Hip Hop
Regular readers of these ramblings will remember that we first reported about the nefarious activities of the Chinese hacking outfit APT10 way back in April 2017 after its activities were brought to public attention through brilliant work by PwC, BAE Systems and (the obviously silent(ish) partner) the UK National Cyber Security Centre (NCSC). To recap, […]
The Iran cyberattack is an “early sign” of 21st-century warfare
Article by Robert Scammell – Verdict Tensions between Iran and the US are high as the conflict shifts between the physical world and the digital. Last Thursday US president Donald Trump ordered a crippling cyberattack on Iran’s missile systems. The Iran cyberattack disabled computer systems used to control rocket and missile launches, according to the Washington […]
How High-Net Worth Individuals And Family Offices Can Block Cyberattacks
Article by Sooraj Shah – Forbes It’s no surprise that high net worth individuals are the perfect candidates for cybercriminals to attack. They have significant financial resources, wide-ranging commercial interests, a high-profile public image and valuable reputations. In many ways, they have the same challenges as a large corporation when it comes to cybersecurity, but they […]
Delphic Oracle
For some time, we have heard rumours circulating in some of the darker parts of the web about issues with Oracle’s WebLogic, exploitable issues with proof of concept attacks being tested, sold and shared. On Tuesday this week, Oracle issued a critical advisory for CVE-2019–2729, which is a remote code execution (RCE) vulnerability for the […]
ORACLE WEBLOGIC, NEW CRITICAL FLAW DISCOVERED CVE-2019-2729
Priority: Critical Executive Summary: A new critical vulnerability has been discovered that affects several versions of the Oracle WebLogic server. The bug has classed as critical-level security risk and has a CVSS Base Score of 9.8. The vulnerability has already been exploited in the wild by several unknown hacker groups. This security update highlights a […]
G-Spam
This week, the brilliant/devious (delete as applicable) folks at Kaspersky called out the mighty Google for allowing its own applications to be facilitators of spam, often containing malicious payloads – drive-by malicious sites and other nasty malware vectors. The story is that content generated and shared by one G-App (Calendar etc.) is treated much more […]
June 2019
View our Cyber Bulletin for June here.
Should we fear Huawei?
Presented by Anna Delaney – TEISS 07 June 2019 Why has the US banned the use of Chinese company Huawei’s technology? To what extent is Huawei a security threat? What are the deeper issues at play in this power struggle? These are questions we’ll be exploring on this week’s cracking cyber security podcast. Malcolm Taylor, […]
HackFest
This week has seen a large number of hacking announcements; it is going to be tricky to squeeze even the interesting ones into a single blog, but here goes. To our mind, the announcement by digital wallet provider Komodo that it had hacked its own customers and without any authorisation or approval, transferred their funds […]
Expert insight: Inside the secret world of superyacht hacking
Article by Miranda Blazeby – Boat International Tales of successfully hacked superyachts are be hard to come by. Owners are reluctant to recount personal experiences of loss to hackers and their keyboards. As Tony Gee, associate partner at cyber security firm Pen Test Partners says, “There is very little proper knowledge about yachts being attacked.” But […]