishing is becoming more sophisticated with hackers now having access to a variety of new AI-powered tools to generate email messages, payloads, and even deepfakes.

Further, these technologies and the cyberattacks they can create are now easier to access than ever. Especially as more hackers tap into the professional services on offer from a mature and diverse Crime as a Service (CaaS) ecosystem of providers selling everything from the mechanisms to create attacks to pre-packaged phishing toolkits that promise to evade native defenses and secure email gateways (SEGs).

Continue reading →

As financial institutions prepare for the EU's Digital Operational Resilience Act (DORA) enforcement in January 2025, IT teams face a complex challenge: ensuring their Salesforce implementations meet new technical requirements while maintaining operational efficiency.

The regulation's focus on ICT risk management demands a comprehensive technical approach beyond basic security measures. For organizations utilizing Salesforce as a critical business platform, this represents a fundamental shift in how system architecture and security must be approached.

Continue reading →

In November 2024, Russia began blocking Cloudflare’s implementation of Encrypted Client Hello (ECH), a privacy-focused extension of the TLS protocol.“This technology is a means of circumventing restrictions on access to information banned in Russia. Its use violates Russian law and is restricted by the Technical Measure to Combat Threats (TSPU),” the statement by the Russian Internet regulator read.

Russia, known for its tight control over internet access, views ECH as a tool for bypassing geo-restrictions, though that was never its intended purpose. This move follows a broader pattern of censorship and surveillance. Over the past few years, Russia has been cracking down on VPNs, making it harder for users to circumvent government-imposed restrictions.

Continue reading →