Here’s an insightful and enjoyable way to explore your psyche and vent a little tension at the end of a tough month, week or day.First, find yourself a private space to watch Tears for Fears.Now shout, shout, let it all out: what are the things you cou…
Former Canadian Government IT Worker Pleads Guilty Over NetWalker Ransomware Attacks
The Ontario Court of Justice sentenced Vachon-Desjardins to six years and eight months in prison
North Korea’s Lazarus Group Suspected of $100m Harmony Hack
Elliptic used Tornado demixing techniques to trace the stolen funds to new Ethereum wallets
DragonForce Malaysia Group Releases Windows LPE Exploit and Turns to Ransomware Tactics
The primary objective of the attack was reportedly to get back at the Indian Government
Info-Stealing Campaign Targeted Home Workers for Two Years
ZuoRAT used in operation focused on SOHO routers
Nevadan Arrested for Alleged $45m Metaverse Investment Fraud
Scheme allegedly targeted over 10,000 victims
Ukrainian Cops Bust Multimillion-Dollar Phishing Gang
Thousands scammed by spoofed EU portals
What are “information assets”?
Control 5.9 in ISO/IEC 27002:2022 recommends an inventory of information assets that should be “accurate, up to date, consistent and aligned with other inventories”. Fair enough, but what are ‘information assets’? What, exactly, are we suppo…
Authorised exemptions
Inspired by an exchange on the ISO27k Forum yesterday morning, I wrote and published a simple 2-page exemptions policy template for SecAware. In essence, after explaining what ‘exemptions’ are, the policy requires that they are authorised after du…
Leaky Access Tokens Exposed Amazon Photos of Users
Hackers with Amazon users’ authentication tokens could’ve stolen or encrypted personal photos and documents.