Tags
June 2022
June 2022
- Process
- People, Process, Technology
- Interpol
- Health and Location Data Protection Act
- Health
- GDPR
- Fraud
- Data protection
- Business Email Compromise
- Zero-day
- Tesla
- Telecommunications
- RSA Conference
- RSA
- Qbot
- Mandiant
- LockBit
- Known Exploited Vulnerabilities (KEV)
- Follina
- Conti
- Computer Fraud and Abuse Act (CFAA)
- China
- Website defacement
- Privacy legislation
- Privacy
- Microsoft
- Manfuacturing
- Governance
- Digital Shadows
- Confluence
- Atlassian
May 2022
May 2022
- Verizon
- Software supply chain
- Digital Identity
- Data Breach Investigations Report (DBIR)
- Data Breach
- Clearview AI
- Business Email Compromise (BEC)
- XorDdos
- Singapore
- REvil
- Greeland
- Cyber skills
- Costa Rica
- Security labels
- Ransomware
- Immigration and Customs Enforcement (ICE)
- Colonial Pipeline
- UNC2524
- Salesforce
- Password
- Mergers & Acquisitions (M&A)
- Heroku
- FIDO Alliance
- Certified Cyber Professional
- Ukraine
- Sabotage
- Russia
- Privacy nutrition labels
- Election
- Cyber-norms
- Cost Rica
April 2022
April 2022
- Java
- ECDSA
- Cyberpunk
- Cybercrime
- Cyber safety
- Cyber harms
- RaidForums
- Power grid
- Lazarus
- ICS Attacks
- Decentralised Finance (DeFi)
- Cyber-heist
- Cryptocurrency
- Stangnant systems
- Security Metrics
- Sandworm
- Mailchimp
- Mahesh Bank
- Hydra marketplace
- Cyclops Blink
- wiper
- Viasat
- Sitel
- Satellite
- Okta
- Lapsus
- Department for Digital, Culture, Media and Sport (DCMS)
- Cyber Security Breaches Survey
- Board
March 2022
March 2022
- SolarWinds
- Risk concentration
- Risk aggregation
- Resilience
- Key Risk Indicators
- Key Performance Indicators
- IC3
- Capabilities
- Ukraine IT Army
- Satellite communications (satcom)
- protestware
- Online Safety Bill (UK)
- Online Safety Bill (UK legislation)
- Initial Access Broker (IAB)
- General Data Protection Regulations (GDPR)
- Exotic Lilly
- Cyber war
- Information warfare
- Distributed Denial of Service (DDoS)
- Disinformation
- Cyber-crime
- Conti Ransomware
- Conti (ransomware gang)
- APT41
- Anonymous
- Privacy Shield
- AON
February 2022
February 2022
January 2022
January 2022
- UK Government
- Let’s Encrypt
- Hacktivist
- Hacktivism
- Cyber strategy
- Cyber Essentials
- Belarus
- Balrusian Railways
- Trustworthy Computing
- No Place To Hide
- Merck
- Information Commissioner’s Office (ICO)
- Home Office (UK)
- End-to-end encryption (E2EE)
- Encrochat
- Cyber insurance
- Crypto.com
- Crypto-wars
- An0m
- Act of War
- Sodinokibi
- Security Programme
- Security Obstructionism (SecObs)
- Risk identification
- General Data Protection Regulation (GDPR)
- Digital Transformation
- Democratic People’s Republic of Korea (DPRK)
- UK Information Commissioner
- Positive Security
- Phishing
- NortonLifeLock
- Google Docs
- Federal Trade Commission (FTC)
- Crypto-mining
- Predicitions
December 2021
December 2021
November 2021
November 2021
- Tardigrade
- Product Security and Telecommunication Infrastructure Bill
- Nigeria
- Internet of Things (IoT)
- Internet of Things
- GoDaddy
- Diversity
- Cyber-espionage
- Biomanfuacturing
- Rowhammer
- Private Key Infrastructure (PKI)
- National Security and Investment Act 2021
- Monzo
- Emotet
- Vulnerability disclosure
- Offensive security tools
- National Transport Safety Board (NTSB)
- Federal Bureuax of Investigation (FBI)
- Ethics
- Cyber defence
- Client-Side Scanning (CSS)
- Child Sexual Abuse Material (CSAM)
- Unicode
- Trojan Source
- Personal Information Privacy Law (PIPL)
- Facial recognition
October 2021
October 2021
- Security engineering
- Secure product
- Federal Communications Commission (FCC)
- ENISA
- China Telecom
- BGP hijacking
- Export controls
- White House
- Cryptography
- UK High Court
- Twitch
- Syniverse
- Pegasus (spyware)
- NSO Group
- Facebook inc
- Cloud
- Seamless SSO
- Monoculture
- Cyber Risk
- Brute force
- Azure AD
- Azure
September 2021
September 2021
- United Arab Emirates (UAE)
- Release the hounds
- Kaseya
- Dimitri Alperovitch
- Defend Forward
- BlackMatter
- Profession
- Passwords
- Passwordless
- OWASP Top 10
- Open Web Application Security Project (OWASP)
- Open Infrastructure Manager (OMI)
- OMIGOD
- Wireless charging
- User behaviour
- Threat model
- Side-channel attacks
- Proton Mail
- National Security Agency (NSA)
- Juniper
- Encryption backdoors
- Encryption
- Surveillance
- Proxyware
- Google Firebase
- Apple
August 2021
August 2021
- Surveillance state
- Secure by design
- Data protection regulation
- Data broker
- Cosmos DB
- T-Mobile
- Securities Exchange Commission (SEC)
- Pearson
- Moral outrage
- Investor relations
- Machine learning (ML)
- Machine learning
- iCloud Photos
- iCloud
- Doxxing
- Cyber Runway
- Code poisoning
- Chiled sexual abuse
- Trusted Platform Module (TPM)
- Mass-surveillance
- Cyber offense
- Biometric authentication
- Spoofing
- PrintNightmare
- President Biden
- AIS
July 2021
July 2021
- Risk management
- Hafnium
- Data Sovereignty
- APT 40
- APT 31
- Windows Print Spooler
- Online anonymity
- Leaks
- Information Comissioner’s Office (ICO)
- Great Firewall of China
- Great Firewall
- CCTV
- Supply chain
- Random Number Generators
- Kaspersky Password Manager (KPM)
- Kaspersky
- John Deere
- CVE-2021-34527
- Taskforce on Innovation, Growth and Regulatory Reform (TIGRR)
- European Union
June 2021
June 2021
- Safety by Design
- MITRE
- Joint Cyber Unit
- eSafety
- D3FEND
- ATT&CK
- South Korea
- Law enforcement
- Cl0p
- General Practice Data for Planning and Reearch (GPDPR)
- Electronic Arts (EA)
- Crpyto-wars
- Computer games
- Threat modelling
- Policy
- macOS
- Lawful Access
- iOS
- JBS
- Games cheats
- FireEye
- Economics
- DarkSide
- Credit risk
- Breach costs
May 2021
May 2021
- U.S. Military
- U.K. National Cyber Force (NCF)
- Privacy defaults
- Operation Venetic
- Nuclear weapons
- NHS Digital
- Email security
- Cybercrime economics
- Amazon Sidewalk
- Technology detection dogs
- Healthcare
- Health Services Executive (HSE)
- Colonial Pipelines
- Axa
- Asia
- West Midlands Trains
- Security engagement
- Security awareness
- Public exploits
- Phishing simulation
- Information Security Maturity Report
- DBIR 2021
- CyberUK
- ClubCISO
- 10 Steps to Cyber Security
- Royal United Services Institute (RUSI)
- Moriya
- Energy networks
- Energy
- Cyber power
- Critical infrastructure
- Command and Control (C2)
- Biometrics
- BAE Systems
- SS7
- Smishing
- Reputation
- Physical threat
- Operational resiliance
- Metropolitan Police Department (Washington DC)
- Law enforcement takedown
- Confidential informant
- Canada
- Boris Johnson
- Beavers
- Babuk
April 2021
April 2021
- Security poverty line
- Scraping
- Quanta
- Cellebrite
- Balkanisation
- Solorigate
- Sanctions
- Microsoft Exchange
- Federal Bureau of Investigation (FBI)
- Cheese
- TUI
- Gender bias
- Cyber-physical
- Censorship
- Algorithms
- UK Cyber Council
- Software supply chain attacks
- Scottish Environmental Protection Agency (Sepa)
- Risk margins
- PHP
- CompuCom
March 2021
March 2021
- Open Source Intelligence (OSINT)
- Open Source
- FatFace
- CNA (Insurance Company)
- U.K. National Cyber Strategy
- SMS
- Sensors-as-a-service
- Multi-factor authentication
- Account recovery
- Verkada
- Spectre
- ProxyLogon
- Intellectual property theft
- Insider Threat
- Bitflipping
- Artificial Intelligence (AI)
- Art
- Alorithm integrity
February 2021
February 2021
- Solorwinds
- Initial Access Brokers (IABs)
- Bad IR
- Accellion
- SIEM
- Security vs Usability
- Mitre ATT&CK
- GRU
- Exaramel
- European Commission
- EU-UK Data protection adequacy
- Citibank
- Agence Nationale de la Sécurité des Systèmes d’Information (ANSSI)
- The Long Hack
- The Big Hack
- TeamViewer
- Supermicro
- Package managers
- Isis
- Industrial control systems
- Dependency confusion
- Cyber-warfare
- Bloomberg
- Trustwave
- SpamCop
- Interoperability
- Cleaview AI
- Cisco Talos
- Cisco
January 2021
January 2021
December 2020
December 2020
November 2020
November 2020
- Vishing
- UK National Cyber Force (NCF)
- UK National Cyber Force
- Sopra Steria
- Public health
- Measurement
- Home Depot
- Cyber public health
- USSOCCOM
- Speculative Execution
- Regional Comprehensive Economic Partnership (RCEP)
- Microsoft Pluton
- Meltdown
- Location tracking
- Data brokers
- Association of South-East Asian Nations (ASEAN)
- Tim Berners-Lee
- TicketMaster
- Password Strength
- Nutrition labels
- Inrupt
- Cyber skills gap
- Voice over IP (VOIP)
- United States of America (USA)
- United States of America
- Election security
- UK Information Commissioner’s Office (ICO)
- Regulatory penalty
- Redaction
- Marriott International
- Marriott
- Huawei
- Clean Network Program
- 5G
October 2020
October 2020
- NotPetya
- McDonald’s
- Industrial Control Systems (ICS)
- Donald Trump
- Charities
- Application Programing Interfaces (API)
- Persistent engagement
- CyberFirst
- Coronairus (COVID-19)
- Contact Tracing
- British Airways (BA)
- British Airways
- NHS Test & Trace
- Integrity
- Detection
- Cell-mate
- US Treasury
- Huawei Cyber Security Evaluation Centre (HCSEC)
- Grindr
- EvilCorp
- Consumer security labels
September 2020
September 2020
- YOLOsec
- Value generation
- Security value
- Security strategy
- Pseudo-national threat
- Nationalism
- FOMOsec
- Commodity controls
- Windows Server
- NetLogon
- Experian
- Standard Contractual Clauses (SCCs)
- National cyber capability
- Global Initiative on Data Security
- EU-US Personal data transfers
- Data Protection Commission (Ireland)
- Vulnerability Disclosure Policy (VDP)
- Security spending
- Security Spend
- Secure Cyber Risk Aggregation and Measurement (SCRAM)
- Quantification
- Personal liability
- Massachusetts Institute of Technology (MIT)
- Hiscox
- Gartner
- Fiduciary responsibility
- Cybersecurity and Infrastructure Agency (CISA)
- Cyber Readiness Report
- CEO liability
August 2020
August 2020
- Webex
- Security budgeting
- NZX (New Zealand Stock Exchange)
- JML (Joiners-Movers-Leavers)
- FBI (Federal Bureaux of Investigation)
- DDOS (Distributed Denial of Service)
- Uber
- Threat Intelligence
- Microsoft Defender
- Mailto
- Joseph Sullivan
- fraudulent data request
- Cover-up
- CISO
- ReVoLTE
- Prediction
- Ofqual
- MITRE Shield
- Estimation
- Automated decision-making
- Accuracy
- 4G LTE
- 2020 Exam Results
- Smart devices
- Satellite Internet
- Market manipulation
- Liam Fox
- Energy markets
- Disinformation campaigns
- Bug bounties
- Black Hat
- Secure Boot
- No More Ransom Project
- GRUB
- Garmin
- Evil Corp
- Cyber-sanctions
- CWT Travel
- Boothole
July 2020
July 2020
- WastedLocker
- Test & Trace
- Sport
- New York Department of Financial Services (NYDFS)
- Deepfake audio
- Data protection impact assessment (DPIA)
- Windows DNS
- SIM Swapping
- SigRed
- Schrems II
- SAP NetWeaver
- RECON
- Perfect 10 Vulnerabilities
- EU-US Privacy Shield
- Digital risk
- Digital divide
- Digital Balkanisation
- Critical national infrastructure
- 5G Mobile Networks
- OAuth
- Internet Balkanisation
- Hong Kong national security law
- Hong Kong
- Cosmic Lynx
- Stuxnet
- Regulation
- Natanz
- Mass hacking
- Internet Archive
- Efficiency vs Resilience
- EARN-IT Act
- Barclays
June 2020
June 2020
- TikTok
- Netsentinel
- MageCart
- Maersk
- Lawful Access to Encrypted Data Act
- Incident Response
- Google Analytics
- Exchange
- Enchrochat
- Distributed Denial of Secrets
- Data exfiltration
- Copy and paste
- Card skimming
- Browser cache
- Breach notification
- Blueleaks
- Vault 7 Leaks
- Treck
- South Africa Postbank
- Public Key Infrastructure (PKI)
- Payment cards
- Like-farming
- eBay
- Cyberstalking
- Copy-paste compromises
- Central Intelligence Agency (CIA)
- Central Intelligence Agency
- Australia Cyber Security Centre (ACSC)
- Australia
- Training data
- Stalkerware
- Risk Avoidance
- Private Investigators
- Platform abuse
- Lawful hacking
- Hack-for-hire
- Dark Basin (aka Snowstorm)
- Corporate Espionage
- Citizen Lab
- Child exploitation
- Babylon Health
- REvil (Sodinokibi)
- Password stats
- Maze Group
- Israel
- Cybercrime business model
- Cyber security spending
May 2020
May 2020
- University of Cambridge
- Threat Metrix
- Octopus Scanner
- NTT Communications
- National Crime Agency (NCA)
- Mandient
- Legal privilege
- GitHub
- EasyJet
- DDoS-as-a-Service
- Capital One
- Winnti
- Virtualisation
- Collection 1
- ADT
- CyberTalks
- ThunderSpy
- Thunderbolt
- Risk quantification
- Ransomware costs
- NHSX
- Market Pricing
- Marcus Hutchins (MalwareTech)
- Malware analysis
- High-performance computing (HPC)
- Hedging
- Elexon
- CyberHedge
- Roblox
- Password Reuse
- Ohio (US State)
- National Health Service (NHS)
- Legal sector
- Grubman Shire Meiselas & Sacks (GSM)
- Credential Stuffing
- Computer gaming
- Video Conferencing (VC)
- Video Conferencing
- Sheffield City Council
- Office 365
- Mobile Device Management (MDM)
- Local Government
- Diversity and Inclusivity
- Bring Your Own Device (BYOD)
- Automatic Number-plate Recognition (ANPR)
- Antivirus (AV)
April 2020
April 2020
- Zero-click
- ZecOps
- Web shells
- Vulnerability identification
- UK Ministry of Defence
- Surveillance programmes
- Mail.app
- IBM Data Risk Manager
- IBM
- Cloud Hopper
- SkyWrapper
- Pastebin
- North Rhine-Westphalia
- Know your customer (KYC)
- Germany
- Department of Defense (US)
- Compliance risk
- AttackerKB
- AiR-ViBeR
- Zoom
- Travelex
- Rostelecom
- ransom payments
- cyber economics
- asymmetric threat
- TheyHelpYou
- Community Hubs
- Security Watercooler
- Morrisons
- Bug bounty
- Amazon Detective
March 2020
March 2020
- Third-sector data protection
- Schools & Education
- Phineas Fisher
- FSB
- FIN7
- DNS Hijacks
- Dharma
- Chubb
- Booz Allen Hamilton
- VPN
- Remote Working
- Remote Access
- VPN Security
- Securing Virtual Meetings
- Privacy vs Surveillance
- Pi-Hole
- Phased Array
- Pale Blue Dot
- Money Mules
- DuckDuckGo
- DNS Blocklist
- Worm
- Whisper
- U.S. Cyber Strategy
- SMB
- Cyberspace Solarium Commission
- Avast
- US EARN IT
- Smart cameras
- Loyalty Cards
- Location Privacy
- LLHS
- INsecurity
- Certificate Scam
- Security Education
- IoT
- Authorised Push Payment