Latest posts from Cyber security updates Join us on LinkedIn PwC UK YouTube channel Subscribe to our RSS feed Join us on Facebook Follow PwC on Twitter

28 October 2014

Additional indicators relating to Sofacy (APT28) phishing

By Chris Doman There has been a significant amount of coverage this month of threat actors employing the malware known to the security community as "Sofacy". First there was the Sednit report by ESET, then our report on web-mail phishing followed by a more detailed report by Trend Micro. Today...

27 October 2014

ScanBox framework – who’s affected, and who’s using it?

By Chris Doman and Tom Lancaster Earlier this year the Japanese language website of one of the world’s largest suppliers of industrial equipment was compromised by a sophisticated threat actor. Usually in such cases an attacker will use their access to place an exploit kit on the compromised website, delivering...

24 October 2014

Secure your bases to lower the risk of mistakes, misuse and malicious activity

By Richard Mardling ‘So, what keeps you awake at night?’ was the innocent question to a CEO recently. Without seeming to think about this for very long ‘Cyber security!’ was the answer. This is a broad subject, so the next question was ‘What do you mean by Cyber Security?’ ‘Oh,...

20 October 2014

OrcaRAT - A whale of a tale

By Dan Kelly and Tom Lancaster It’s every malware analyst’s dream to be handed a sample which is, so far, unnamed by the AV community - especially when the malware in question may have links to a well-known APT group. In my line of work I analyse several ‘unknown’ malware...

17 October 2014

Seven steps to great access governance

By Richard Mardling It is no longer acceptable to not know who has access to what. With ever-changing security boundaries, increasing collaboration, a widening variety of devices and the continued growth of cloud services, it is paramount that only the right people have approved access to your applications and data....

14 October 2014

The IoT or the internet of things that can be broken into?

By Colin Slater Having moved back to Scotland from the relatively balmy climes of New Zealand my thoughts turned to heating and heating efficiency as I loaded the 10th barrow of fallen leaves into the composting heap signalling Autumn was here. Like most people we have a gas combi boiler...

09 October 2014

Phresh phishing against government, defence and energy

By Chris Doman Earlier this year I came to work and checked our monitoring systems that had run overnight. One of them had identified that two new domains had been pointed at a server PwC’s Threat Intelligence team had previously associated with malware known as “Sofacy”. The group using Sofacy...

27 September 2014

How can you deal with Shellshock?

By James Rashleigh The vulnerability, known as “Shellshock,” takes advantage of a bug discovered within the GNU Bourne-Again Shell (BASH) which allows malicious users to remotely execute commands, regardless of restrictions placed on the environment. This vulnerability could be leveraged to take full control of the system, obtain sensitive information,...

24 September 2014

New era of corporate privacy transparency beginning?

By Stewart Room Two stories that caught my eye last week concerned, once again, the principal corporate doyens of the current privacy debate, Google and Facebook. Apparently, Google has constituted a series of Councils involving opinion formers, regulators, academics, lawyers and the public, which will travel around Europe to discuss...

19 September 2014

Malware microevolution

By Tom Lancaster Earlier this September, our friends at FireEye blogged[1] about how malware authors often change their tactics in response to the work of those investigating them. However, most of the time, this evolution isn’t a wholesale change as was the case with APT12. Just as in nature, it’s...