News
Cyber Bakery Chronicles
Your Weekly Cybersecurity Update (13 September 2024).
News
Cyber Bakery Chronicles
Your Weekly Cybersecurity Update (6 September 2024)
Cyber Bakery Chronicles
Your Weekly Cybersecurity Update (30 August 2024)
News
CyberBakery Chronicles
Your Weekly Cybersecurity Update (23 August 2024) * OpenAI Blocks Iranian Influence Operation Using ChatGPT for U.S. Election Propaganda * National Public Data Published Its Own Passwords * Toyota confirms third-party data breach impacting customers * Iranian Cyber Group TA453 Targets Jewish Leader with New AnvilEcho Malware * Thousands of Websites Exposed AWS Credentials,
News
CyberBakery Chronicles
Your Weekly Cybersecurity Update (16 August 2024) * Background Check Company National Public Data Hit by Massive Data Breach Affecting Nearly 3 Billion People * Trojan Malware Campaign Hijacks Browsers, Steals Data of Over 300,000 Users * Australian Gold Miner Evolution Hit by Ransomware Attack * Critical Browser Flaw Exposes Local Networks to
News
CyberBakery Chronicles
Your Weekly Cybersecurity Update (9 August 2024) * Critical vulnerabilities in 6 AWS services disclosed at Black Hat USA * US Offering $10 Million Reward for Iranian ICS Hackers * Ronin Network hacked, $12 million returned by "white hat" hackers * Internet traffic in Bangladesh dropped to near zero * The Department of
Cyber Security
Thoughts on FAIR
I did my FAIR analysis fundamentals course a few years ago and here are my thoughts on it. FAIR stands for Factor Analysis of Information Risk, and is the only international standard quantitative model for information security and operational risk. (https://www.fairinstitute.org/) My interest to learn more about
News
CyberBakery Chronicles
Your Weekly Cybersecurity Update (2 August 2024) * SBOMs: A Crucial Tool Hampered by Standardization Issues * Mysterious Rings and QR Codes: The Emergence of Brushing Scams * France Battles Cyberespionage Ahead of the Olympics * GitHub's Dark Secret: Deleted Data Never Really Dies * Sitting Ducks: DNS attacks enable hackers to take
News
CyberBakery Chronicles
Your Weekly Cybersecurity Update (26 July 2024) * Crucial Seizure: Australian Police Intercept 318 Million Phishing Texts * Protect Your Company: Beware of Fake CrowdStrike Fixes * Google U-Turns on Third-Party Cookie Phaseout * North Korean Hacker Poses as IT Worker in Attempted Cyberattack * KnowBe4 Hires Fake North Korean IT Worker, Catches New Employee
Cyber Security
Our Assumed Trust in Cyber Security Vendors
The recent CrowdStrike incident highlighted the need for thorough assessments of kernel-mode software, emphasising the importance of rigorous security evaluations regardless of certifications or reputation.
News
CyberBakery Chronicles
Your Weekly Cybersecurity Update (19 July 2024) * AT&T Data Breach Exposes Call Records of Nearly All Mobile Customers * 2024 SANS SOC Survey Unveils Top Cybersecurity Trends * Hackers Exploit Newly Released Weaknesses in Minutes, Report Finds * New Ransomware Gang Targets Unpatched Veeam Software * Hackers Up Their Game in NuGet
News
CyberBakery Chronicles
Your Weekly Cybersecurity Update (12 July 2024)
You’re Using More Open-Source Than You Realise
My recent conference presentation on open-source security revealed a common theme. Audience members didn’t realise how pervasive open-source is. Everyone in the audience knew that their organisation uses a fair number of open-source components, but they thought that it only makes up a small percentage of their applications, at