Robin's Newsletter - Volume 3 Category

Volume 3 of Robin’s Newsletter covers the year 2020.

  •   Robin’s Newsletter #132 — 2020 Retrospective 27/12/2020
    Strap in and get ready for a recap of the things that I think have been most _interesting_ rather than _highest profile_, in 2020.
  •   Robin’s Newsletter #131 20/12/2020
    SUNBURST attack on U.S. government is both huge, and nothing new. Google suffers multiple outages. Automated attacks on online banking.
  •   Robin’s Newsletter #130 13/12/2020
    FireEye breached by sophisticated actor; $1TN reportedly lost to cybercrime in 2020; Zodiac killer cipher cracker after 51 years.
  •   Robin’s Newsletter #129 06/12/2020
    TrickBot is recovering from CyberCom, Microsoft takedowns, gains UEFI/BIOS capabilities. 'Cold chain' of COVID-19 vaccine targeted. Zero-click exploit in Apple iPhone.
  •   Robin’s Newsletter #128 29/11/2020
    RCEP, cyber cooperation and Asian data sovereignty; UK National Cyber Force; Microsoft's 'Pluton' and US Special Forces buying location tracking data
  •   Robin’s Newsletter #127 22/11/2020
    RCEP, cyber cooperation and Asian data sovereignty; UK National Cyber Force; Microsoft's 'Pluton' and US Special Forces buying location tracking data
  •   Robin’s Newsletter #126 15/11/2020
    No, Apple aren't logging every app you run, but they are brining privacy nutrition labels to AppStore. Tim Berners-Lee's Inrupt launches Solid server. Ticketmaster to appeal £1.25M data breach penalty.
  •   Robin’s Newsletter #125 08/11/2020
    Nothing cyber happened in the US election. Corporate VOIP systems being targeted. Don't pay ransomware gangs to not leak your data.
  •   Robin’s Newsletter #124 01/11/2020
    Marriott's data breach penalty, how the Clean Network Program is changing 5G economics, reverse-engineering redaction and new ransom threat to health data. Plus company naming fun.
  •   Robin’s Newsletter #123 25/10/2020
    DOJ charges Fancy Bear, Doubts over Trump's Twitter password, and digital dilemmas for charity donations.
  •   Robin’s Newsletter #122 18/10/2020
    British Airways fined £20M for data breach; Businesses exploiting contact tracing data; Microsoft's trademark takedown of TrickBot.
  •   Robin’s Newsletter #121 11/10/2020
    Integrity in the UK Test & Trace scheme; ransomware attacks up 50%; a different type of lock-down.
  •   Robin’s Newsletter #120 04/10/2020
    US Treasury issues advisory over ransomware payments; Huawei code quality still really bad; and Singapore's consumer security labels.
  •   Robin’s Newsletter #119 27/09/2020
    YOLOsec, FOMOsec, business value and commodity controls. Plus a couple of examples of how hactivism is evolving.
  •   Robin’s Newsletter #118 20/09/2020
    Domain admin for EVERYONE! APT41/Winnti charged for cyber-espionage and activities against computer games companies. First death leading directly from cyber-attack :-(
  •   Robin’s Newsletter #117 13/09/2020
    China's Global Initiative on Data Security; Ireland's data regulator 'unlikes' Facebook; Who is top of the Cyber Power Index?
  •   Robin’s Newsletter #116 06/09/2020
    Benchmark data from Hiscox's Cyber Readiness Report 2020, MIT's SCRAM, US federal vulnerability disclosure policies, CEO responsibilities and Tesla's fleet-wide hack.
  •   Robin’s Newsletter #115 30/08/2020
    Attempted $1M bribe of Tesla employee in ransomware campaign. NZX trading suspended for four days due to DDOS. Supply and demand in security budgets.
  •   Robin’s Newsletter #114 23/08/2020
    Personal liability for CISOs in data breach cover-ups, 'fraudulent data requests' at Experian and mailto: attachment vulnerability.
  •   Robin’s Newsletter #113 16/08/2020
    Algorithms and accuracy in A-Level exame results. ReVoLTE over 4G misconfiguration. Vaccinating against Emotet.
  •   Robin’s Newsletter #112 09/08/2020
    Bits from Black Hat (satellites, bug bounties and manipulating energy markets), plus Liam Fox's emails and the march of time on seized devices.
  •   Robin’s Newsletter #111 02/08/2020
    Ransomware payments encourage more ransomware attacks. EU cyber sanctions. Three charged in Twitter crypto-scam.
  •   Robin’s Newsletter #110 26/07/2020
    Garmin 'ran somewhere.' UK Test & Trace doesn't have a DPIA. Emotet serving up Hackerman memes.
  •   Robin’s Newsletter #109 19/07/2020
    Schrems II, Huawei, and the battle for digital dominance. Plus the 'Great Twitter Hack,' and All. The. Vulnerabilities.
  •   Robin’s Newsletter #108 12/07/2020
    Hong Kong's new national security law causes headaches for citizens, tech and finance companies. Steal the cash, not the painting. Cosmic Lynx and Russian cyber-criminals' 'synergistic value accelerative opportunity'
  •   Robins Newsletter #107 05/07/2020
    Encrochat and evolving law enforcement tactics prove there is a different want to encryption backdoors. Explosion at Natanz doesn't mean 'Stuxnet 2.' And, don't host your website on Internet Archive.
  •   Robins Newsletter #106 28/06/2020
    Three years on from NotPetya. BlueLeaks and sector-specific aggregation of risk. Minimising harm in breach notification comms. Exfiltrating data using Google Analytics.
  •   Robins Newsletter #105 21/06/2020
    COVID-19 cyber threat update; IoT device vulnerabilities; how to spot like-farming!
  •   Robins Newsletter #104 14/06/2020
    Snowstorm in a Dark Basin: Citizen Lab, MDR Cyber shine light on hackers for hire. Babylon Health breach and lessons from Apple, Amazon, and Google. How far do you go to protect against cyber-harm on your platform?
  •   Robins Newsletter #103 07/06/2020
    REvil launch auction site, while Maze and LockBit team up to pool resources, know-how. Plus inside a BEC scam and DROP DATABASE tickets.
  •   Robins Newsletter #102 31/05/2020
    Cybercrime is boring; Capital One IR report isn't legally privileged; and easyJet target of £18Bn legal action.
  •   Robins Newsletter #101 24/05/2020
    The annual DBIR data-fest, looking in to EasyJet's breach, the importance of audit trails, and Trump's banking details
  •   Robins Newsletter #100 17/05/2020
    Pricing cyber risk from external data, attack on 'UK electricity system' and mining crypocurrency with supercomputers
  •   Robins Newsletter #99 10/05/2020
    Contact tracing apps, password reuse stats, law firm ransomware, and the integrity of systems
  •   Robins Newsletter #98 03/05/2020
    Mobile device management as a vector, turning antivirus against itself and ransomware's long game
  •   Robins Newsletter #97 26/04/2020
    Zero-click vulnerability in Apple's Mail app, surveillance and tracking COVID-19, UK MoD relaxes security requirements.
  •   Robins Newsletter #96 19/04/2020
    Compliance risk and the German state of North Rhine-Westphalia’s loss of €30M-€100M #COVID19 aid because of poor identity verification. Plus DoD and measuring meaningful things. And jumping air-gaps with computer fans.
  •   Robins Newsletter #95 12/04/2020
    Cyber-crime economics of Coronavirus; US Senate bans Zoom; China Telecom and BGP hijacks
  •   Robin's Newsletter #94 05/04/2020
    All the Zoom news distilled, plus Marriott data breach, Morrisons' supreme court win, cloud availability, bug bounty non-disclosures and COVID-19 CTI.
  •   Robin's Newsletter #93 29/03/2020
    FBI COVID-19 scam warning; FIN7 mailing malware USB keys; predicting attacks from Russian APTs.
  •   Robin's Newsletter #92 22/03/2020
    Government cyber advice, examples of phishing campaigns, and things you should patch in the times of COVID-19.
  •   Robin's Newsletter #91 15/03/2020
    Future U.S. cyber strategy; Whisper not-so-secret; wormable Microsoft vulnerability in SMB
  •   Robin's Newsletter #90 08/03/2020
    Cashing in on loyalty points; scam certificate pages and the CIAs password
  •   Robin's Newsletter #89 01/03/2020
    Security awareness without fear; Android malware stealing 2FA codes; click here to sue everybody.
  •   Robin's Newsletter #88 23/02/2020
    Georgia defacement attribution; misusing anti-abuse; Pipeline ransomware.
  •   Robin's Newsletter #87 16/02/2020
    Huawei, Crypto AG, and all the nations doin' all the cybers; plus Emotet.
  •   Robin's Newsletter #86 09/02/2020
    Simon Weckert's Google Maps art installation; IKEA's data promise; and valentine's security awareness.
  •   Robin's Newsletter #85 02/02/2020
    Jumpshot reminds us security isn't privacy; whopping REvil ransom demands; and keep calm/cary on for DPOs.
  •   Robin's Newsletter #84 26/01/2020
    Jeff Bezos' phone hacking; Microsoft's elastic search snafu; ClearView.AI and facial recognition tech.
  •   Robin's Newsletter #83 19/01/2020
    Changing the economics of cybercrime; Windows crypto vulnerability; and rival groups exploiting Citrix.
  •   Robin's Newsletter #82 12/01/2020
    Travelex's ongoing response; £500K penalty for DSG Retail; No patch for Citrix vulnerabilities until end of month.
  •   Robin's Newsletter #81 05/01/2020
    California's Consumer Privacy Act; Travelex systems still offline; the rise of 'data exposures'.