Security

Security | Nov 29, 2021

New Lloyd's cyber insurance clauses: buyers, make sure you read the "war" exclusions closely

"Underwriters should consider... the impact on exposures across the portfolio."

Security | Nov 25, 2021

This RAT is hiding in “February 31” in the Linux calendar -- and card skimming is moving from the browser to the server

Sophisticated new malware is attacking ecommerce servers

Security | Nov 24, 2021

Cloud Postgres honeypots breached within seconds -- and your IP filter is unlikely to save you

IP-blocking won't do much...

Security | Nov 18, 2021

"Keys to the cloud" stored in plain text in Azure AD security blooper

"It is best to assume that the credentials may have been compromised..."

Security | Nov 18, 2021

Understanding Cyber Essentials' five core technical controls

At just £300 and with free insurance, you'd be mad not to...

Security | Nov 15, 2021

BitLocker used to attack servers in "intrusion with almost no malware"

Hackers breached an organisation running on-premises Microsoft Exchange servers and after moving laterally proceeded to encrypt systems domain wide, using Microsoft's own BitLocker tool rather than malware associated with a Ransomware-as-a-Service group, analysts writing for The DFIR report said Monday. Dubbing it an "intrusion with almost no

Security | Nov 15, 2021

FBI software vulnerability let hacker send thousands of emails from a federal domain

FBI blames "software misconfiguration". It could have been a lot worse...

Security | Nov 11, 2021

Critical pre-auth RCE revealed in Palo Alto Networks' GlobalProtect

Wait, what? (Patch this one urgently...)

Software | Nov 10, 2021

Consistently patch these AD updates or your unpatched Domain Controllers will fail

Patch carefully and promptly as ever.

document.currentScript.parentNode.innerHTML = (parseInt(document.currentScript.closest('.iteration-container').dataset.length)).toString();