Richard Giddey

Australia has used its new cyber sanctions powers for the first time against a Russian citizen, Aleksandr Ermakov, in connection with the Medibank Private data breach. Magnitsky-style sanctions laws that were introduced in Australia in late 2021 include a world-leading measure to allow the imposition of Australian travel bans and asset freezes on those allegedly […]

Week in review: 10 cybersecurity frameworks you need to know, exploited Chrome zero-day fixed Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Key elements for a successful cyber risk management strategy In this Help Net Security interview, Yoav Nathaniel, CEO at Silk Security, discusses the evolution of cyber

Trezor, the hardware wallet manufacturer, has disclosed a data breach involving unauthorized access to a third-party support portal used by the company. In a worrying development for cryptocurrency enthusiasts, hardware wallet manufacturer Trezor disclosed a data breach on January 20, 2024, that potentially exposed the contact information of nearly 66,000 users. While the company assures

23andMe is “shamelessly” blaming victims of a data breach impacting 6.9 million users, a lawyer representing victims pursuing a class-action lawsuit, Hassan Zavareei, told TechCrunch. Zavareei shared a letter from 23andMe lawyers that urged users suing to “consider the futility of continuing to pursue an action in this case,” because their claims are allegedly meritless

Vercara UltraSecure offers protection from malicious attacks Vercara is introducing UltraSecure bundles designed to meet the online security needs of mid-size companies. These flexible packages offer enterprise-grade, custom solutions that protect critical applications, secure online properties and increase web performance. While mid-size companies and SMBs have the same security needs as larger enterprises, these organizations

The right strategy for effective cybersecurity awareness Employees play a significant role in safeguarding organizational assets. With a constantly evolving threat landscape, cybersecurity awareness training is an essential component in creating a good security culture. Why cybersecurity awareness training? 81% of organizations were hit by malware, phishing, and password attacks in 2022, mostly targeting users.

Newcastle United’s chairman, Yasir al-Rumayyan, is facing a £58m lawsuit for allegedly “having carried out the instructions” of Saudi Arabia’s crown prince, Mohammad bin Salman, with “malicious intent”, it has been reported. The claims, which are said to be made in legal papers sent to Rumayyan at several locations, including at St James’ Park, also

As many as five different malware families were deployed by suspected nation-state actors as part of post-exploitation activities leveraging two zero-day vulnerabilities in Ivanti Connect Secure (ICS) VPN appliances since early December 2023. “These families allow the threat actors to circumvent authentication and provide backdoor access to these devices,” Mandiant said in an analysis published

Akira ransomware attackers are wiping NAS and tape backups “The Akira ransomware malware, which was first detected in Finland in June 2023, has been particularly active at the end of the year,” the Finnish National Cybersecurity Center (NCSC-FI) has shared on Wednesday. NCSC-FI has received 12 reports of Akira ransomware hitting Finnish organizations in 2023,

Generative AI will enable anyone to launch sophisticated phishing attacks that only Next-generation MFA devices can stop The least surprising headline from 2023 is that ransomware again set new records for a number of incidents and the damage inflicted. We saw new headlines every week, which included a who’s-who of big-name organizations. If MGM, Johnson