Data Breach Archives

The CSRB, Microsoft, China and You

What does the recent report on Microsoft security mean?

By Doug Newdick, on 7 May, 2024

In May-June 2023 a hacking group affiliated with the Chinese Ministry of State Security (known as Storm-0558) breached the email of several of Microsoft’s customers including the US State Department, the US Department of Commerce, several UK government organisations as well as customers in other countries. They also compromised the personal email accounts of key individuals involved in US relations with China. Read More

2021’s Cyber Security Events: A New Zealand Perspective

By Doug Newdick, on 19 January, 2022

A few years ago there was an ad campaign for New Zealand making fun of the fact that we are often left off maps. When looking at cyber security news it often feels like we are missed off the map too. There were plenty of international round-ups of cyber security events for 2021, but few mentioned what happened here in Aotearoa New Zealand. To redress the balance, here’s our list of New Zealand’s publicly reported cyber security events from 2021:

Do the right thing with your unwanted devices – and their data!

By Jim, on 10 December, 2018

Secure wiping of devices and media during their disposal processes is a standard security control that we recommend to our clients. There have been a number of examples of how failure to wipe hard drives prior to disposal has resulted in embarrassment to individuals or organisations.

Secure device disposal — Legacy Axenic laptop getting “cleaned”

BrickerBot kiss of death to IoT devices

By Jim, on 9 May, 2017

Reports surfaced on the 12^th of April of a botnet that attacks IoT running BusyBox and other Linux-based devices. The bot, which is believed to be active since the 20^th of March 2017, exploits hard-coded passwords of devices with published SSH or telnet, as well as attempting to brute-force passwords of devices with non-default credentials. As the name suggest, BrickerBot bricks the devices and leaves them completely useless. This is done by executing a set of commands to delete storage, corrupt routing and others.

Who can afford an attack on their Critical Infrastructure?

By Jim, on 25 September, 2015

The world does not suffer from a shortage of hostile individuals or nations, from politically motivated parties, groups and nations, to ideologically motivated individuals and profit-motivated criminals. Information security attacks remain on the top of the list for being a global extensible war tool.

The Human Factor

By Jim, on 29 April, 2013

Last week Verizon published its Data Breach Investigations Report (DBIR) 2013. This years report presents Verizon’s analysis of 47,626 security incidents.

The Blog

Category: Data Breach