Daily NCSC-FI news followup 2020-07-13

The NCSC-UK’s Exercise in a Box tool set has been updated to help organisations keep their employees safe while working from home

www.zdnet.com/article/remote-working-this-free-tool-tests-how-good-your-security-really-is/ The ‘Home and Remote Working’ exercise has been added to the NCSC-UK’s Exercise in a Box, a toolkit designed to help small and medium-sized businesses prepare to defend against cyber attacks by testing employees with scenarios based around real hacking incidents – and lessons on how to respond.

US Secret Service creates new Cyber Fraud Task Force

www.bleepingcomputer.com/news/security/us-secret-service-creates-new-cyber-fraud-task-force/ CFTF’s main goal is to investigate and defend American individuals and businesses from a wide range of cyber-enabled financial crimes, from business email compromise (BEC) scams and ransomware attacks to data breaches and the illegal sale of stolen personal information and credit cards on the Internet and the dark web.

Injecting Magecart into Magento Global Config

www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/injecting-magecart-into-magento-global-config/ This attack shows the relative ease in which a Magento system can be compromised to inject malicious JavaScript into web pages.

You might be interested in …

Daily NCSC-FI news followup 2019-06-22

NASA hacked because of unauthorized Raspberry Pi connected to its networkA: www.zdnet.com/article/nasa-hacked-because-of-unauthorized-raspberry-pi-connected-to-its-network/ A report published this week by the NASA Office of Inspector General reveals that in April 2018 hackers breached the agency’s network and stole approximately 500 MB of data related to Mars missions. The point of entry was a Raspberry Pi device that […]

Read More

Daily NCSC-FI news followup 2020-01-06

The Hidden Cost of Ransomware: Wholesale Password Theft krebsonsecurity.com/2020/01/the-hidden-cost-of-ransomware-wholesale-password-theft/ Moral of the story: Companies that experience a ransomware attack or for that matter any type of equally invasive malware infestation should assume that all credentials stored anywhere on the local network (including those saved inside Web browsers and password managers) are compromised and need to […]

Read More

Daily NCSC-FI news followup 2019-11-17

Indian officials acknowledged on October 30th that a cyberattack occurred at the countrys Kudankulam nuclear power plant. thebulletin.org/2019/11/lessons-from-the-cyberattack-on-indias-largest-nuclear-power-plant/ While reactor operations at Kudankulam were reportedly unaffected, this incident should serve as yet another wake-up call that the nuclear power industry needs to take cybersecurity more seriously.. The problem of cybersecurity is not new to the […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.