Category: May

We all know that we should change any and all default credentials on a system to something strong and safe right? Well sometimes when people set up systems quickly to test something, or to have a play about, that might not always be the case as one Raspberry pi user […]

Hundreds of thousands of people are being warned that they could have been affected by the March attack on pensions administrator Capita after approximately 90 separate organisations reach out to the Information Commissioners Office (ICO) – the UK body responsible for data protection -for help and advice. Earlier this month, […]

Earlier this month, I posted about the new .zip TLD which had been opened up for sale by google, and the issues it would inevitably bring. Well, it hasn’t taken long for criminal gangs to start using the domains as part of their ever increasing arsenal of devious tricks. Browser-based […]

In their quest to protect Internet users, Meta has issued a lawsuit against Freenom – a domain registrar based in Amsterdam. The reason for the case is the alleged history of the company ignoring abuse complaints about phishing websites while monetising traffic to those abusive domains. Freenom is the domain […]

Russian cybersecurity company Rostelecom-Solar has been linked to a new malware strain which targets industrial control systems (ICS). Mandiant – the US-based, Google-cloud subsidiary announced the discovery of the new malware in a report released May 25th 2023. Called CosmicEnergy, the malware strain was first identified in 2021 after a […]

Scandinavian Airlines (SAS) has been targeted with a ransomware attack which saw its customer facing website and app taken offline for over 24hrs. The attack on Wednesday (24/05/23) is the second attack claimed in the name of a hacking group called Anonymous Sudan. The 1st attack by the gang leaked […]

A critical vulnerability has been discovered in a widely used module used to implement the security authentication technology oAuth. The vulnerability is being tracked as CVE-2023-28131 and is related to the Expo framework. If exploited, the vulnerability can allow malicious actors the ability to gain complete control of a victims […]

Microsoft has released a report detailing Distributed Denial of Service attacks and it makes it quite plain that although this type of attack is quite old, it still has some impact on targeted victims. The report is titled 2022 in review – DDoS attack trends and insights and examines the […]

Users of the Google Chrome browser (and possibly other browsers based on Chromium) will see a change in how the browser identifies encrypted websites later this yesr. Google has plans to retire the padlock icon that appears in the Chrome status bar during a secure HTTPS web browsing session because […]

It really is not a good time to be a Capita cyber security team member – hot on the heals of the ever-continuing saga of their March ransomware attack, the company has not been taken to task by Colchester city council who have started an investigation onto the discovery of […]