Luas Ransomware

How did you hear about the Luas Ransomware incident? Was it on the news? Online? Facebook? Twitter? Instagram? Or did you happen to visit the website to check some fare information and get confronted by a very basic ransom demand.

Read More
paying ransomware

Some businesses that are affected by a Ransomware incident, make a decision to pay the criminals in order to recover their data. This is usually because they believe it is more expensive to go through the recovery process. If they have poor or non-existent backups, then that may very well be the case, so they…

Read More
Deal with Ransomware

I want to come back to this topic on how to deal with Ransomware. This is because I keep meeting business people in the training that I deliver who, either know of somebody or have themselves, suffered a Ransomware incident.

Read More
Meltdown

You probably can’t have missed the reports about the cyber-Armageddon that are circulating today. Two very significant vulnerabilities have been found in the processor chips that are used by nearly every single computer, tablet, phone and smart toaster.

Read More
2017 Predictions

I don’t see many people who make predictions for the coming year actually come back to review what they predicted. I’m not one of those though, so here is my review. I’ve included the original text below in blue, but the full article for my 2017 predictions is here.

Read More
Dodgy e-mail

I received a dodgy e-mail on my personal account yesterday. I’m surprised the GMail spam filters didn’t catch it and flag it for me. Like last weeks story, this message looked kinda plausible.

Read More
Backdoor

It was revealed a couple of days ago that a widely used application had a backdoor in it. A specific version of CCleaner, a well known utility for doing housekeeping on computers, had been compromised by evil doers. 

Read More
Phishing Subject Lines

What would you expect if you got an e-mail with the subject line of “Security Alert”? How about “Unusual sign-in activity”? You probably expect it to be an e-mail that is trying to raise your awareness about some potential security issue. I’m afraid it is likely not. These are just two examples from the Top…

Read More
Communication is vital after a disaster

Maersk Line were one of the biggest victims of the Petya/NotPetya Ransomware worm that struck on 27th June 2017. Here are some details, in case you missed it. Two weeks later, they are still not back to full operational capacity, but they are doing something really well. The are using the critical competence of communication…

Read More
Petya / NotPetya / Petna

So here we go again with another outbreak of Ransomware, based on the National Security Agency (NSA) hacking tools that were leaked by a hacking group. Some experts are calling this one Petya, as it seems very similar to the Petya Ransomware strain that has been around for over a year.

Read More
WannaCry no more

I’m just going to have a short article this week, just to close off the WannaCry story and counter any of the misinformation that was spread by some supposed “experts”. WannaCry is still circulating and affecting machines, but thanks to the kill switch discovered by @MalwareTechBlog, it is more or less neutralised now. Those machines still…

Read More
Do you WannaCry?

I delayed this week’s blog, just to let some of the dust settle on the whole WannaCry (also known as WCry or WannaCrypt) furore and see if we can learn anything from it that will help protect my readers going forward. I’ll start with some easy background on Ransomware and them explain what was special…

Read More
Evil e-mail

Reports today are somewhat concerning. Below are two examples of evil e-mail that has been doing the rounds in the last day or so. The greeting addresses you by your first/given name and the file that is attached to the e-mail is called after your surname. The postal address shown IS also your address. I’ll…

Read More