Smart devices: using them safely in your home
<div>Many everyday items are now connected to the internet: we explain how to use them safely.</div>
Cyber Security News
Are you hungry? A two-part blog about risk appetites
<div>Risk appetites; what are they, what’s their purpose, how do organisations go about defining them?</div>
'WannaCry' ransomware: guidance updates
<div>Jon L provides an update on the NCSC's guidance on the 'WannaCry' ransomware.</div>
Please stop saying 'it depends'!
<div>Why I'm trying desperately to stop saying 'it depends' when it comes to simple cyber security questions...</div>
Brightening the outlook for security in the cloud
<div>The NCSC's Cloud Security Research Lead suggests some approaches to help you get confidence in cloud services.</div>
NCSC IT: Installing software updates without breaking things
<div>Andy P explains how the NCSC rolls out software updates without delays.</div>
Cyber Threat Report: UK Legal Sector
<div>An updated report from the NCSC explaining how UK law firms - of all sizes - can protect themselves from common cyber threats.</div>
Using TLS to protect data
<div>Recommended profiles to securely configure TLS for the most common versions and scenarios, with additional guidance for managing older versions.</div>
Setting up 2-Step Verification (2SV)
<div>How setting up 2SV can help protect your online accounts, even if your password is stolen.</div>
Serving up some server advice
<div>Highlighting guidance which will help you secure your servers</div>
Apple Drops iCloud's Advanced Data Protection in the U.K. Amid Encryption Backdoor Demands
Apple is removing its Advanced Data Protection (ADP) feature for iCloud from the United Kingdom with immediate effect following government demands for backdoor access to encrypted user data.The development was first reported by Bloomberg.ADP for iCloud is an optional setting that ensures that users' trusted devices retain sole access to the encryption keys used to unlock data stored in its
Data Leak Exposes TopSec's Role in China’s Censorship-as-a-Service Operations
An analysis of a data leak from a Chinese cybersecurity company TopSec has revealed that it likely offers censorship-as-a-service solutions to prospective customers, including a state-owned enterprise in the country.Founded in 1995, TopSec ostensibly offers services such as Endpoint Detection and Response (EDR) and vulnerability scanning. But it's also providing "boutique" solutions in order
Metasploit Weekly Wrap-Up 02/21/2025
BeyondTrust and Fetch PayloadThis Metasploit release includes an exploit module that chains two vulnerabilities, one exploited in the wild by APT groups and another one, a 0-day discovered by Rapid7 during the vulnerability analysis.In addition to that, a significant improvement was made to Fetch-Payloads by adding support for the ppc, mips and arm architectures. This allows the payloads to be used in exploits that commonly target embedded systems.New module content (3)BeyondTrust Privileged Rem
Cases of China-Backed Spy Groups Using Ransomware Come to Light
Cyberattacks detected by Trend Micro and Orange Cyberdefense find hackers using malware linked to China-backed groups and ransomware, adding more evidence that nation-state cyberespionage groups are also now using ransomware and further blurring the line between the two.The post Cases of China-Backed Spy Groups Using Ransomware Come to Light appeared first on Security Boulevard.
Cybercriminals Can Now Clone Any Brand’s Site in Minutes Using Darcula PhaaS v3
The threat actors behind the Darcula phishing-as-a-service (PhaaS) platform appear to be readying a new version that allows prospective customers and cyber crooks to clone any brand's legitimate website and create a phishing version, further bringing down the technical expertise required to pull off phishing attacks at scale.The latest iteration of the phishing suite "represents a significant
SPAWNCHIMERA Malware Exploits Ivanti Buffer Overflow Vulnerability by Applying a Critical Fix
In a recent development, the SPAWNCHIMERA malware family has been identified exploiting the buffer overflow vulnerability CVE-2025-0282 in Ivanti Connect Secure, as confirmed by JPCERT/CC. This vulnerability, disclosed in January 2025, had already been actively exploited since late December 2024, prior to its public announcement. The malware, an evolved variant of the SPAWN family, integrates […]The post SPAWNCHIMERA Malware Exploits Ivanti Buffer Overflow Vulnerability by Applying a Criti
Sitevision Auto-Generated Password Vulnerability Lets Hackers Steal Signing Key
A significant vulnerability in Sitevision CMS, versions 10.3.1 and earlier, has been identified, allowing attackers to extract private keys used for signing SAML authentication requests. The flaw, tracked as CVE-2022-35202, stems from the use of a Java keystore accessible via WebDAV and protected by an auto-generated, low-complexity password. This vulnerability could potentially enable attackers to […]The post Sitevision Auto-Generated Password Vulnerability Lets Hackers Steal Signing Key
NSA Allegedly Hacked Northwestern Polytechnical University, China Claims
Chinese cybersecurity entities have accused the U.S. National Security Agency (NSA) of orchestrating a cyberattack on Northwestern Polytechnical University, a prominent Chinese institution specializing in aerospace and defense research. The allegations, published by organizations such as Qihoo 360 and the National Computer Virus Emergency Response Center (CVERC), claim that the NSA’s Tailored Access Operations (TAO) […]The post NSA Allegedly Hacked Northwestern Polytechnical Universi
ACRStealer Malware Abuses Google Docs as C2 to Steal Login Credentials
The ACRStealer malware, an infostealer disguised as illegal software such as cracks and keygens, has seen a significant increase in its distribution since the beginning of 2025. Initially distributed in limited volumes in mid-2024, this malware has now gained traction, with February’s activity levels matching those of January, signaling a sharp upward trend. Security researchers […]The post ACRStealer Malware Abuses Google Docs as C2 to Steal Login Credentials appeared first on GBHac
Webinar: Learn How to Identify High-Risk Identity Gaps and Slash Security Debt in 2025
In today’s rapidly evolving digital landscape, weak identity security isn’t just a flaw—it’s a major risk that can expose your business to breaches and costly downtime. Many organizations are overwhelmed by an excess of user identities and aging systems, making them vulnerable to attacks. Without a strategic plan, these security gaps can quickly turn into expensive liabilities.Join us for "