The battle against phishing, spam, and malicious emails is never ending. 3.1 billion domain spoofing emails are sent every single day, forcing email provider filters to work extra hard to filter out malicious emails and prevent them from reaching inboxes. In this ongoing, multifaceted battle, DMARC email authentication is one way that every organisation can…
Information security is important to everyone. Many of your current and future clients may add ISO 27001 certification as a condition of doing business with you, putting you in a position where you need to start assessing your policies, processes, and procedures. While ISO 27001 alone won’t guarantee you have effective information security practices in…
Not all malware are created equally. And of all the malware out there, the Emotet malware is one of the most potent. Throughout its long life, Emotet has been linked to major malware attacks, and has consistently topped the Global Threat Index since September 2020. The only exception was a relatively quiet November, during which…
The new WhatsApp privacy policy released this week raised several key questions for data protection experts everywhere (and everyone else really). The new privacy policy sets out the information that WhatsApp shares with Facebook, and makes it clear that this policy is non-negotiable – if you don’t like WhatsApp sharing your data with Facebook, your…
What happens after a data breach? Discovery of a data breach is only the tip of the iceberg. Even as companies complete their initial incident response and begin their recovery, trying to minimise the leak and reduce the damage, the chances are that the stolen data has already been passed onto the next stage of…
You may have seen the interesting tale of Cellebrite’s Signal hack claims that they cracked Signal’s at rest encryption, giving them access to encrypted messages on the app when they are physically on the device. This claim was quickly ridiculed, Cellebrite had to roll back their blog giving away their secrets, and Signal’s creator, Moxie…
2020 has been a busy year for cybersecurity around the world with hacks, ransomware attacks, and data breaches making the news on a regular basis. According to analysts there were double the number of cyber attacks in 2020 than in 2019. Some of this increase follows trends from previous years, but it also appears as…
The US Treasury cyber attack is yet another example that absolutely anyone can be the victim of a cyber attack, and another warning that cyber attackers are becoming ever more sophisticated. This time, it was a sophisticated supply chain attack that allowed the US Treasury, and at least one other US government department or agency…
As cyber security professionals, we constantly remind the people around us that it’s not if a cyber attack will happen, it’s when a cyber attack will take place. No organisation is exempt from at least an attempt to hack them, and the FireEye cyber attack, on one of the world’s leading cybersecurity firms is no…
Cyber security mistakes made by individuals are the most common cause of cybersecurity breaches. Learn how to avoid making these mistakes and protect your networks
