What’s happened? The FBI has published a warning about a ransomware gang called the OnePercent Group, which has been attacking U.S. companies since November 2020. How are companies being attacked by the OnePercent gang? The gang emails targeted individuals inside an organization using social engineering tricks to dupe the unwary into opening a malicious Word document contained within an attached ZIP file. And the attachment encrypts data on the user’s PC? Not quite. Macros embedded…

Since 2008, the CIS Controls have been through many iterations of refinement and improvement, leading up to what we are presented with today in CIS Controls version 8. CIS Controls reflect the combined knowledge of experts from every part of the ecosystem (companies, governments, and individuals). The controls reflect consideration by people in many different roles such as threat analysts, incident responders, solution providers, policy-makers, and more. This work is the wisdom collected from experts…

When employees were asked to work from home at the start of the COVID-19 pandemic, some people struggled to adapt. Isolated from colleagues and lacking the structure of office life, it felt like it would be a long, tiring wait until working life returned to normal. But in the year and a half since, we have come to accept that remote working is here to stay – although perhaps not quite as prescriptively as before….

Personal and clinical data of more than 73,000 patients have been affected by a “sophisticated ransomware cyber-attack” on a private medical clinic in Singapore. In a press release, Eye & Retina Surgeons revealed the attack took place on 6 August, compromising sensitive data including patients’ names, addresses, ID card numbers, contact details and clinical information. However, no credit card or bank account details were accessed or compromised in the incident. “Patients are now being progressively…

The UK government’s preferred candidate to be the next information commissioner will be John Edwards, who currently serves as New Zealand’s current privacy commissioner. The information commissioner plays an increasingly important role in the UK’s regulatory landscape following the country’s departure from the EU. The Information Commissioner’s Office (ICO) is an independent body that regulates the GDPR and its UK equivalent, the Data Protection Act 2018, as well as the Freedom of Information Act, the…

Over 1850 teenagers signed up for a government-backed cybersecurity skills initiative this summer, a record number, according to the National Cyber Security Centre (NCSC). The CyberFirst summer course is run by the GCHQ off-shoot and went online-only last year during the pandemic. That saw record participation which has been surpassed again in 2021, the NCSC claimed. The number of applications this year was also record-breaking, increasing from 3,909 in 2020 to 4,384. The course itself is open…

Some of the world’s biggest tech companies have committed tens of billions of dollars to improving supply chain security, closing industry skills gaps and driving security awareness among the public, according to the White House. As reported by Infosecurity yesterday, the Biden administration welcomed the CEOs of Microsoft, Apple, Google, IBM and others to a meeting yesterday to discuss the “whole-of-nation” effort needed to address cybersecurity threats.” The result of that encounter has been a…