Insights

Cyber security is an indispensable aspect of any business operation. Recognising and understanding vulnerabilities - the potential risks that could compromise an organisation's cyber security - are critical. These latent risks become real and potentially damaging threats when exploited by a threat actor or accidentally by user error, leading to disastrous consequences like data breaches, malware infections, financial loss, and/or a loss of business-critical services. 

In part 2 of our series on the major cyberattacks of 2023 we'll be examining the attacks on Royal Mail and JD Sports. We'll also take a closer look at one of the largest DDoS attacks ever documented and delve into the havoc caused by the Black Basta ransomware spree.

We’re already at the midway point of 2023 and so far there plenty of cyber incidents have hit the headlines. In this blog we take a look at some of the biggest cyber attacks of 2023 (so far).

In this week’s roundup we take a look at some of the potential implications of the massively popular ChatGPT AI and look at the latest cyber security incidents to have hit the headlines.

This week saw the release of a number of reports showing that payments to ransomware gangs fell in 2022. Our Incident response team offers some insight as to why that might be happening. 

This week saw Microsoft release patches for nearly 100 vulnerabilities and a new tactic was seen being utilised by the Lorenz ransomware group. Read about both and the biggest cyber news in this week’s roundup.

Happy New Year everyone! 2023 has just begun and the cyber criminals haven’t wasted any time in getting busy attacking businesses and organisations.  

Cyber criminals and other threat actors are looking to kick their activities into a higher gear as three major upcoming events provide the perfect opportunities to launch phishing and other cyber-attacks.

Your data is your organisation’s most valuable asset. With enough transparency it can provide you with a huge amount of insight into how to improve your business, but in the wrong hands, it can irreparably damage your reputation and cost millions in compliance liabilities.  

While many organisations spend thousands on preventative cyber security tools, many make the mistake of overlooking the fact that cyber criminals are spending less time relying on brute force to gain access to protected information and more time on manipulating or bribing employees into giving up personal information.  

According to the government's Cyber Security Breaches Survey 2023, phishing is the most common form of cybercriminal activity suffered by UK businesses and charities, with 79% having been targeted by phishing scams. 

Security Update (Updated 28/3/2022 15.50)

The Integrity360 Cyber Threat Response team are currently tracking a new Zero-day vulnerability, CVE-2022-1096, found within Google's web browser Chrome. Google published an advisory on Friday 25th March, noting they are aware of the exploit and it exists in the wild. Currently, the details regarding the exploit have not been revealed by Google, however we are aware the exploit involves the leveraging of a weakness in the Chrome V8 JavaScript engine, which allows attackers to execute arbitrary code.