Digital attackers are increasingly targeting industrial environments these days. Take manufacturing organizations, for instance. Back in late-August, FortiGuard Labs discovered a malspam campaign that had targeted a large U.S. manufacturing company with a variant of the LokiBot infostealer family. It wasn’t long thereafter when Bloomberg reported on the efforts of bad actors to target Airbus by infiltrating its suppliers’ networks.

The health data belonging to nearly one million New Zealanders has been accessed illegally after a cyber attack on Tū Ora Compass Health's website. The website was hacked in August 2019, but investigations into the incident have found previous attacks dating as far back as 2016 to March 2019. Neither the firm nor New Zealand's Ministry of Health has been able to determine whether these attacks resulted in any medical information being accessed.

Welcome back to our series on best practices for managing and securing your Google Cloud infrastructure at scale. In a previous post, we talked about how to use the open-source tools Forseti and Config Validator to scan for non-compliant tools in your environment. Today, we’ll go one step further and show you another best practice for security operations: the systematic use of labels.

Phishing attacks don’t show any sign of slowing down. Per its 2019 Phishing Trends and Intelligence Report, PhishLabs found that total phishing volume rose 40.9 percent over the course of 2018. These attacks targeted a range of organizations, especially financial service companies, email and online service providers and cloud/file hosting firms.

As we quickly approach the last quarter of the year, it's a good time to reflect on what's happened thus far in 2019, and where we should focus our energy for 2020.

If I asked you what security products you had in place to manage your risk within your IT organisation 10 years ago, you’d probably have been able to list a half dozen different tools and confidently note that most of your infrastructure was covered by a common set of key products such as antivirus, DLP, firewalls, etc. But in a world with IaaS, PaaS and SaaS, maintaining a comprehensive approach becomes far more difficult.

For many organizations moving to the cloud, Infrastructure as a Service (IaaS) like AWS EC2, Azure Virtual Machines or Google Compute Engine often forms the backbone of their cloud architecture. These services allow you to create instances of pretty much any operating system almost instantly. Unfortunately, moving your IT infrastructure to the cloud doesn’t relieve you of your compliance or security obligations.

Cyber Essentials and Cyber Essentials Plus are Government-backed schemes which highlight key technical controls that need to be in place in order to defend against the most common cyber threats. By becoming Cyber Essentials certified your organisation can display the logo on your website and marketing materials, improving trust with your customers. Many Government contracts will only consider applications from Cyber Essentials certified companies.

Detectify now has a built-in detection for vBulletin RCE CVE-2019-16759, thanks to a report from our Crowdsource community. Last week, a proof-of-concept exploit for a Remote Code Execution (RCE) vulnerability for vBulletin forum software CVE 2019-16759 was disclosed publicly. The vulnerability was exploited in the wild and actively being exploited by malicious attackers.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. A serious breach from a popular game was announced earlier in the week. Considering the prevalence of linking many such games with Facebook and other social media platforms, such an exposure gives a great ‘way in’. If you’ve not done it already, go check what access you’ve granted to your data.