Smart devices: using them safely in your home
<div>Many everyday items are now connected to the internet: we explain how to use them safely.</div>
<div>Many everyday items are now connected to the internet: we explain how to use them safely.</div>
<div>Risk appetites; what are they, what’s their purpose, how do organisations go about defining them?</div>
<div>Why I'm trying desperately to stop saying 'it depends' when it comes to simple cyber security questions...</div>
<div>The NCSC's Cloud Security Research Lead suggests some approaches to help you get confidence in cloud services.</div>
<div>An updated report from the NCSC explaining how UK law firms - of all sizes - can protect themselves from common cyber threats.</div>
<div>Recommended profiles to securely configure TLS for the most common versions and scenarios, with additional guidance for managing older versions.</div>
<div>How setting up 2SV can help protect your online accounts, even if your password is stolen.</div>
An online retailer always gets users’ explicit consent before sharing customer data with its partners. A navigation app anonymizes activity data before analyzing it for travel trends. A school asks parents to verify their identities before giving out student information. These are just some examples of how organizations support data privacy, the principle that people should have control of their personal data, including who can see it, who can collect it, and how it can be used. One canno
A state-sponsored threat actor has managed to compromise Cisco Adaptive Security Appliances (ASA) used on government networks across the globe and use two zero-day vulnerabilities (CVE-2024-20353, CVE-2024-20359) to install backdoors on them, Cisco Talos researchers have shared on Wednesday. First confirmed activity observed by a Cisco customer dates to early January 2024 but the actual attacks started in November 2023. “Further, we have identified evidence that suggests this capability was bein
<div>The Space Force aims to build upon its foundation of strong partnerships with the commercial sector to maintain the United States' competitive advantage in the frontier warfare domain, a senior service official said.</div>
<div>Cisco warned today that a state-backed hacking group has been exploiting two zero-day vulnerabilities in Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) firewalls since November 2023 to breach government networks worldwide. [...]</div>
<div>Recruiters across the military are challenged every day to bring young people into service. But the chief of naval operations said she thinks the Navy has what young people are looking for — if only they knew more about it.</div>
ArcaneDoor is a campaign that is the latest example of state-sponsored actors targeting perimeter network devices from multiple vendors. Coveted by these actors, perimeter network devices are the perfect intrusion point for espionage-focused campaigns. As a critical path for data into and out of the network, these devices need to be routinely and promptly patched; using up-to-date hardware and software versions and configurations; and be closely monitored from a security perspective. Gaining a f
<div>Google now hopes to start phasing out third-party cookies in early 2025, instead of late 2024 as previously planned.</div>
<div>Google is updating the client-side encryption mechanism for Google Meet to allow external participants, including those without Google accounts, to join encrypted calls. [...]</div>
Threat actors consistently alter and develop their schemes in order to further escalate their payoffs. In a new trend, ransomware affiliates are actively re-monetizing stolen data outside of their original RaaS agreements, especially as financial squabbles between threat actors emerge in the ransomware economy. The affiliates in such instances are starting to work with third-parties or external data leak services in order to re-extort victims who have already paid the ransom to the original atta
<div>Microsoft has enabled Start menu ads in the optional KB5036980 preview cumulative update for Windows 11 22H2 and 23H2. [...]</div>
According to the Department for Science, Innovation and Technology (DSIT), only 17% of the UK cyber sector workforce is female, and this is down from 22% in 2022. To make matters worse, we’re fighting a losing battle against an ever-increasing cyber skills gap. In fact, there’s a shortfall of over 11,000 people to meet the demands of the UK workforce. This issue isn’t exclusive to the UK, however, with ENISA reporting a 300,000 person shortfall in Europe. Plugging that gap is essential to protec
<div>Understand the strategic implementations, impact, and challenges of zero trust adoption across federal agencies and private sectors.</div>
<div>The Federal Trade Commission is sending $5.6 million in refunds to Ring users whose private video feeds were accessed without consent by Amazon employees and contractors, or had their accounts and devices hacked because of insufficient security protections. [...]</div>