Posts by pwsadmin
The Cyberattack on Tangerine Telecom
By Tanzeer Hossain In February 2024, Tangerine Telecom, a prominent Australian internet and mobile service provider, became the latest victim of a catastrophic cybersecurity breach. The attacker gained unauthorized access and stole the sensitive information of at least 250,000 customers. This included names, phone numbers, and email addresses. This breach poses serious risks for identity…
Read MoreThe Wannacry Incident
By Tanzeer Hossain In May 2017, a ransomware attack known as “WannaCry” caused a worldwide crisis, severely disrupting computer systems across various sectors. This assault targeted machines running Microsoft Windows that had an unpatched vulnerability by using an attack tool, called “EternalBlue ,” which had been developed by the United States National Security Agency (NSA).…
Read MoreAsessing cyber risks
By Roddy Risk management is central to cyber security. It is impossible to create a fully secure system (even an air-gapped one) so there are always risks to the confidentiality, integrity and availability of any information held or processed in any technology-based system. Obviously, there are risks in any information storage system – paper, memory,…
Read MoreThe Equifax Breach
By Tanzeer Hossain In September 2017, Equifax, one of the largest credit reporting agencies, fell prey to one of the best documented data breaches of late. This breach involved compromising the critical information of approximately 147 million individuals, the vast majority being Americans, with a smaller number in the United Kingdom and Canada. This made…
Read MoreThe SolarWinds Cyber Attack
by Tanzeer Hossain In December of 2020, the world witnessed one of the most sophisticated cyberattacks in history: the SolarWinds supply chain attack. This affected the systems of many substantial organisations, including US Government agencies, private companies and key infrastructure providers. The main objective of this attack was the compromise of software updates distributed by…
Read MoreThe Cost of Ignoring Low-Level Risks
By Roddy The British Library’s report on the cyber attack which it suffered in October 2023 contains some insightful points on early lessons. No 7 is: “The Library’s risk management processes appropriately escalated out-of-appetite security risks for remediation, but were less effective in modelling the amount of low-level risks being carried in aggregate.” “LEARNING LESSONS…
Read MorePasswords
By Roddy Passwords, pah! Old-fashioned, insecure. Don’t cha just hate ‘em? Well no, they’re OK, especially if handled thoughtfully and used with varied user identities (see more on this at the bottom of this post) Yes, experts (notably Microsoft) have been predicting or promoting the abandonment of passwords as an access control method for many…
Read MoreActive vs. Passive Cyber Security
By Roddy. There is a lot of confusing – or inconsistent – terminology in cyber security (‘Tactics’ in the MITRE Att@ck framework?). It might look like this piece is introducing even more potential confusion but I think that distinguishing active from passive security is useful. Cyber security is about lots of things but, ultimately, it…
Read MoreFundamentals of the dark web
By Angela Okeke-Ramos The internet is formed of multiple layers. Similar to the ocean only a fraction of these layers have been explored. While most users are satisfied with content available on the outer layer of the internet; i.e the surface web, some wish to go further and beyond. Known as the dark web, the…
Read MoreThe value of mutual TLS for API authentication
By Robert Grigoras. The security and privacy of data exchanged between different systems through APIs is of utmost importance. API authentication, which verifies the identity of a user or system before granting access to sensitive data or resources, is therefore critical. Mutual Transport Layer Security (TLS) is a widely accepted approach for securing API communication…
Read More3 Ways To Protect Your Privacy On Facebook
By Nick Duley. As technology is becoming an increasing part of our lives. It’s important to protect our privacy and security from online trolls and hackers. Facebook is one of the most common social networks out there and by default, the privacy features for one’s account are very limited. Leaving your personal information open. In…
Read MoreAn honest review Of ‘Undeclared War’ On Channel 4
By Robert Grigoras. Introduction The series is set in 2024, The Undeclared War tracks a leading team of analysts buried in the heart of GCHQ, secretly working to ward off a series of cyber-attacks on the UK in the run up to a general election. When a routine stress test of internet infrastructure goes awry…
Read More