97,000 Bugzilla Users’ Data Leaked


The 97,000 users involved in testing early builds of bug-tracking software Bugzilla have had their email addresses and encrypted passwords leaked. The leak came following a server migration, making it the second accidental data disclosure incident this month for the Mozilla-supported project. Announced on Wednesday by Bugzilla, the leak resulted from files being left in […]

Verizon’s data breach report identifies nine patterns that classify attacks


Verizon has recently released its comprehensive 2014 Data Breach Investigations Report, and its findings do not surprise me. But why should they? After all, it seems there isn’t a day that goes by without news of an attempted cyber attack or, worse, a successful data breach. Verizon’s report stresses that the variety and volume of […]

The next black swan event will come from cyberspace


First, let’s just make sure we’re all on the same page. A black swan event is not something involving Natalie Portman or Mila Kunis. A black swan event usually has three main characteristics: It is rare or hasn’t happened before, and comes as something of a surprise. It has an extreme impact on society and […]

List of data breaches and cyber attacks in August

Defence shield

August’s list is the longest since I started posting a monthly round-up of recent hacks. It doesn’t surprise me that it’s getting worse each month, though: after all, cyber threats are always increasing. Be sure to share this list with your friends and colleagues. Cyber threats will only decrease once the majority of people are […]

Kim and his 2 billion won: Massive data breach affects half of South Korean citizens

Edge of Keyboard

According to sources, 16 people have been arrested after 220 million records were stolen, including real names, account names, passwords and resident registration numbers. It is said that one of those arrested, ‘Kim’, obtained all 220 million records from a Chinese hacker he met through an online game three years ago. With this stolen data, […]

Sony suffer DDoS attack and threat forces executives’ flight to make unscheduled landing


Sony’s PlayStation Network (PSN) was down for the majority of Sunday because of a cyber attack aimed at its online gaming services. The attack was a distributed denial-of-service attack (DDoS) and no personal information was accessed. In a blog, Sony said: “The networks were taken offline due to a distributed denial of service attack. We […]

You are under cyber attack – it’s time to fight back

Hacker typing on a laptop

“100% of businesses are under attack; it is just that some don’t realise it.” Neelie Kroes, vice president of the European Commission (Digital Agenda) As our reliance on the internet grows and more devices become connected to the internet (the internet of things) the opportunities for cyber criminals also increase. Technology is often developed and […]

Android apps riddled with security vulnerabilities


Once again Android apps are under scrutiny, this time following the discovery that a large number of them are open to man-in-the-middle attacks. Security firm FireEye tested the 1,000 most popular Android apps in the official Google Play store and found that a ‘significant portion of them are susceptible to MITM attacks’ because of SSL […]

I’m worried about our information security. What should I do?


First off, if you’re worried about your information security, well done:  that’s a good thing. Your concern demonstrates that you’re not an ‘it-won’t-happen-to-us’ organisation, but are in fact an organisation that is aware of the threat and knows that it’s time to do something. Give yourself a pat on the back and read on. Step […]

The case for ISO27001 – what the adopters are saying

Defence shield

As IT Governance recently launched its market-leading ISO27001 online packaged solutions, I was prompted to carry out some research on this international information security Standard. I was primarily interested in the rate of its adoption and how (if at all) the business drivers for implementing ISO27001 have changed in the context of proliferating cyber attacks […]