Do you know what an .xlsb file is? Hackers do and they are using them in phishing attacks.
Phishing attacks have been high on the cyber news cycle this week – with warnings about various groups, not involved in the Russia Ukraine Conflict, taking advantage of the confusion and sending malware and malicious links out by email.
Advice from the National Cyber Security Centre and the UK Government – actions to take when the cybersecurity risk is high (Russia Ukraine Conflict) – UPDATED 31 March 2022
I wrote a longer article this week on the Octagon blog about the “cyber security gap” that all organisations face – one person company, small and large businesses or mega-corp – the Zero Day attack, no matter what cyber security defences you have in place. In it I outline the issue and several steps everyone can take to help plug this gap. I also touch briefly on the “insider threat”.
Why keeping up with cyber-security news is important
Cars feature in the “Because It’s Friday” post this week – but you can bet that this afternoon I will find another story I could have featured!
This is a weekly round-up of the articles from Smart Thinking Solutions, our specialist cybersecurity, governance and compliance web site.
The articles are mostly quick reads to give you an overview of the cybersecurity threat landscape facing businesses today, with links to the sources. Many of the posts have action points or top tips to help you navigate these threats to your organisations.
Sometimes they are just there to make you smile!
Because It’s Friday. I have an interest in flying cars – doesn’t everyone?
Apple Updates – make sure they are done
Researchers expose a vulnerability in electric vehicle charging stations
The shape of things to come – UPDATED
There may not be direct cyber attacks from the Russia Ukraine conflict but others are taking advantage of the situation
Zero Day attacks – are always going to be a problem and now the cyber-criminals are getting faster at exploiting them
Java vulnerabilities to look out for
Seven arrests but Lapsus$ is still in operating -Okta and Globant UPDATED
Google block’s a North Korean Chrome exploit -UPDATED
Misuse of an Apple Watch by a stalker
If you use a Wyze Cam device – then patches are needed to keep them secure
The blockchain is not the end of the security process
Either you trust Kaspersky or you do not! Sitting on the fence is not good advice.
But probably not for us… UPDATED 30 March 2022
More patches to check – Sophos firewalls
Why auto-updates and patches are a good idea – Google Chrome and Microsoft Edge vulnerabilities patched
IcedID Malware – something you do not want run – so check your Exchange server
MFA is essential but it has it’s issues
Security company changes it’s story – Okta and Lapsus$
National Cyber Security Centre Threat Report 25 March 2022
Privacy by Design – A Google point of view
Time to make your mind up about Kaspersky the Russian security software. There is a lack of trust? UPDATED 26 March 2022
More about “no more passwords”
A plus for child protection on the internet
How much do cyber criminals make? (Part 2). Lapsus$ leader arrested in Oxford.
Do you know what an .xlsb file is? The hackers do and it is another way to obscure their malicious payloads
Because It’s Friday – Artemis the twin of Apollo
