Scheme allegedly targeted over 10,000 victims
Ukrainian Cops Bust Multimillion-Dollar Phishing Gang
Thousands scammed by spoofed EU portals
What are “information assets”?
Control 5.9 in ISO/IEC 27002:2022 recommends an inventory of information assets that should be “accurate, up to date, consistent and aligned with other inventories”. Fair enough, but what are ‘information assets’? What, exactly, are we suppo…
Authorised exemptions
Inspired by an exchange on the ISO27k Forum yesterday morning, I wrote and published a simple 2-page exemptions policy template for SecAware. In essence, after explaining what ‘exemptions’ are, the policy requires that they are authorised after du…
Leaky Access Tokens Exposed Amazon Photos of Users
Hackers with Amazon users’ authentication tokens could’ve stolen or encrypted personal photos and documents.
Cybersecurity Researchers Launch New Malware Hunting Tool YARAify
The defensive tool is designed to scan suspicious files against a large repository of YARA rules
New UnRAR Vulnerability Could Lead to Zimbra Webmail Hack
Successful exploitation would give an attacker access to all emails on a compromised server
Amazon Fixes High Severity Vulnerability in Amazon Photos Android App
The vulnerability derived from a misconfiguration of one of the Photos app’s components
Space Force mulls new acquisition approach for next phase of medium, heavy launches
The Space Force hasn’t finalized its plans for Phase 3 of its National Security Space Launch program, but its new acquisition executive said this week it is considering the possibility of including more launch vehicle classes as part of the contract.
Chinese Influence Op Tries to Undermine Western Rare Earth Firms
Micro-targeting of local users a first for Beijing