Please welcome our newest member from Dubai, Abid Malik! Abid Malik isn’t just a GRC and cybersecurity advisor—he’s a strategist who turns risk management into business opportunities. With 20+ years of experience across banking, fintech, and multinational sectors, he helps businesses strengthen security, navigate regulations, …
The Psychological Impacts of Cyberattacks This is the first episode of a story related to individuals who, in a matter of moments, transition from “employees” to “rescuers” in the immediate aftermath of a destructive cyberattack. What I Will Call the “Heroes” But what is a …
Biometric Update by Masha Borak
The European Union is making significant strides towards tech sovereignty with the development of EuroStack, a comprehensive technology initiative aimed at reducing dependence on foreign tech giants amid ongoing trade tensions. This ambitious project seeks to bolster the EU’s capabilities in digital services and infrastructure, promoting a self-reliant approach to technology that aligns with its strategic economic and security interests.
EuroStack is poised to enhance data protection, cloud computing, and overall digital autonomy for the EU, marking a pivotal shift in the global tech landscape as Europe navigates the complexities of international trade and tech dominance.
Read more
SecurityWeek by Kevin Townsend
In a novel cyberattack, malicious actors are exploiting the popularity of Trump-themed commemorative coins to distribute malware. This campaign targets supporters through phishing emails that offer a chance to purchase these coins, only to infect their systems with malicious software when they attempt to engage.
The deceptive emails are crafted with convincing details and a call to action that redirects users to compromised websites. This strategy highlights a growing trend of using political memorabilia and current events as bait, reflecting an evolution in social engineering tactics aimed at specific demographic groups.
Read more
Security Affairs by Pierluigi Paganini
Cybersecurity experts are raising alarms about a critical vulnerability in PHP, identified as CVE-2024-4577, which is being exploited on a massive scale. This severe flaw allows attackers to execute arbitrary code on servers running vulnerable versions of PHP, potentially compromising millions of websites and web applications.
The widespread use of PHP in server-side scripting for web development makes this vulnerability particularly dangerous. Security professionals urge immediate patching and updates, as exploiting this flaw can give attackers control over web servers, leading to data theft, site defacement, and further network compromise.
Read more
Dark Reading by Jai Vijayan
The cyber threat group known as SideWinder is intensifying its targeted attacks on the maritime sector, deploying sophisticated tactics to infiltrate networks and steal sensitive information. This group’s activities have raised significant security concerns within the maritime industry, which is crucial for global trade and logistics.
SideWinder’s methods include using advanced malware and phishing attacks to gain access to ship management systems and port authority databases, aiming to disrupt operations and gather strategic data. The escalation of these attacks underscores the need for enhanced cybersecurity measures in critical infrastructure sectors to protect against increasingly adept and persistent threat actors.
Read more
ZDNet by Lance Whitney
A significant cyberattack is reported to be the cause behind recent widespread outages of the social media platform X. This attack highlights the vulnerabilities in digital platforms that are increasingly becoming targets for sophisticated cyber threats.
The cyberattack not only disrupted service for millions of users worldwide but also raised concerns about data security and the robustness of infrastructure against such incursions. The incident has prompted urgent calls for stronger cybersecurity protocols and resilience strategies to shield against future disruptions and potential data breaches.
Read more
Cyberscoop by Derek B. Johnson
Recent findings have revealed multiple vulnerabilities in ICONICS industrial SCADA software, posing significant risks to critical infrastructure systems that depend on this technology for operational control and monitoring. These vulnerabilities could allow cyber attackers to manipulate controls, alter configurations, or even shut down operations, potentially leading to severe consequences in sectors like energy, manufacturing, and water treatment.
The discovery underscores the critical need for continuous vulnerability assessments and prompt patching within industrial systems to safeguard them from potential cyber threats and ensure the continuity of essential services.
Read more
BleepingComputer by Bill Toulas
Switzerland has introduced a stringent new regulation requiring critical sector organizations to report cyberattacks within 24 hours of detection. This rule aims to enhance national cybersecurity resilience by ensuring swift and coordinated response efforts to digital threats.
The legislation covers entities in essential services such as healthcare, transportation, finance, and utilities, emphasizing the importance of transparency and prompt communication in mitigating the impacts of cyber incidents. The move reflects a growing global trend toward tighter cyber regulations as governments seek to fortify defenses against the increasing frequency and sophistication of cyberattacks.
Read more
The Hacker News by Ravie Lakshmanan
Security researchers have uncovered a new polymorphic attack technique that clones legitimate browser extensions to stealthily steal user credentials. This sophisticated method involves altering the code of popular extensions, turning them into trojans that can capture sensitive information such as passwords and banking details without alerting users or security systems.
The findings highlight a significant escalation in browser-based threats, emphasizing the need for users to verify the authenticity of extensions and maintain updated anti-malware solutions. The report calls for heightened awareness and stricter security practices to counteract these deceptive strategies that exploit the trust in commonly used digital tools.
Read more
The Register by Connor Jones
The cyber threat group Rhysida has successfully breached two US healthcare organizations, compromising the personal and medical information of over 300,000 patients. This sophisticated attack highlights the increasing vulnerability of the healthcare sector to cyber incursions, which can have devastating consequences for patient privacy and institutional integrity.
The hackers utilized advanced tactics to infiltrate network defenses and exfiltrate a significant amount of sensitive data, underscoring the critical need for healthcare entities to enhance their cybersecurity measures. This incident serves as a stark reminder of the importance of robust security protocols and continuous monitoring to protect patient information against such malicious activities.
Read more
Cybersecurity Dive by David Jones
The former director of NSA’s cyber division has issued a stark warning that significant job cuts within the agency pose a serious threat to national security. These reductions in cybersecurity personnel come at a time when cyber threats are becoming more frequent and sophisticated.
The former director emphasizes that decreasing the number of skilled cybersecurity professionals undermines the country’s ability to defend against and respond to cyber incidents effectively. This alert calls for urgent reconsideration of budget and staffing decisions to ensure the NSA and other critical security agencies are well-equipped to safeguard national interests in the digital age.
Read more
The Hacker News by Ravie Lakshmanan
A new malware known as SilentCryptoMiner is targeting Russian users by masquerading as legitimate VPN and DPI (Deep Packet Inspection) bypass tools. The malware has already infected approximately 2,000 individuals, covertly mining cryptocurrency using the resources of compromised systems.
This campaign highlights the dangers of downloading software from unverified sources, as attackers capitalize on the demand for privacy tools in regions with strict internet regulations. The incident underscores the need for heightened vigilance and the importance of using trusted channels for software downloads to prevent such deceptive and harmful intrusions.
Read more
BleepingComputer by Lawrence Abrams
Several US cities are issuing warnings about a new phishing scam involving unpaid parking tickets. The scam sends text messages to individuals, falsely claiming they have unpaid parking fines and directing them to a fraudulent website.
Once on the site, victims are prompted to enter personal information, which the scammers can then use for identity theft or financial fraud. This wave of phishing attacks highlights the increasingly cunning tactics used by cybercriminals to exploit everyday situations. Authorities are urging the public to verify any such claims through official municipal channels and to be cautious about providing personal information online.
Read more
The Nation
The Thai National Cyber Security Authority (NCSA) has been ordered to intensify its preparations against potential cyber warfare threats. This directive comes in response to escalating global cyber tensions and the increasing sophistication of potential cyber-attacks that could target critical national infrastructure.
The NCSA’s enhanced focus aims to bolster the country’s defenses by developing more advanced cyber response strategies, conducting regular security drills, and strengthening collaborations with international cybersecurity entities. This proactive approach is designed to ensure the nation remains resilient in the face of growing cyber threats and can effectively mitigate the impact of any cyber-attacks.
Read more
The Guardian by Eromo Egbejule
Internet shutdowns have reached a record high across Africa, with governments increasingly ‘weaponizing’ access to control information and suppress dissent. This trend is alarming advocates for freedom of expression and digital rights, as shutdowns not only curtail civil liberties but also impact economies and disrupt everyday life.
The use of internet blackouts as a political tool is particularly prevalent during protests, elections, and civil unrest, raising serious concerns about the erosion of democratic norms. This pattern underscores the urgent need for international dialogue and policy interventions to protect internet access as a fundamental right and to prevent its use as a tool for political manipulation.
Read more
The Observer by Carole Cadwalladr
This in-depth article chronicles the harrowing experience of a woman whose life was dramatically affected by a relentless campaign of online abuse. It explores the devastating impact of cyberstalking, which included constant harassment, the spreading of personal information, and threats that extended beyond the digital realm into her physical life.
The case study sheds light on the psychological and social repercussions of such targeted attacks, highlighting the insufficient legal protections and the often inadequate response from law enforcement agencies. This story calls for stronger regulatory measures and more robust support systems to protect individuals from cyber harassment and to hold perpetrators accountable.
Read more
The Record by Suzanne Smalley
According to experts, the office of the White House cyber director is poised to receive expanded powers under the Trump administration. This move aims to enhance the national cybersecurity strategy by centralizing authority and improving coordination among various federal agencies involved in cyber defense.
The bolstering of the cyber director’s office reflects an acknowledgment of the growing cyber threats facing the United States and the need for a more unified government response. Experts suggest that this restructuring will enable more effective policy-making and operational decisions in cybersecurity, potentially leading to stronger protections against cyberattacks on national infrastructure.
Read more
BleepingComputer by Bill Toulas
Recent discoveries have revealed undocumented commands in a widely used Bluetooth chip, present in over a billion devices, raising significant security concerns. These hidden commands, if exploited, could potentially allow attackers to execute arbitrary actions on affected devices without the user’s knowledge.
This vulnerability underscores the critical importance of hardware security and the potential risks associated with overlooked or hidden functionalities in common technology components. The exposure of such commands highlights the need for manufacturers to conduct thorough security audits and for users to ensure their devices are regularly updated to mitigate any potential threats arising from such vulnerabilities.
Read more
Security Affairs by Pierluigi Paganini
The Japanese telecommunications giant NTT disclosed a significant data breach impacting approximately 18,000 corporate clients. This breach involved unauthorized access to a wide range of sensitive data, potentially exposing business secrets and personal information.
The incident highlights vulnerabilities in telecommunications networks that can have far-reaching consequences for both the service provider and its extensive client base. NTT has initiated a comprehensive security overhaul and is collaborating with law enforcement to investigate the breach. This event underscores the need for enhanced cybersecurity measures and continuous vigilance to protect against sophisticated cyber threats in an increasingly interconnected world.
Read more
Cybersecurity Dive by Alexei Alexis
The frequency and severity of cyberattacks targeting IT vendors have dramatically intensified, resulting in substantial financial and operational losses. This trend is particularly alarming as IT vendors often serve as gateways to broader networks, making them attractive targets for cybercriminals looking to exploit multiple victims through a single entry point.
These attacks not only disrupt IT operations but also compromise the security of their clients’ data and systems. The article highlights the growing need for IT vendors to implement robust cybersecurity strategies, including multi-factor authentication, regular security audits, and employee training, to mitigate the risks and protect both their assets and those of their clients.
Read more
BleepingComputer by Bill Toulas
An emerging cyber threat involves extortion of YouTubers through the manipulation of copyright strike processes to distribute malware. Cybercriminals are targeting content creators by threatening them with copyright strikes, which can severely impact their channel and revenue unless they comply with demands that often include downloading malware-laden software.
This strategy not only exploits the legal copyright mechanisms but also turns them into a tool for cyber extortion. The practice highlights a new form of cybercrime that blends traditional copyright abuse with digital extortion, significantly complicating the security landscape for online content creators. It underscores the importance of vigilance and legal awareness among YouTubers to protect against such sophisticated and damaging attacks.
Read more
The Register by Iain Thomson
A developer orchestrated a sabotage attack against his former employer by implementing a kill switch that activated upon his dismissal. This deliberate act caused significant disruption to the company’s operations, as critical systems were disabled, leading to downtime and financial losses.
The incident underscores the potential risks associated with insider threats and the importance of maintaining stringent security protocols, especially regarding access control and monitoring of sensitive systems. The company has since taken steps to bolster its security measures and review its policies to prevent such occurrences in the future, highlighting the need for continuous vigilance and robust security practices in the workplace.
Read more
Security Systems News by Cory Harris
Experts in cybersecurity are emphasizing that the fight against cyber threats is an ongoing battle that requires constant vigilance and adaptation. This article discusses the ever-evolving nature of cyber threats and the critical importance of staying proactive in cybersecurity practices.
Industry leaders warn against complacency, highlighting that as technology advances, so do the tactics of cybercriminals. Harris, editor of Security Systems News, advocates for continuous investment in cybersecurity infrastructure, regular updates to defensive strategies, and ongoing training for all staff. The message is clear: the cybersecurity landscape is dynamic and requires perpetual effort and innovation to keep data and systems safe.
Read more
itWire by Grant Titmus
Rapid7’s Chief Scientist, Raj Samani, has issued a stark warning to Australian businesses regarding the escalating threat of ransomware attacks. Samani is urging companies to prioritize their ransomware response policies and strengthen their cybersecurity defenses to combat this pervasive threat.
His call to action comes amid rising incidents of ransomware across Australia, which are increasingly sophisticated and disruptive. The article highlights the necessity for businesses to implement comprehensive security measures, including regular data backups, employee training on phishing awareness, and robust incident response plans. The emphasis is on preparation and resilience, aiming to mitigate potential impacts and ensure business continuity in the face of these cyber challenges.
Read more
CyAN Member Nick Kelly
CyAN Member Nick Kelly provides a detailed analysis of the FY2024 IT and cybersecurity spending across selected ASX 200 companies, revealing significant trends and investment patterns. This report underscores the growing emphasis on cybersecurity in the corporate sector, reflecting increased allocations toward enhancing digital defenses.
Kelly’s analysis points out that despite economic pressures, companies are prioritizing investments in cybersecurity to address the escalating threat landscape. The document serves as a crucial resource for understanding how top Australian companies are strategically positioning their resources to combat cyber threats, offering valuable insights into the prioritization of IT and cybersecurity expenditures in response to evolving challenges.
Read more
Keynote by Dan Elliot
📅 Date: March 12
📍 Location: Peoplebank, Sydney
🔗 Event details
📅 Date: April 1-2
📍 Location: Lille, France
🔗 Event details
📅 Date: March 19
📍 Location: Online
📩 See emails for details
📅 Date: April 14-16
📍 Location: Marrakesh, Morocco
🔗 Event details
📅 Date: April 23-25
📍 Location: Marina Bay Sands, Singapore
🔗 Event details
📅 Date: May 6-8
📍 Location: Dubai World Trade Center, UAE
🔗 Event details
📅 Date: May 8
📍 Location: London, UK
🔗 Event details
📅 Date: May 14-15, 2025
📍 Location: Dubai, UAE
🔗 Event details
📅 Date: June 7-9, 2025
📍 Location: Rabat, Morocco
🔗 Event details
Information Security News House Passes Bill Requiring Federal Contractors to Implement Vulnerability Disclosure Policies SecurityWeek by Eduard KovacsThe U.S. House of Representatives has recently passed a bill that mandates federal contractors to establish vulnerability disclosure policies. This legislative move aims to strengthen the security of …
Last Friday, I attended the launch of The Cost of Domestic Violence to Women’s Employment and Education at the University of Technology Sydney. Written by the renowned researcher and writer Anne Summers, this report lays bare how domestic violence and coercive control disrupts women’s financial …
CyAN recently opposed the now-dead EU “Chat Control” regulatory proposal, and the UK’s push for Apple to remove ADP for UK iCloud users – the latter unfortunately having led to Apple’s removal of end-to-end iCloud encryption for its British customers.
Now, two additional countries in Europe are on the verge of adopting ill-considered mandates for encryption back doors – France, as part of an amendment to its “Narcotrafic” law that would enable access to messages between suspected drug traffickers, and Sweden, in an attempt to mandate the possibility of law enforcement access to encrypted messenger tools – the Signal Foundation has already indicated that it would rather leave Sweden than comply with the latter. CyAN has just published a position statement opposing both.
Encryption is a tool. Like cash, cars, or firearms, encryption can serve good and nefarious purposes alike. The benefits of encryption are well documented – trust, privacy, anonymity, safety, resilience, and security, for citizens and societies alike. Encryption’s benefits include making voting and business safe, protecting dissidents and members of groups that are often threatened, such as human beings who identify as LGBTQ, and more.
At the same time, encryption could be used by fraudsters to encrypt victims’ computers with ransomware. Terrorists may use encryption to avoid intelligence agencies and law enforcement intercepting their messages. The same goes for child sexual abuse messages, drug transactions, and more. And like the three examples named above, it is up to society to democratically decide on an appropriate balance between “good” and “bad” uses of a tool, and if, when, and how to limit, or even ban that tool.
Strong end-to-end encryption’s benefits vastly outweigh the downsides to society from possible abuses. Unfortunately, both law enforcement and intelligence agencies have attempted many times, with varying degrees of success, to legislatively mandate “back doors” into encryption systems when they were unable to otherwise access protected data. Usually presented under the guise of fighting abuses such as child pornography, drugs, terrorism, or financial crime, the past decades have seen multiple misguided moves to mandate third-party access to encryption systems, from 1993’s Clipper Chip in the US, to the current slate of initiatives listed earlier. Methods of gaining such access include key escrow, mandatory additional decryption keys, or legal requirements to implement methods that allow service providers to give authorized third parties access to their customers’ data, to name a few.
The problem with encryption back doors is that they introduce a technical weakness into a security system – one which it is impossible to guarantee will not itself be used by malicious attackers. This can expose private data to malfeasants. Furthermore, the risk of such abuse undermines trust in the things that encryption exists to secure – digital democracy and e-commerce, to name two. Think of it like adding a door to a submarine – sure, it can be done, sure it might make access more convenient, but modern submarine hulls are highly engineered “bubbles” designed to withstand insane pressures. Every time you poke a hole in one, it requires a ridiculous amount of complexity to keep water out, and adds more potential points of failure.
A good example of a back door that has caused real economic damage is the US National Security Agency’s involvement in the development of what would become the DES (Data Encryption Standard) encryption standard in the 1970s. While there was suspicion at the time that the NSA’s recommendation for use of a given type of S-box was an attempt to compromise the new standard for their own benefit – this turned out to actually harden the system. However, at the same time, the NSA insisted on shorter key lengths as part of DES’ adoption by the National Institute of Standards and Technology (NIST) in order to ease brute forcing of DES.
This has come back to bite not only the NSA, but the global economy in the ass in a big way, as the original DES keys became easy to break well before even the introduction of quantum computers, leading to significant cost in replacing DES-based cryptosystems and a loss of trust in a lot of e-commerce and similarly sensitive communications. Furthermore, while the NSA plays a key role in securing US government communications, and has often been a constructive contributor to the security of global data communications, its past involvement in weakening encryption “for the rest of us” means nobody trusts anything that comes out of Fort Meade. Trust takes a long time to build.
I understand that not having back doors will occasionally make the job of law enforcement and intelligence agencies more difficult as they work to protect us from criminals, abusers, and terrorists. However, I also believe that effective investigation of bad actors cannot depend primarily on single technological capabilities. Furthermore, while I oppose legal mandates for use of specific technologies or technological limitations, there exist types of encryption application that allow for investigation while respecting citizens’ privacy. Homomorphic encryption is one such model, allowing for limited searching of known patterns, such as specific child abuse sexual imagery, without decrypting secure datastreams. Obviously these solutions are no panacea, but their very existence significantly weakens the case that back doors are needed for effective investigations.
And let us not forget that criminals do not respect laws – that is what makes them criminal. How would a ban on end-to-end encryption even be enforced, when bad guys will simply turn to messaging tools run out of countries not covered by back door mandates? I’ve yet to see a good argument that addresses this.
Even worse, we haven’t even considered the topic of potential non-technical, administrative abuse by even well-meaning government agencies; there are many examples of law enforcement officers illicitly accessing license plate databases or CCTV footage, for example to identify women they would like to meet. We all have something to hide, or which simply isn’t anyone else’s business – do you completely trust your government agencies, which are after all comprised of fallible human beings, to completely respect your privacy and dignity at all times, if they are somehow able to access what you don’t want to have seen? I don’t.
Encryption is necessary. Demanding to weaken encryption in pursuit of criminals a) doesn’t work, b) endangers citizens, c) undermines safe online business, and d) is lazy policing. Don’t do it.
Information Security News Latin American Orgs Face 40% More Attacks Than Global Average Dark Reading by Nate NelsonOrganisations in Latin America are experiencing a surge in cyberattacks, facing 40% more incidents than the global average. This alarming trend underscores the unique cybersecurity challenges in the …
In today’s rapidly evolving digital landscape, organizations face unprecedented challenges that necessitate establishing a robust framework to navigate operational agility and economic security. This document delves into dynamic resilience, harmoniously integrating these vital components to foster sustainable growth, adaptability, and long-term success. Through a comprehensive examination of the interplay between agility and security, we aim to provide in-depth insights and actionable strategies for how organizations can survive and thrive amid uncertainty, utilizing digital transformation as a powerful catalyst for innovation and stability.
The modern era of digitalization has introduced a new business model marked by the rapid evolution of technologies, shifting customer behaviour, and volatile markets. As organizations compete to remain competitive in this high-velocity world, the imperative for operational agility—acquiring the capacity to respond rapidly to environmental changes—has arisen. However, this flexibility must be complemented by a robust foundation of economic security, guaranteeing that organizations can ride out any probable disruptions and remain financially secure. Dynamic resilience, therefore, emerges as an imperative framework for attaining this delicate balance, enabling organizations to balance their operational capabilities with enhanced security protocols.
Dynamic resilience encapsulates the inherent capacity of an organization to adapt, respond, and thrive amid complicated adversity while safeguarding its core functions and maintaining economic viability. It comprises several key elements:
Through cultivating dynamic resilience, organizations can cope with current challenges efficaciously and prepare for and respond to future discontinuities, setting themselves up for long-term success and expansion.
The realization of dynamic resilience depends on a delicate sense of the interplay between agility and security. As agility promotes quick decision-making and flexibility in operations, security protocols tend to introduce levels of complexity that can undermine those qualities. Organizations must, therefore, attempt to balance these factors carefully to create a seamless operating environment:
For organizations to successfully operationalize the dynamic resilience framework, they have to implement the following strategic steps:
Amidst relentless digital transformation, companies must discover and embrace dynamic resilience as an essential strategic necessity. By combining operational flexibility with strong economic security, businesses are well-positioned to ride current challenges and best positioned for future growth, adaptability, and innovation. The model presented in this paper is a comprehensive framework for organizations that aim to thrive in an ever-more complex and uncertain world, ensuring that they are resilient and robust in the face of change.
Rupesh Shirke, CISSP
Critical Infrastructure Protection | ICS/OT Cybersecurity | Mentor | Speaker | Writer | Global Advisor | Volunteer | Driving Resilient Solutions for a Secure Future
🔗 LinkedIn Profile
