Feb 2024
Cybercrime doesn't stand still - know how and when to act
As technology, systems and software become more sophisticated, so do the threat actors and their methods for infiltration.
![](/sites/default/files/styles/team_profile_100/public/2021-09/neil.robertson.jpg?h=689fb0ed&itok=acB7sOr7)
VCISO Lead
Even the simplest, everyday technologies such as QR codes can lead to a significant breach, loss of revenue and reputational damage. In this ever-changing landscape, this is what your organisation should be looking out for and implementing protections for.
Ransomware and denial of service are increasingly popular methods of attack, accounting for almost half of cyber breaches in 2023.
These attacks continue to be professionalised by ransomware gangs, many of whom operate a software-as-a-service model of ransomware to other criminals (affiliates) less skilled than themselves. These sophisticated and talented gangs provide easy to use tools, training and support as part of their criminal service, enabling hassle-free scale-up.
Many ransomware attacks are leveraging ‘zero day’ attacks where hackers can exploit a flaw before developers are aware of the vulnerability. Attacks using publicised vulnerabilities are becoming more timely, exacerbating the need for companies to patch swiftly, especially for internet facing vulnerabilities.
Some cyber criminals focus on capturing valid credentials to easily facilitate the start of an attack and sell these credentials on a marketplace called an Initial Access Broker (IAB) market. The IAB market is booming with threat actors harvesting valid credentials of companies and organisations to sell onto others. Virtual Private Network (VPN) and Remote Desktop (RDP) credentials are particularly sought after as they provide direct access into a company network.
Find out more in the full article published by ALARM here: https://www.alarmrisk.com/resource/cyber-crime-doesn-t-stand-still-know-how-and-when-to-act.html
Cyber report spotlight: Ex-employee wipes 180 servers after being fired
An ex-employee in Singapore has been jailed for using their administrative access to wipe 180 servers, four months after leaving the company.
Cyber Report Spotlight: London Hospitals declare ‘critical incident’ following cyber attack
Following a cyberattack on a key supplier, several London hospitals declared a ‘critical incident’ as they lost the ability to carry out key patient services.
![Billy Pickin](/sites/default/files/styles/team_profile_/public/2022-10/Billy%20Pickin.jpg?h=98704c57&itok=7hFGph1F)
Diving into the data pool: Navigating the upcoming O365 storage changes for higher education
The way that storage works across Microsoft O365 is changing significantly for all educational tenants from August 1st 2024 (upon contract renewal). Depending on your organisation’s usage,…