I’m Robin, founder of Cydea, the positive cyber security consultancy, and previously lead BAE Systems’ Security Advisory & Technical Services business, recognised by Forrester as one of the leading information security consultancies.
I help businesses defend themselves from cyber crime and thrive in the digital world and has over fifteen years experience including advising numerous boards on how to manage crises resulting from cyber-attack.
If you’re interested in improving how you manage your cyber risk, or need help governing information security at the board level, then get in touch with me via Cydea, or connect on LinkedIn or Twitter.
Vol. 3 Iss. 18 03/05/2020, last updated 10/05/2020 Robin Oldham
This week Mobile Device Management software used to deploy Android malware Check Point is reporting a security incident where attackers managed to infect over 75% of a ‘multinational conglomerates’ Android smartphones and tablets with the Cerberus malware. It’s interesting because it’s the first time I’ve heard of attackers using an organisations Mobile Device Management (MDM) platform to deploy malware. MDM solutions are intended to manage the installation of apps and configuration of company-owned and staff Bring Your Own Device (BYOD) smartphones and tablets.Read more… ( ~6 Min.)
Vol. 3 Iss. 17 26/04/2020, last updated 03/05/2020 Robin Oldham
This week ‘Zero-click’ vulnerability in iOS Mail app San Francisco-based company ZecOps have found vulnerabilities in the built-in iOS Mail app that they claim are being exploited by attackers to compromise senior executives and VIPs. The bugs are so-called ‘zero-click’ meaning that a no user interaction is required: simply receiving an email would be sufficient to compromise the user’s device. The vulnerabilities have existed since iOS 6 (released September 2012) though would need to be combined with others to take control of a device or leak information outside the Mail app.Read more… ( ~8 Min.)
Vol. 3 Iss. 16 19/04/2020, last updated 26/04/2020 Robin Oldham
This week Knowing your customer in the pandemic-age This week the German state of North Rhine-Westphalia is reported to have lost between €30M - €100M through fraudulent COVID-19 support claims before closing a state aid website. Cyber-criminals used phishing campaigns to drive residents to complete applications at fake websites they had established. The personal information was replayed against the official state aid website, but with the bank details changed to match the criminal’s bank accounts.Read more… ( ~6 Min.)
Vol. 3 Iss. 15 12/04/2020, last updated 26/04/2020 Robin Oldham
This week Coronavirus and the cyber-crime economy It is oft-quoted that organisations face an asymmetric threat (attackers need only succeed once; defenders need to get it right every time.) With such language, it is easy to extend that to a belief that cyber threat actors themselves are somehow infinitely scalable, too. That is not to say that the threat profile of many organisations hasn’t changed overnight with the widespread adoption of remote working practices.Read more… ( ~6 Min.)
06/04/2020, last updated 06/04/2020 Robin Oldham
During lockdown over the last week I’ve been working on a project with my friends @boffbowsh, @Rossehkins and @CreaFarrar. It is called TheyHelpYou and it helps put people in touch with Community Hubs. Community Hubs are being set up across the UK to deliver food to 1.5 million people with serious medical conditions who have been told to remain indoors, or ‘shield’, because of Coronavirus (COVID-19). These extremely vulnerable people need to access support hubs to help arrange for food and medicines to be delivered.Read more… ( ~1 Min.)
Vol. 3 Iss. 14 05/04/2020, last updated 06/04/2020 Robin Oldham
Robin’s Newsletter #94 Volume 3. Issue 14. 5th Apr 2020 At Cydea this week we trialled a series called Security Watercoolers, to bring together people to share experiences, knowledge and some informal, lockdown-busting conversation. Thank you to everyone who participated. Especially Phil Huggins, Tim Ward, Tim Orchard, Stephanie Albertina and Jessica Lennard, who co-hosted the sessions through the week on NIST’s Identify, Protect, Detect, Respond and Recover categories respectively. Check out the notes from each session, on the Cydea blog, for some of the insights.Read more… ( ~8 Min.)
Vol. 3 Iss. 13 29/03/2020, last updated 06/04/2020 Robin Oldham
Drop by the Security Watercooler This week I’m going to be trialling an idea around a virtual ‘Security Watercooler’ to break up the day and showcase different viewpoints. Each day will feature a short (20-30min) video call co-hosted with other folks from the security industry. Each day of the week aligns to a different part of the NIST Cybersecurity Framework. So this Monday (quite possibly today when you’re reading this) it’s Identify and I’m going to be talking risk universes with CISO Mentor’s Phil Huggins.Read more… ( ~6 Min.)
26/03/2020, last updated 06/04/2020 Robin Oldham
We released a resource at Cydea today that signposts vendor information for how to securely configure video conferencing, VPN and remote access tools, plus how to find security advisories so you know when to patch these systems. It’s completely open sourced under the Creative Commons Zero (CC.0) licence. Hopefully it proves useful. Please feel free to contribute, raise issues and PRs! Read more on the cydea blog, or jump straight to the remote-working-psirt repo on GitHub.Read more… ( ~1 Min.)
Vol. 3 Iss. 12 22/03/2020, last updated 06/04/2020 Robin Oldham
Last week I eschewed Covid-19 news entirely in favour of the other security stories that might have missed your attention. A lot has changed in the last seven days and it’s disingenuous and, frankly, unavoidable to continue writing this newsletter in that manner. Cyber security marketing has long been about fear, uncertainty and doubt (FUD). Here, I am trying to take a more pragmatic and positive approach to the topic.Read more… ( ~9 Min.)
22/03/2020, last updated 06/04/2020 Robin Oldham
A privacy-focussed list of tracker domains that have been identified by DuckDuckGo’s Tracker Radar for use in ad blocker solutions like pi-hole. At present this is a particularly blunt tool, blocking entire domains, rather than individual trackers. This may result in ‘undesirable behaviour’, i.e. your favourite website/app may stop working. Project website: https://github.com/rto/phased-array Find out more about Tracker Radar at: https://spreadprivacy.com/duckduckgo-tracker-radar/ https://github.com/duckduckgo/tracker-radar Find out more about Pi-hole at:Read more… ( ~1 Min.)