Threat Intel
Last update we had was when LockBit released a transcript of a chat alleged to be between LockBit and the RoyalMail ransomware negotiator.
Thanks to Domonic far tagging me, we can see an update has occurred on the LB site:
Read more “The RoyalMail Ransomware Saga”
Defence
This is a fast publish!
Confirmed all Office (ISO Install/PRO and 365) when using the Rich Text Format (RTF) method.
Office 365 has some sort of patch against the .DOCX format.
Defence
This is a fast publish
Vmware just released patches for two new vulnerabilities in Workspace One, followed by guidance from CISA to patch by May 23rd or remove the devices from the network/internet!
“All Federal Civilian Executive Branch agencies must complete the following actions:
By 5:00 PM EDT on Monday, May 23, 2022:
Enumerate all instances of impacted VMware products [VMware Workspace ONE Access (Access), VMware Identity Manager (vIDM), VMware vRealize Automation (vRA), VMware Cloud Foundation, and vRealize Suite Lifecycle Manager] on agency networks.
Read more “CVE-2022-22972 & CVE-2022-22973”
Defense
https://csrc.nist.gov/glossary/term/threat
According to those clever people at NIST it is:
“Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, or individuals through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service. Also, the potential for a threat-source to successfully exploit a particular information system vulnerability.” Read more “Threat Modelling 101”
Defense
“Can I have a penetration test please” is about in line with saying “Can I have a car please?”. Why am I writing a blog about this? Well, where do I start, so I have been working on the technology world basically all my career and over the last 20 odd years one area of digital security management that I think a lot of organisations and people struggle with is understanding just what a penetration test is, how it should be used, how long they can take and what is involved. Read more “Understanding Penetration Testing Scopes”
Breach
As reported across major news networks over the world, British Airways has suffered a data breach that not only includes customer data but also includes payment details. Details from 380,000 customers have been accessed by an unauthorised third party. More details can be found on news sites such as:
https://www.theregister.co.uk/2018/09/06/british_airways_hacked/
https://www.bbc.com/news/uk-england-london-45440850
It’s likely that attackers have compromised a web service which is linked to payment services, however no specific details have been released yet so until then we can only speculate.
In this post we look at the information reported by British Airways, guidance for customers from BA, ourselves and NCSC but also we discuss the steps business’s should be taking to ensure they have a strong security posture, especially where customer data is concerned. Read more “British Airways breach”