US-CERT issued an alert on two malware associated with North Korea-linked APT Hidden Cobra

The Department of Homeland Security (DHS) and the FBI issued a joint Technical alert on two strain on malware, the Joanap backdoor Trojan and Brambul Server Message Block worm, associated with the HIDDEN COBRA North Korea-linked APT group.

Source: cyberdefensemagazine Continue reading “US-CERT issued an alert on two malware associated with North Korea-linked APT Hidden Cobra”


How hackers can exploit devices used at home

How hackers can exploit devices used at home

As Americans increasingly fill their homes with smart technology, the risk of hackers exploiting their devices is growing.

Experts say the expanding ecosystem of internet-connected devices such as smart thermostats, home security systems and electric door locks are increasingly susceptible to hackers, including those trying to leverage voice-command devices.

Source: thehill Continue reading “How hackers can exploit devices used at home”

Google and Facebook rack up £6.7bn in GDPR lawsuits on day one

Prominent campaigner Max Schrems says policies don’t go far enough

Google and Facebook rack up £6.7bn in GDPR lawsuits on day oneFACEBOOK AND GOOGLE have both been clobbered with potentially expensive lawsuits on the first day of GDPR compliance.

In the latest instalment of our occasional series “It’s funny because it’s happening to them”, the two giants wrestled with an angry punter and campaigning troll, who filed three suits totalling €3.9bn for Facebook and €3.7bn for Google. That’s $8.8bn or roughly £6.7bn and, let’s just emphasise this, that figure was accrued in a DAY.

The figure comes from multiple lawsuits by Austrian privacy battleaxe Max Schrems, who claims that the measures put in place to comply with GDPR (both companies have attempted to comply) are simply not good enough.

Source: theinquirer

Continue reading “Google and Facebook rack up £6.7bn in GDPR lawsuits on day one”

Review your IT supplier contracts to reflect changing technology & GDPR

GDPR: There are 90 or so clauses that should now be present in a supplier contract and these can be categorised under three main headings: service, legal, and cost. Data security is one of the weakest contract areas.

GDPR is driving a major review of how we handle personal data and sparking much discussion.

Source: scmagazineuk

Continue reading “Review your IT supplier contracts to reflect changing technology & GDPR”

ISACA Special Report: State of Cybersecurity 2018

ISACA recently released the fourth annual ISACA State of Cybersecurity 2018 Report. The research details the worldwide cybersecurity skills gap with an alarming 59 percent of information security professionals reporting unfilled cyber/information security positions within their organizations, and more than half taking at least three months to fill.

While cybersecurity budgets are still increasing, the qualified talent to fill positions is still lagging behind. Other key findings and trends from the research that might peak your interest are:

  • Four in five (81%) security professionals indicated that their enterprises are likely or very likely to experience a cyberattack this year, while 50% of respondents indicate that their organization has already experienced an increase in attacks over the past year.

Source: cyberdefensemagazine

Continue reading “ISACA Special Report: State of Cybersecurity 2018”

The Malicious Use of Artificial Intelligence in Cybersecurity

Criminals and Nation-state Actors Will Use Machine Learning Capabilities to Increase the Speed and Accuracy of Attacks

Scientists from leading universities, including Stanford and Yale in the U.S. and Oxford and Cambridge in the UK, together with civil society organizations and a representation from the cybersecurity industry, last month published an important paper titled, The Malicious Use of Artificial Intelligence: Forecasting, Prevention, and Mitigation.

While the paper (PDF) looks at a range of potential malicious misuses of artificial intelligence (which includes and focuses on machine learning), our purpose here is to largely exclude the military and concentrate on the cybersecurity aspects. It is, however, impossible to completely exclude the potential political misuse given the interaction between political surveillance and regulatory privacy issues.

Source: securityweek

Continue reading “The Malicious Use of Artificial Intelligence in Cybersecurity”

Blog at

Up ↑