John E Dunn
June 21st, 2012

Flame is frightening but don’t hide under the bed

Cyber-weapons set the security bar uncomfortably high. But why make it easy for them?

Imagine a hacking enterprise free to develop malware on the back of an unlimited budget, a small army of elite coders and mathematicians, barely-documented programming, and a clutch of software vulnerabilities the world has never heard of.  Stopping such a program would surely be nigh on impossible.

Continue Reading

Backdoored CCleaner could compromise millions of users

The popular PC cleanup tool, CCleaner has been hijacked by hackers in the latest widespread malware attack. The hack, identified by security researchers at Cisco Talos, found that anyone who downloaded or updated the CCleaner app between mid-August to mid-September also potentially downloaded malware without realising.

Continue Reading

CeX sees 2 million customer details compromised

CeX, the second-hand electronics, and video games retailer has reportedly had the details of two million customers compromised by hackers. The information stolen included names, addresses, email addresses and some phone numbers, as well as a small number of encrypted credit card details.

Continue Reading

Endpoint security success…balance is key!

Navigating the polarised opposites of security and freedom is not easy.This is further compounded when IT departments are under pressure to bring new systems to market that will provide their organisations with a competitive edge.

Continue Reading

ATM: Another Targeted Machine

Last week marked the 50th anniversary of the ATM, a device that changed the face of personal monetary transactions forever. According to the ATM Industry Association (ATMIA) there are now close to three million of them worldwide, with over 70,000 in the UK alone where it all began.  On 27th June 1967, the world’s first “hole in the wall” was revealed at Barclays Bank in Enfield, London. Celebrations aside, I’d like to look at exactly what’s going on under the hood from a software perspective.  Is securing them through industry best practice realistic and practical?

Continue Reading

NotPetya ransomware: Attack analysis

On June 27, 2017 a number of organisations across Europe began reporting significant system outages caused by a ransomware strain referred to as Petya. The ransomware is very similar to older Petya ransomware attacks from previous years, but the infection and propagation method is new, leading to it being referred to as NotPetya. Due to the sudden and significant impact of the attack, it was immediately likened to the WannaCry outbreak causing concerns globally. 

Continue Reading