Spanish online survey company, Typeform, recently experienced a serious cyber-attack, resulting in hackers downloading a partial backup of its customer data. Typeform noticed the breach on 27th June and reported they had remedied the issue within 30 minutes of discovery, yet all survey responses passing through their online platform prior to May 3rd, 2018 could be at risk. This survey company’s breach shows how dangerous supply chain attacks can be.Read More
Teach your staff to detect social engineering to keep them cyber safe over the Christmas break. Holidays bring with them frantic shopping, party planning, family arrangements, and, finally, taking a well-earned break and connecting with family and friends. However, criminals also look forward to this time of year, for a very different reason: they use our distraction against us, relying on us being even more in a hurry than normal. And when we’re distracted, we make mistakes.Read More
As cyber security quotes go its not uncommon to hear the claim “We’ve never been hacked”; it might come up in a conversation when a service provider is trying to win business from a company where there will be an exchange or hosting of data, or maybe it will be a defence against some findings in an audit where there are controls that are missing or ineffective. It may even be part of a board presentation to provide confidence or found on a CV sent in application for a senior CISO role.
It does however belie several truths that are fairly enshrined within the cyber security industry. In this post we’ll try and explain what these truths are, and translate the cyber security quote “We’ve never been hacked” into more likely and appropriate interpretations.Read More
Ransomware has plagued businesses for several years, but the recent outbreaks of WannaCry and NotPetya have marked the beginning of a new era of hybrid malware that combines multiple exploits into something much more dangerous. What can organisations do to remain safe when the cyber criminals are innovating so quickly?Read More
Modern threat prevention technologies only work well in defending against opportunistic attacks. Incorporating Protective Monitoring ensures a more proactive approach.Read More
The recent global deluge of media reports regarding WannaCry and several other ransomware attacks have served two purposes. Firstly, the speed of proliferation has caused fear, uncertainty and doubt across the world. This has certainly spooked enterprises everywhere by demonstrating the power and reach of a coordinated criminal cyber security campaign.Read More
We continue to see instances of “cyber security own goals” – i.e. security failures at companies who either should know better (probably overly harsh criticism when faced with a determined, targeted attack) or who are founded on the basis of providing greater security or trust, but then found to be fallible just like other businesses.Read More