Ukraine’s secret cyber-defense that blunts Russian attacks: excellent backups

The Kremlin-backed cyberattack against satellite communications provider Viasat, which happened an hour before Russia invaded Ukraine, was “one of the biggest cyber events that we have seen, perhaps ever, and certainly in warfare,” according to Dmitri Alperovitch, a co-founder of Read More …

SpringShell RCE vulnerability: Guidance for protecting against and detecting CVE-2022-22965

On March 31, 2022, vulnerabilities in the Spring Framework for Java were publicly disclosed. Microsoft is currently assessing the impact associated with these vulnerabilities. This blog is for customers looking for protection against exploitation and ways to detect vulnerable installations Read More …

IT outage at Scotland’s Heriot-Watt University enters second week

Edinburgh’s Heriot-Watt University has entered a second week of woe following a vist by an infosec nasty. The 200-year-old institution’s IT team first referred to the crisis as a “security incident” but a spokesperson confirmed to The Register that it Read More …

Billion-dollar logistics giant Expeditors struggling to recover from cyberattack

Logistics and freight forwarding giant Expeditors International announced a cyberattack on Sunday that crippled some of their operating systems and continues to slow their operations around the globe. The Seattle-based freight company, which brought in $10.1 billion in revenue last Read More …

Ukraine: EU deploys cyber rapid-response team

A cyber rapid-response team (CRRT) is being deployed across Europe, after a call for help from Ukraine. The newly formed team of eight to 12 experts, from Lithuania, Croatia, Poland, Estonia, Romania, and the Netherlands, has committed to help defend Read More …

US to attack cyber criminals first, ask questions later – if it protects victims

The United States Department of Justice (DoJ) has revealed new policies that may see it undertake pre-emptive action against cyber threats. Revealed last week by deputy attorney general Lisa O. Monaco, in a speech at the Munich Cyber Security Conference, Read More …

CISA Compiles Free Cybersecurity Services and Tools for Network Defenders

CISA has compiled and published a list of free cybersecurity services and tools to help organizations reduce cybersecurity risk and strengthen resiliency. This non-exhaustive living repository includes services provided by CISA, widely used open source tools, and free tools and Read More …

Telco fined €9 million for hiding cyberattack impact from customers

The Greek data protection authority has imposed fines of 5,850,000 EUR ($6.55 million) to COSMOTE and 3,250,000 EUR ($3.65 million) to OTE, for leaking sensitive customer communication due to a cyberattack. As the agency says in an announcement, COSMOTE infringed Read More …