On December 4, 2024, four of the five members of the Five Eyes intelligence-sharing group (the United States, Australia, Canada, and New Zealand) law enforcement and cyber security agencies (Agencies) published a joint guide for network engineers, defenders of communications infrastructure and organizations with on-premises enterprise equipment (the Guide). The Agencies strongly encourage applying the
United Kingdom
Joint Advisory Lists Top Routinely Exploited Vulnerabilities
On November 12, 2024, the Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation, and the National Security Agency, along with its security partners in Australia, Canada, New Zealand, and the United Kingdom, issued the cybersecurity advisory “2023 Top Routinely Exploited Vulnerabilities,” outlining top vulnerabilities impacting companies across the free world.
The…
Members of International Sextortion Ring Charged for Stealing $2M From Victims
According to the FBI, it has “seen a huge increase in the number of cases involving children and teens being threatened and coerced into sending explicit images online,” also known as sextortion.
In some cases, the criminal will threaten the teen that they have a revealing picture or video and that they will share…
UK Privacy Watchdog Probes Microsoft’s Controversial “Recall” Feature
The UK’s data privacy regulator, the Information Commissioner’s Office (ICO), is investigating Microsoft over potential privacy concerns with its recently announced AI-powered “Recall” feature for Windows PCs. Microsoft Recall is designed to continuously capture screenshots of a user’s PC activity and use AI to create a searchable computer usage history. While these screenshots would be…
U.K. Unveils Replacement GDPR, then Retracts It
When the U.K. withdrew from the European Union (EU), its General Data Protection Regulation (GDPR) status was one of many headaches for regulators to figure out. After drawn-out negotiations over points such as requiring opt-in or opt-out models, lawmakers had settled mainly on a GDPR-like solution called the Data Protection and Digital Information Bill.
The…
Intelligence Points to Likely Russian Attacks on Critical Infrastructure
The cybersecurity authorities of the United States (including CISA, FBI, NSA and DOE), Australia, Canada, New Zealand, and the United Kingdom released a joint Cybersecurity Advisory (CSA) on April 20, 2022, “to warn organizations that Russia’s invasion of Ukraine could expose organizations both within and beyond the region to increased malicious cyber activity.”
According to…
CISA Issues Alert on Top Exploited Vulnerabilities
On July 28, 2021, the Cybersecurity & Infrastructure Security Agency (CISA) issued a cybersecurity alert entitled “Top Routinely Exploited Vulnerabilities” in collaboration with the Australian Cyber Security Centre, the United Kingdom’s National Cyber Security Centre, and the FBI.
The Alert concludes that cyber criminals are exploiting vulnerabilities in unpatched systems, but that many of the…
Worldwide Plans for Apps and Cards to Prove Your Vaccination Status: Are There Privacy Concerns?
A new commercial has hit the airwaves in Israel. It begins with a door swinging open to reveal a beautiful seaside patio with a couple awaiting their dinners as a voiceover says, “How much have we missed going out with friends?” Well, with the Green Pass “a door simply opens in front of you” and…
U.S. Users Targeted with Phishing Scams More than Users in Other Countries
The statistic that cybercriminals have been unleashing 18 million phishing emails laced with malware on a daily basis into cyberspace during the pandemic is mind boggling, and one that executives should pay attention to when prioritizing resources for user education. Math was never my strongest subject, but 18 million malicious emails targeted at all of…
C-Suite + Managers Pose Higher Security Risk to Organizations
You executives and managers who are in my age group (that is, you didn’t grow up with mobile devices and computers) listen up. According to several studies, you pose a higher security risk to your organization than the up-and-comers you manage.
According to a new survey of 2,000 workers aged 16 to 55+ in the…