Shane Chambers No Comments

Thousands of Organisations Compromised by ‘Hafnium’ Email Hack

As the saying goes, there’s no rest for the wicked. Just a few months after behemoth IT management solutions provider SolarWinds was the victim of a major cyber attack, IT professionals across the globe are scrambling to patch their Exchange servers against a new zero-day exploit.

Earlier this month, it was announced that hundreds of thousands of organisations (at least 30,000 in the US alone) had potentially been compromised by a group called Hafnium, who are based out of China and believed to be state-sponsored.

The Hafnium Exchange hack dwarfed the SolarWings hack, which was itself one of the largest organised hacks in recent years.
Read more
Shane Chambers No Comments

Many SolarWinds Customers Still Exposed Online, Despite Well-Publicised Breach

IT management software giant Solarwinds were the victims of what is believed to be one of the largest cyber attacks yet late last year, sending shivers down the spine of much of the tech world. The attack breached SolarWinds monitoring tool Orion, which allowed the hackers to deliver malicious updates to unsuspecting users of the tool for several months.

Now, two months after the breach was discovered, an alarming number of SolarWinds customers still have vulnerable Orion servers exposed to the internet.

SolarWinds, a behemoth IT management solutions provider with over 300,000 customers, was revealed to be the target of a major cyber attack in December 2020.
Read more
Shane Chambers No Comments

More Than Half of Major Cyber Incidents in 2020 Involved Ransomware

With 2020 coming to an end, after what felt like an eternity to many, cybersecurity & technology firm CrowdStrike have released their annual ‘Cyber Front Lines’ incident-analysis report, and it contains much food for thought. One of the more striking figures is that more than half of the cyber attacks they investigated involved ransomware; a form of malware which encrypts any files it can find until a ‘ransom’ is paid. Ransomware attacks are known to be extremely destructive, spreading quickly through networks and shutting down critical operations as they go.

Financially-motivated attacks in general, the majority of which were ransomware-based, made up 63% of the more than 200 incidents they responded to, demonstrating that the file-encrypting malware is big business for cyber criminals, and not going away any time soon.

The 2020 CrowdStrike Services Cyber Front Lines report shows how cyber criminals are becoming increasingly successful at monetising their crimes, wreaking havoc on businesses in the process.
Read more
Shane Chambers No Comments

BA Ends up With £20 Million Fine for 2018 Data Breach

British Airways now hold the dubious honour of receiving the highest data protection fine that the UK has ever seen, after the Information Commissioner’s Office (ICO) handed down a record-breaking £20 million fine. The fine could have been much heftier, however, as the ICO fine was originally slated at well over £150 million. BA negotiated to have to fine reduced on the back of several factors, including how the Covid-19 pandemic has affected their industry and business and the conduction of a more thorough review on how the 2018 incident occurred from a technical standpoint.

The £20 million BA fine is currently the highest ever recieved in the UK for a data breach.
Read more
Shane Chambers No Comments

WordPress Sites Seeing Increased Cyber Attacks Thanks to Plugin Vulnerability

The team behind Wordfence, a popular security plugin for WordPress, have reported seeing a large increase in cyber attacks aimed at WordPress-based websites over the last few weeks. This is believed to be due to a vulnerability in another WordPress plugin, File Manager, which has over 700,000 active installations. While the vulnerability only affects those running certain versions of the File Manager plugin, Wordfence reports that cyber attacks are up across the board, as cyber criminals cast a wide net with their attacks.

An estimated 455 million websites run on WordPress, accounting for more than 30% of sites worldwide.
Read more