Featured

Contributor:
Andrew Avanessian
February 17th, 2015

$1bn financial services attack – Why Defense in Depth could have mitigated the damage

A new report from Kaspersky Labs claims up to 100 banks and financial institutions have been attacked in an “unprecedented cyber robbery”.

Initial estimates suggest that $1bn has been stolen in the attacks, which are believed to have started in 2013 and are potentially still ongoing. It’s thought the attacks have taken place across 30 different countries, including the US, Canada, Germany, Russia, China and Ukraine.

Continue Reading

ATM: Another Targeted Machine

Last week marked the 50th anniversary of the ATM, a device that changed the face of personal monetary transactions forever. According to the ATM Industry Association (ATMIA) there are now close to three million of them worldwide, with over 70,000 in the UK alone where it all began.  On 27th June 1967, the world’s first “hole in the wall” was revealed at Barclays Bank in Enfield, London. Celebrations aside, I’d like to look at exactly what’s going on under the hood from a software perspective.  Is securing them through industry best practice realistic and practical?

Continue Reading


NotPetya ransomware: Attack analysis

On June 27, 2017 a number of organisations across Europe began reporting significant system outages caused by a ransomware strain referred to as Petya. The ransomware is very similar to older Petya ransomware attacks from previous years, but the infection and propagation method is new, leading to it being referred to as NotPetya. Due to the sudden and significant impact of the attack, it was immediately likened to the WannaCry outbreak causing concerns globally. 

Continue Reading


Petya ransomware variant strikes on a global scale

Firms across the globe have been hit by a variant of the Petya or Petwrap strain of ransomware impacting Windows servers, PCs, and laptops. Initial reports suggest this latest attack struck The Ukraine initially but it has quickly spread to many other countries including Russia, Spain, France, the UK, The Netherlands, and the US. Currently the attackers are asking for $300 worth of Bitcoins to retrieve access to data.

Continue Reading


The culture shock (Part 1)

In this blog post, I want to share some of my experiences on how company culture can kill a security project, especially when removing admin rights.

Continue Reading


GDPR – A threat and an opportunity

With just a year to go until GDPR takes effect, there are concerns that around half of businesses may not meet the new data protection standards in time. While the majority of IT security professionals are aware of GDPR, a recent poll found just under half are preparing for its arrival.

Continue Reading