cyber security Archives - Page 5 of 6

Gerry Morley - Director of Cyber Security May 23, 2017 4 Comments

Ransomware – WannaCry No More – Train and Phish your staff.

By now, many of you that have not been under a rock for the last couple of weeks have heard about the worldwide ransomware cyber-attack WannaCry Decrypt0r that began in earnest on Friday 12th May 2017. The new ransomware caused major disruption to the IT systems of 40 National Health System hospitals across the UK (resulting in most non-emergency operations being suspended). Not only that, but it also caused disruption to an additional 200,000 victims, distributed over at least 150 countries (including several banks, Renault, Nissan, FedEx Corp, Telefonica, German Railways and even the Russian Interior ministry).

How Did This Happen?

Global reports from cyber security experts confirm that this ransomware gets onto a network through an unsuspecting user clicking on a link or attachment in a spam email.

The last few years and countless data breaches have shown that human error (due to a lack of security awareness training) from phishing and social engineering is the number 1 cause of cyber-attacks, ransomware and data breaches worldwide. Unfortunately, many companies including hospitals who have not invested in security awareness training and ongoing testing of their staff with simulated fake emails (to keep them savvy to the latest scams) will continue to be the most vulnerable to this and future similar style cyber- attacks.

Gerry Morley - Director of Cyber Security March 14, 2017 No Comments

Next Generation Fileless Malware Requires Next Generation Security

Train staff, install Next Generation security and disable macros as the latest fileless malware exploits a lack of all three to steal data.

DNS Malware

I’m afraid to say but gone are the days when just having standard security such as Anti-virus software was enough. Cybercriminals are now using complex clandestine techniques to exploit standard system tools and protocols that are not always monitored.

The latest example of such attack is DNSMessenger – a new Remote Access Trojan (RAT) that uses DNS queries to conduct malicious PowerShell commands on compromised computers – a technique that makes the RAT difficult to detect onto targeted systems. Just like their physical counterparts, without a trap in place (i.e a next generation security detection system) they won’t be caught and will end up causing untold damage.

Read on for what next generation security you need to protect your business from these advanced next generation threats. Read more

Gerry Morley - Director of Cyber Security February 17, 2017 No Comments

Yahoo! Hackers caught with their hands in your cookie jar.

Yahoo Hackers prove they don’t need your online passwords as they can forge your browser cookies to access your online data.

Yahoo in December 2016 quietly revealed to its users, in the form of a security update, that their user accounts may have been compromised as recently as last year, after an ongoing cyber security investigation found evidence that hackers managed to create forged cookies to gain access to Yahoo user accounts. Read more

Gerry Morley - Director of Cyber Security February 15, 2017 No Comments

Websites Can Now Track Online Activity Across Multiple Browsers

New Cross-Browsing Fingerprinting technique can now track online activity across multiple browsers. Coming soon to a browser near you.

Track Online Activity Via Multiple Browsers
You might be aware of websites, banks, retailers, and advertisers tracking your online activities using different Web “fingerprinting” techniques even in incognito/private mode, but now sites can track you anywhere online — even if you switch browsers.

A team of researchers has recently developed a cross-browser fingerprinting technique — the first reliable technique to accurately track users across multiple browsers based on information like extensions, plugins, time zone and whether or not an ad blocker is installed. Read more

Gerry Morley - Director of Cyber Security February 14, 2017 No Comments

Nasty Ransomware Virus DynA-Crypt Causes Full Blown “GDPR” Data Breach

Ransomware virus DynA-Crypt causes a full blown data breach as it not only encrypts your data, but then steals and uploads it online.

DynA-Crypt Ransomware

What this means?

The EU mandated GDPR (General Data Protection Regulation) which comes into force on 25th May 2018 will penalise companies not prepared for such data breaches resulting in large fines (approx. 4% of turnover or up to 20 Million Euro whichever is greater). To reduce the chances of being fined to the full extent of this new law – companies will need to begin to work on putting in place the necessary data protection processes and procedures to be able detect when a breach happens/happened, identify what if any personally identifiable data was stolen and have a breach response plan that will ensure the breach is properly handled and reported to the Data Protection Commissioner within 72 hours of detecting the breach. Read more

8:30AM – 5:30PM

Email us:

Call us: