Cyber Security


  • Gaza group strikes targets in Palestinian territories in new cyberattack wave

    February 13, 2020

    A new cyberspying campaign has been detected in the Middle East which is going after victims in Palestinian territories. An investigation into the attacks, conducted by the Cybereason Nocturnus team and made public on Thursday, suggests that one of the Gaza Cybergang groups — also known as MoleRATs — is potentially responsible. Tracked by Kaspersky as three separate factions ...

  • NERC CIP compliance in Azure

    February 12, 2020

    When I did my first North American Electric Reliability Corporation—Critical Infrastructure Protection (NERC CIP) compliance project it was 2009. NERC CIP was at version 3. It was the first mandatory cybersecurity standard that the utility I was working for had to meet. As it does today, the Bulk Electric System (BES) had the responsibility to ...

  • Data Protection Authority Investigates Avast for Selling Users’ Browsing History

    February 12, 2020

    On Tuesday, the Czech data protection authority announced an investigation into antivirus company Avast, which was harvesting the browsing history of over 100 million users and then selling products based on that data to a slew of different companies including Google, Microsoft, and Home Depot. The move comes after a joint Motherboard and PCMag investigation uncovered details of the ...

  • FBI warns about ongoing attacks against software supply chain companies

    February 10, 2020

    The FBI has sent a security alert to the US private sector about an ongoing hacking campaign that’s targeting supply chain software providers, ZDNet has learned. The FBI says hackers are attempting to infect companies with the Kwampirs malware, a remote access trojan (RAT). “Software supply chain companies are believed to be targeted in order to gain ...

  • U.N. Hack Stemmed From Microsoft SharePoint Flaw

    January 30, 2020

    Hackers breached the United Nations network in July by exploiting a Microsoft SharePoint vulnerability, according to reports. The breach, which appears to be an espionage operation, reportedly gave the hackers access to an estimated 400 GB of sensitive data. The breach was swept under the rug by the U.N. until this week, when an internal document ...

  • DOD contractor suffers ransomware infection

    January 29, 2020

    Electronic Warfare Associates (EWA), a 40-year-old electronics company and a well-known US government contractor, has suffered a ransomware infection, ZDNet has learned. The infection hit the company last week. Among the systems that had data encrypted during the incident were the company’s web servers. Signs of the incident are still visible online. Encrypted files and ransom notes ...

  • Maritime minister undertakes future of shipping industry tour, as ports cyber security guidance is updated

    January 28, 2020

    Maritime Minister Nusrat Ghani has today (28 January 2020) finished off a tour of southern ports to see the innovative work underway to future-proof the maritime industry, including discovering how plans were developing for an autonomous ship to sail independently across the Atlantic for the Mayflower’s 400th anniversary. Beginning in the Port of Plymouth yesterday, the ...

  • Huawei set for limited role in UK 5G networks

    January 28, 2020

    The UK has decided to let Huawei continue to be used in its 5G networks but with restrictions, despite pressure from the US to block the firm. The Chinese firm will be banned from supplying kit to “sensitive parts” of the network, known as the core. In addition, it will only be allowed to account for 35% ...

  • Exercise Crossed Swords 2020 Reached New Levels of Multinational and Interdisciplinary Cooperation

    January 26, 2020

    The 6th iteration of the annual cyber exercise Crossed Swords in Riga, Latvia, brought together more than 120 technical experts, Cyber Commands´ members, Special Forces operators and military police. Organized jointly by the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) and CERT.LV, Crossed Swords has evolved from a purely technical red teaming workshop into a one ...

  • Fake Smart Factory Honeypot Highlights New Attack Threats

    January 24, 2020

    A honeypot set up to observe the current security landscape in smart manufacturing systems observed numerous threats—including cryptomining malware and ransomware—in just a few months, highlighting the new threats that industrial control systems (ICS) face with increased exposure to the internet. While in the past ICS networks were traditionally proprietary and closed systems, the advent of ...