Author Archives: Christian Yng

The security benefits of modern collaboration in the cloud
August 29, 2022

By exploiting cloud services, organisations no longer have to choose between ‘more security’ and ‘better...

New Golang-based ‘Agenda Ransomware’ Can Be Customized For Each Victim

A new ransomware strain written in Golang dubbed “Agenda” has been spotted in the wild,...

29
Aug
Nitrokod Crypto Miner Infected Over 111,000 Users with Copies of Popular Software

A Turkish-speaking entity called Nitrokod has been attributed to an active cryptocurrency mining campaign that...

29
Aug
A CISO’s Ultimate Security Validation Checklist

If you’re heading out of the office on a well-deserved vacation, are you certain the...

29
Aug
Twilio Breach Also Compromised Authy Two-Factor Accounts of Some Users

Twilio, which earlier this month became a sophisticated phishing attack, disclosed last week that the threat...

29
Aug
CISA Adds 10 New Known Actively Exploited Vulnerabilities to its Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added 10 new actively exploited...

29
Aug
Iranian Hackers Exploiting Unpatched Log4j 2 Bugs to Target Israeli Organizations

Iranian state-sponsored actors are leaving no stone unturned to exploit unpatched systems running Log4j to...

27
Aug
Critical Vulnerability Discovered in Atlassian Bitbucket Server and Data Center

Atlassian has rolled out fixes for a critical security flaw in Bitbucket Server and Data Center that...

26
Aug
Hackers Breach LastPass Developer System to Steal Source Code

Password management service LastPass confirmed a security incident that resulted in the theft of certain...

26
Aug
Cybercrime Groups Increasingly Adopting Sliver Command-and-Control Framework

Nation-state threat actors are increasingly adopting and integrating the Sliver command-and-control (C2) framework in their intrusion campaigns...

26
Aug
Information Security: best practice for the construction sector
August 22, 2022

New guidance for businesses of all sizes planning to take part in Joint Ventures....

Threat Report 19th August 2022
August 18, 2022

The NCSC’s threat report is drawn from recent open source reporting....

Journey to the NIST Cybersecurity Framework (CSF) 2.0 | Workshop #1
August 17, 2022

NIST has begun the process to update the NIST Cybersecurity Framework to keep pace with...

Social Engineering Tactics Used in Interrogation 

What comes to mind when you hear the word interrogation? Perhaps, the typical movie scene...

17
Aug
IOTW: Twilio suffers data breach following phishing attack
August 11, 2022

Hackers directly targeted Twilio employees with a phishing attack to gain unauthorized access to employee...

Securing the cloud (by design *and* by default)
August 9, 2022

To reduce data breaches from cloud services, seek out providers who ensure functionality is ‘secure...

Threat Report 5th August 2022
August 4, 2022

The NCSC’s threat report is drawn from recent open source reporting....

Social Media: How to Keep Yourself Safe

Human beings are social animals. We like to stay connected with friends, family and even...

03
Aug
How Rebellion Defence used NCSC For Startups to accelerate product development
July 27, 2022

Unparalleled access to skilled users transformed Rebellion Defence’s product roadmap....

Threat Report 22nd July 2022
July 21, 2022

The NCSC’s threat report is drawn from recent open source reporting....

Implementing the HIPAA Security Rule: NIST Releases Draft NIST SP 800-66, Rev. 2 for Public Comment
July 21, 2022

The initial public draft of NIST Special Publication (SP) 800-66r2 (Revision 2), Implementing the Health...

NIST Updates Guidance for Health Care Cybersecurity
July 21, 2022

Revised draft publication aims to help organizations comply with HIPAA Security Rule....

Information and Communications Technology (ICT) Risk Management in the Enterprise: Two Draft Special Publications Available for Comment
July 21, 2022

NIST is posting two draft Special Publications (SP) on the Enterprise Impact of Information and...

NCCoE Releases Draft Project Description for DevSecOps
July 21, 2022

The National Cybersecurity Center of Excellence (NCCoE) has released a new draft project description, Software...

NICE Webinar: Optimizing Your LinkedIn Profile for Your Cybersecurity Career
July 20, 2022

The presentation slides are available here. Download the Continuing Education Units form. Speakers: Danielle Santos...

QR Codes and CAPTCHA Tests: New Scams in a Digital Age

When you think about a scam, what comes to mind? Perhaps you think about receiving...

20
Jul
Security Guidance for First Responder Mobile and Wearable Devices: NIST IR 8235
July 20, 2022

NIST Internal Report (IR) 8235, Security Guidance for First Responder Mobile and Wearable Devices, is...

Cybersecurity Apprenticeship Sprint
July 19, 2022

THE US DEPARTMENTS OF LABOR AND COMMERCE KICK OFF A 120-DAY CYBERSECURITY APPRENTICESHIP SPRINT The...

NIST opens first online comment period using the SP 800-53 Public Comment Site
July 13, 2022

NIST is leveraging the new Special Publication (SP) 800-53 Public Comment Site for its first...

Threat Report 8th July 2022
July 7, 2022

The NCSC’s threat report is drawn from recent open source reporting....