Latest posts from Cyber security updates Join us on LinkedIn PwC UK YouTube channel Subscribe to our RSS feed Join us on Facebook Follow PwC on Twitter

19 December 2014

Festive spearphishing – merry Christmas from an APT actor

By Tom Lancaster Follow @tlansec Our journey begins with the discovery of a .cab archive file (fe73d915b4898da02d95973465534d2f) found on the well-known malware repository, VirusTotal. At over 10MB in size even when compressed, it is fairly hefty and we suspect that this may well aid the malware in bypassing perimeter defences,...

17 December 2014

Take part in the Information Security Breaches Survey 2015

By Andrew Miller and Richard Horne The Information Security Breaches Survey has been conducted by PwC on behalf of the Department for Business, Innovation and Skills for over a decade. The Government is working to make the UK one of the safest places in the world to do business. As...

05 December 2014

APT28: Sofacy? So-funny.

By Tom Lancaster and Michael Yip Follow @tlansec Follow @michael_yip Since the last time we wrote about the attackers known as Sofacy, they have been the subject of quite a lot of press, with several other security teams publically revealing aspects of the attackers’ campaigns. We have continued to monitor...

03 December 2014

Santa and the cyber men… is anyone safe?

By Craig Skelton Follow @cskelton About this time last year I wrote a blog about the threat of cyber crime on retailers (Putting it all on black). Particularly the damage that could be caused in taking down a website at crucial times such as Black Friday, Red Monday and indeed...

21 November 2014

Sustaining and enduring incident response

By Stewart Room Follow @StewartRoom How long do you sustain your incident response for? A week, one month, half a year, longer? Is your benchmark simply a temporal one? Or is it also focused on the materialisation of harm and the causes of failure? Lawyers all around the world are...

06 November 2014

Ethical positions in breach handling

By Stewart Room Follow @StewartRoom You can tell that a subject has matured when ethical considerations become part of 'business as usual activities'. Where the 'human condition' is central to BAU, particularly in situations of heightened sensitivity, it is possible for ethical situations to rise to the very top of...

28 October 2014

Additional indicators relating to Sofacy (APT28) phishing

By Chris Doman Follow @chrisdoman There has been a significant amount of coverage this month of threat actors employing the malware known to the security community as "Sofacy". First there was the Sednit report by ESET, then our report on web-mail phishing followed by a more detailed report by Trend...

27 October 2014

ScanBox framework – who’s affected, and who’s using it?

By Chris Doman and Tom Lancaster Follow @chrisdoman Follow @tlansec Earlier this year the Japanese language website of one of the world’s largest suppliers of industrial equipment was compromised by a sophisticated threat actor. Usually in such cases an attacker will use their access to place an exploit kit on...

24 October 2014

Secure your bases to lower the risk of mistakes, misuse and malicious activity

By Richard Mardling Follow @rmardling ‘So, what keeps you awake at night?’ was the innocent question to a CEO recently. Without seeming to think about this for very long ‘Cyber security!’ was the answer. This is a broad subject, so the next question was ‘What do you mean by Cyber...

20 October 2014

OrcaRAT - A whale of a tale

By Dan Kelly and Tom Lancaster Follow @int0x00 Follow @tlansec It’s every malware analyst’s dream to be handed a sample which is, so far, unnamed by the AV community - especially when the malware in question may have links to a well-known APT group. In my line of work I...