This Week's Gurus

Last month a new vulnerability was discovered that used Scalable Vector Graphics (SVG) files to spread ransomware. The vulnerable application this time around was Facebook’s Messenger, its whitelisting measures bypassed by what appeared to be a harmless image file. But this isn’t the first time hackers have used SVG files to deliver ransomware. Last May, Cryptowall used this file type as the vehicle for attack. The perpetrator this time (Locky) may be different, but the...

"It is enough that the people know there was an election. The people who cast the votes decide nothing. The people who count the votes decide everything." - Joseph Stalin We recently had an election in the US – you may have heard about it. In the run-up to the election, and in its aftermath, candidates from all parties have raised the specter of the vote being hacked. Even long established technology magazine Scientific American...

I have the great opportunity to spend time with CSOs and IT executives to understand their cybersecurity concerns and help them map out a strategy for success. An increasingly common question I’ve been hearing is, “Does my organization need a threat intelligence team?” Adding threat intelligence capabilities to your organization can be valuable, with their ability to hunt for advanced attacks; profile never-before-seen malware, campaigns or adversaries; and really think like an attacker. However, the...

December Patch Tuesday has a flurry of exploits and public disclosures. Coming in to Patch Tuesday, we already had one zero day from Mozilla (CVE-2016-9079) which updated on November 30. Today, Adobe released nine bulletins, including a critical update for Adobe Flash that resolves a zero day (CVE-2016-7892). Microsoft is updating Flash for IE and also has five publicly disclosed vulnerabilities being resolved. Starting with Firefox, Mozilla announced an update on November 30 that resolved...

Today’s threat landscape is constantly evolving. In 2016 in particular, we’ve seen a huge shift with adversaries penetrating organisations from the DNC to WADA and gaining access to sensitive documents that were later leaked to embarrass individuals. Yet, while many believe that this trend starts and ends with a contentious election, it’s not something that’s going away in 2017. In fact, we’re starting to see continued and varied threats, most recently with DDoS attacks taking...

Karl Roe, VP Services and Cloud Solutions Nuvias Group, gives his top predictions for cloud developments in 2017. Un-Clouding We have all witnessed the ‘cloud rush’ of recent years where organisations have been encouraged to move their workloads to the cloud. However, there is a growing recognition among organisations that cloud services are not the be-all and end-all – and certainly not always the most cost effective way to deliver all their IT workloads. In...

As businesses unwind for the holidays, many may take stock of the multiple data breaches, which exposed both corporate and customer data this year. Though some people might assume the festive period is a quiet one for hackers this is certainly not the case. If anything, businesses could be more vulnerable than ever thanks to the fold of IoT devices expected to be gifted this year. The recent DDoS attack of web hosting company OVH...

According to McKinsey & Company, digital wallets currently facilitate approximately $300 billion in transactions within the U.S. The research firm is predicting that this volume will expand to $1.2 trillion by 2020 to comprise 18-20% of total U.S. retail spending. This projected growth is expected to become a reality for a number of reasons. First and foremost, mobile wallets create a simple, frictionless buying experience for customers, which they demand. Simultaneously, the technology opens up...

Dik Vos, CEO, SQS Autonomous vehicles will change the world’s roads in 2017 and many drivers will lose their jobs Autonomous vehicles are set to change the world’s roads in 2017, affecting not only consumers but also every stage of the automotive manufacturing process from design through to the supply chain. Plans to test autonomous lorries in the UK may have recently been stalled but trials of these vehicles are already in place in other...

"This year has been a year of high profile hack after high profile hack.  It seems we still are to learn the lessons of the vital role of data security procedures in order to keep ourselves safe", says Colin Tankard, Managing Director of data security company, Digital Pathways. Here, Tankard outlines his predictions for the data security world in 2017. Nation state hacks will increase but will be focused on commercial espionage rather than political...