17-Oct-17 - WPA2 re-use of nonce breaks encryption, patch clients and infrastructure asap. Read more here.
27-Sep-17 - Update to iOS11, easy WiFi hack is out there, read more here.
27-Sep-17 - Deloitte email hack, is there more to it? Read more here.
13-Sep-17 - We are presenting a demo hack at Public Cyber Security 2017, come along and say hi... click here for details.
01-Sep-17 - Three new Asterisk vulnerabilities, one of which allows info disclosure - not what you want on your telecoms system! Read more here.
18-Jul-17 - Sharing data on the LAN can be slightly risky, sharing on the Cloud even riskier. Dow Jones accidentally leaks up to 4m user accounts! Read more here.
10-Jul-17 - The AA comes clean on personal data leaked via its website affecting 120k users. Hardly timely breach reporting (think GDPR!). Read more here.
28-Jun-17 - UK software development company fined £60k for missing basic Data Protection controls including lack of penetration testing. Read the ICO notice here.
21-Jun-17 - Critical Stack Clash priv escalation vulnerability identified in multiple *nix operating systems. Patch asap, read more here.
16-Jun-17 - Vault 7 details CIA Cherry Blossom framework that can compromise hundreds of WiFi devices, read more here.
12-Jun-17 - Critical Remote Code Execution Samba vulnerability being exploited in the wild... read more here.
19-May-17 - NHS cyber attack, inevitable in our opinion, luckily our clients were largely un-affected and those that were had been told they were below par. Official statement from NHS Digital here.
09-May-17 - Microsoft security software can be tricked into running and installing malware when its scanning for malware!! Patch quickly, read more here.
27-Apr-17 - Equation Group exploits plugged by Microsoft a month prior to ShadowBrokers release... coincidence?! The exploits are good fun on Win7, Win2K8 etc... read more here.
27-Apr-17 - GE power grid devices contain hardcoded pwd. Never design your own encryption or auth mechanisms! Read more here.
11-Apr-17 - Zero day Word bug being used in Dridex campaign... patch asap. Read more here.
10-Apr-17 - Wonga 270k customer related data breach... read more here.
27-Mar-17 - Dishwasher has directory traversal, serious but also quite amusing! Read more here.
15-Mar-17 - Patch Tuesday resolves multiple remote code execution bugs and escape from HyperV guest to host (ms17-008)! Patch quickly, read more here.
03-Mar-17 - Using WordPress NextGEN photo plugin? Upgrade to version 2.1.79 asap! Read more here.
01-Mar-17 - Private healthcare firm fined £200,000 for IVF data leak. Read more here.
24-Feb-17 - "Cloudflare have been leaking customer HTTPS sessions for months. Uber, 1Password, FitBit, OKCupid, etc"... read more here.
21-Feb-17 - JAVA and Python based XML processing can permit firewall bypasses (in certain situations), interesting. Read more here.
10-Jan-17 - Ransomware evolves to be a data breach, sensitive data exfiltration added to KillDisk... read more here.
23-Dec-16 - LV= former employee sentenced to 12 months for accepting bribe and releasing customer data... read more here.
15-Dec-16 - Using Joomla? Update, update, update.... NOW. Read more here.
15-Dec-16 - One Billion accounts compromised in Yahoo "mega-breach". Read more here.
06-Dec-16 - Four to five new malware samples every second? That's a lot! Read more here.
18-Nov-16 - Not controlling your end point USB ports? Worried? You should be! Worringly simple physical attack... read this
17-Nov-16 - Linux LUKS, press enter lots of times, get a root initramfs rescue shell for free! Read more here.
16-Nov-16 - NHS CareCert React available from 16th November 2016 on 0800 085 6653. Red more here.
16-Nov-16 - ISAS included in Sky News NHS cyber security news story... click here for more.
09-Nov-16 - Microsoft issues patch which addresses the "Google announced" zero-day. Patch quickly, read more here.
04-Nov-16 - MySQL (inc MariaDB and PerconaDB) vulnerabilities allow low priviledge local user to compromise hosting server! Get patching, read more here.
03-Nov-16 - Most systems now restored following Northern Lincolnshire and Goole NHS Foundation Trust virus infection... good news. Read more here.
01-Nov-16 - Northern Lincolnshire and Goole NHS Foundation Trust hit by virus, major incident declared, operations cancelled. Read more here.
21-Oct-16 - Dirty Cow is a nasty priv esc to root affecting almost all Linux based distros since 2007! Patch quickly, read more here.
17-Oct-16 - Be careful when "redacting PDF files"! US discloses PID of hacker being tried for illegally accessing & disclosing info! Read more here.
12-Oct-16 - Adobe patches 83 issues in Acrobat, Reader and Flash... 83! Read more here.
10-Oct-16 - Multiple Vulnerabilities in Animas OneTouch Ping Insulin Pump .Read more here.
08-Oct-16 - A big welcome to our 5 new NHS clients, all gained within one month!
26-Sep-16 - NHS Digital announces new CareCert services, Assure, Knowledge and React. Read more here.
23-Sep-16 - 500 MILLION! 500 million Yahoo accounts hacked including unencrypted security questions and answers. Read more here.
16-Sep-16 - Critical Cisco patches WebEx server and appliance for remote code execution vulnerability, read more here.
14-Sep-16 - US healthcare... laptop encrypted... check. Encryption password written down in laptop bag... check. Oh dear. Read more here.
13-Sep-16 - MySQL zero day allows compromise of MySQL and potentially hosting server! Read more here.
09-Sep-16 - NHS told to try harder re ransomware... luckily no ISAS clients have been hit hard to date! Read more here.
09-Sep-16 - WMAS ISAS contribute to cyber security article 'Locking Up' in Healthcare Finance magazine... read more here.
07-Sep-16 - 98 million plain text user names and passwords from 2012 Russian website hack posted online... Read more here.
02-Sep-16 - Ransomware and phishing survey shows lack of confidence amongst IT security pros. Read more here.
24-Aug-16 - Equation Group ports public ASA exploit for 8.2.(4) to newer devices - version 9.2(4). Read more here.
17-Aug-16 - WMAS ISAS to deliver a key presentation at the Cyber Security in Healthcare Show (CSIH), click here or more.
22-Jul-16 - France privacy watchdog declares Windows 10 is too much of a snoop, gives MS 3 months to act... read more here.
21-Jul-16 - Oracle quarterly patch fixes 276 problems over 84 of its products! Read more here.
15-Jul-16 - Microsoft wins case against data privacy reach of US Government... read more here.
06-Jul-16 - Malware going after old medical device OS vulns... read more here.
06-Jul-16 - Lenovo and HP laptops firmware vulnerability also on motherboards sold by Gigabyte. Read more here.
30-Jun-16 - How hackers avoid your AV... they / we dont use malware! Read more here.
15-Jun-16 - ZCrypt, ransomware that can spread like a virus... read more here.
10-Jun-16 - 32 million.. yes 32 million Twitter credentials up for sale!!! Read more here.
27-May-16 - Is UK based banking fraud protection going to be removed? It could be YOUR problem! Read more here.
19-May-16 - 2012 LinkedIn breach just got worse, number of affected users up to 177m from 6.5m! Read more here.
03-May-16 - ISAS to exhibit at the CyberUK in Practice 2016 event on 24th and 25th May under the TIAN brand, come and say hello! Read more here.
29-Apr-16 - Office 365 vulnerability enabled anyone to log in to business accounts! Read more here.
25-Apr-16 - "Healthcare makes easy pickings for hackers"... read more here.
14-Apr-16 - Badlock - Yes its bad but not as bad as it initially sounded! Read more about this privilege escalation vulnerability here.
31-Mar-16 - WMAS ISAS identifies significant zero-day vulnerability in nationally utilised website Content Management System. Further details to follow after vendor patching.
31-Mar-16 - Googles Project Zero names and shames 'ridiculous' Trend Micro bug, read more here.
29-Mar-16 - 1.5 million customer records of the computer security wing of Verizon up for sale! Read more here.
17-Mar-16 - Your HTTPS traffic can give a threat actor a very reliable fingerprint of your system! Read more here.
09-Mar-16 - US based cancer treatment center warns 2.2 million patients that health data and Social Security numbers stolen... Read more here.
02-Mar-16 - DROWN - OpenSSL vulnerability - update OpenSSL and for the last time please DISABLE SSLv2! Read more here.
22-Feb-16 - Did you download Linux Mint on February 20th 2016? Read this straight away if so, you might have a backdoored ISO! Read more here.
18-Feb-16 - Botnet serving Dridex now serving Locky ransomware, are you ready to deal with an infection? Read more here.
18-Feb-16 - California Hospital falls foul of ransom-ware, offline for 2 WEEKS. Read more here.
17-Feb-16 - Critical Linux vulnerability (CVE-2015-7547) affects all flavours of Linux and permits remote code execution!! Read more here.
16-Feb-16 - Moscow Hospital easy to hack finds Kaspersky... read more here.
15-Feb-16 - Sixteen year old east midlands boy arrested for hacking CIA Director personal accounts. Read more here.
08-Feb-16 - Oracle issues emergency patch for Java on Windows for vulnerability allowing complete compromise. Read more here.
03-Feb-16 - Safe Harbor replacement agreed, does it actually provide tangible improvements? Read more here.
01-Feb-16 - Lincolnshire council IT ransomware flingers reportedly asked for ... £350 not £1m! Read more here.
27-Jan-16 - Critical Firefox vulnerabilities fixed patched in Firefox 44 and Firefox Extended Release 38.6. Read more here.
23-Jan-16 - Deliberate backdoor removed From secure conferencing gear, read more here.
20-Jan-16 - CVE-2016-0728 Linux privilege escalation zero day vulnerability. Read more here.
19-Jan-16 - New EU General Data Protection Regulation looks set to arrive in 2018, larger fines for incidents and numerous other notable inclusions... Read more here
18-Jan-16 - "Wierd" SSH backdoor in Fortinet firewalls?? Read more here...
13-Jan-16 - Citrix hacked, could provide access to your network? Read more here...
11-Jan-16 - UK Information Commissioner repeats call for stronger sentences for data thieves. Read more...
11-Jan-16 - Turkish hacker gets 334 years in prison for bank related identity fraud, access device fraud, website forgery and wire fraud.
18-Dec-15 - Juniper unauthorized code found in ScreenOS, patch ASAP, read more.
18-Dec-15 - Maidstone council reports hundreds of residents personal details could potentially be viewed online.Read more.
16-Dec-15 - Massive FireEye vulnerability allows complete compromise via sending (not even reading!) of a single email, read more.
15-Dec-15 - IMPORTANT Zero day announced in Joomla 1.5 and above, update to 3.4.6 NOW. Read more.
14-Dec-15 - Anonymous has breached the subdomains of the European Space Agency website and leaked personal and login credentials for the lulz... read me.
10-Dec-15 - Is your antivirus the security weakness in your infrastructure? Worrying news about Kasperky, AVG and McAfee, read more.
08-Dec-15 - The Register reports 'Cambridge University Hospitals rated 'inadequate' due to £200m IT fail' Read more here
07-Dec-15 - vTech stolen passwords not stored securely... we would be shocked but this is all too common, read more.
04-Dec-15 - JD Weatherspoon hack affects approx 650k people however credit card data disclosure limited... read more
04-Dec-15 - Chinese government arrests hackers responsible for US Office of Personnel Management database hack . Read more.
04-Dec-15 - VTech Learning Lodge App Store cyber breach, affects over 7 million accounts - including child accounts and data. Click here for more info.
24-Nov-15 - Dell admits shipping XPS, Precision and Inspiron laptops and PCs with a web security hole. Read more here.
23-Nov-15 - Remember the insider threat, hospital Clerk in US fined $36k and given 2 years probation after selling thousands of maternity records. Read more here.
18-Nov-15 - A 15-year-old British boy has been charged over cyber-attacks on international websites and bomb hoaxes against US airlines, police have said. Read more here.
17-Nov-15 - UK assets including public sector resources and hospitals targets for major IS cyber attacks says GCHQ. Read more here.
14-Nov-15 - Cincinnati Hospital Allegedly Posts A Woman’s Syphilis Diagnosis And Personal Info On Facebook... click here for more.
14-Nov-15 - BitLocker encryption can be defeated with trivial Windows authentication bypass... click here for more.
13-Nov-15 - The WMAS ISAS team is pleased to announce it has a new national level NHS client. This demonstrates the trust that fellow health sector organisations have in our service.
13-Nov-15 - ISAS team identify critical vulnerability within nationally utilised HR related system, vendor has subsequently patched and deployed update.
01-Nov-15 - HSCIC launches CareCert to offer advice and guidance to support health and social care organisations... Click here for more.
21-Oct-15 - Lead by the ISAS Team WMAS obtains Trust wide Cyber Essentials accreditation - read more about Cyber Essentials here.
10-Sep-15 - ISAS team identifies critical SQL Injection vulnerability in nationally utilised Content Management System. Supplier has subsequently produced and deployed a patch.