Sign in Subscribe

Topic

Infosec

A collection of 53 issues

Check the superusers

When someone with any kind of authority or access leaves an organisation, it should trigger a review of accounts. Execs, System Owners and Super Users. You should be doing that at least once a year anyway. But also asap when someone like that leaves. To justify this in the past

ICO report on Electoral Commission breach

Sometimes I like to share these kinds of things as they’re good to learn lessons. The ICO has released their report on the breach of the Electoral Commission. Cyber-attack on UK’s electoral registers revealedThe Electoral Commission warns the public to be vigilant for unauthorised use of their personal

Ferrari deepfake scammer

I’ve posted about this kind of thing before, but it’s really interesting as it’s happening more and more. You can’t buy a solution to prevent this. It’s about people and process: Ferrari exec foils deepfake attempt by asking the scammer a question only CEO Benedetto

EDR's can save you

EDR’s have probably been questioned a bit over the past couple of days. “Do we really need them?” kind of questions. This is a good example of how they can save your skin: “We sent them their Mac workstation, and the moment it was received, it immediately started to

Repeated mistakes

When you have an incident and do a Root Cause Analysis (RCA). The ‘What?’ and ‘How?’ are usually easy to determine. Usually. But the most important question that rebuilds trust and shows that you and your teams are in control, is ‘Why?’. You need to understand and communicate the ‘Why?

It's the kids

Security vendor presentations - hooded figures hunched over a laptop. Talk of nefarious technically superior worldwide gangs, nation states and the potential scourge of unstoppable AI. Meanwhile a 17yr old from Walsall in the West Midlands for the lolz with a convincing phone manner. UK cops arrest teen suspect in

State of Ransomware - Sophos

Sophos report on the state of ransomware in critical infrastructure in 2024 here The State of Ransomware in Critical Infrastructure 2024275 IT/cybersecurity leaders from the energy, oil/gas and utilities sector share their ransomware experiences, providing new insights into the business impact of ransomware.Sophos NewsPuja Mahendru Only 31%

AT&T pays hacker

In the space of three(ish) days I’ve linked to articles where hacker payments total almost $25.4m. The latest is $370k paid by AT&T to ‘delete’ the enormous amount of data that was stolen. Proof, apparently, was a video of the data being deleted from Cloud

CISA Red Team report

This is a very good read for security teams. CISA’s Red Team report on how they breached a Federal organisation. CISA Red Team’s Operations Against a Federal Civilian Executive Branch Organization Highlights the Necessity of Defense-in-Depth | CISACybersecurity and Infrastructure Security Agency CISA

Not the Presidents men

Security is all about risk. Identify then mitigate or accept. It’s all a balance. It’s never just about technology or process. Where I’ve seen potential burnout is when security folk just cannot get past the ‘accept’ part. Sometimes with very good reasons. 99% of them are driven