All

The Crowdstrike Falcon outage

By University of Oulu in all

July 24, 2024

The Crowdstrike Falcon outage A faulty update was distributed to a cybersecurity software called The Falcon Sensor, provided by the company Crowdstrike. The botched update to the configuration files of the kernel-level vulnerability scanner caused an out-of-bounds memory read operation that resulted in affected machines booting over and over again. The fault was found and a fix was distributed within 12 hours, but damage had already been caused. Manually fixing the affected machines would take a lot longer.

Continue reading

Information Society is leading the battle for Cybersecurity

By OTS in all

June 18, 2024

Information Society is leading the battle for Cybersecurity The Ministry of Digital Governance (MDG) in Greece is implementing a set of projects through Information Society for the protection of public bodies against cyberattacks. Cybersecurity in the public sector is crucial for safeguarding sensitive information, ensuring the integrity of essential services, and maintaining public trust. Government agencies handle vast amounts of personal data and critical infrastructure, making them prime targets for cyberattacks.

Continue reading

The importance of user role definition and access restrictions

By Line Thorsen Sieg in all

June 11, 2024

The importance of user role definition and access restrictions Many of us have seen the cinematic masterpiece called The Lord of the Rings and can recall the scene where Pippin Took touches The Palantír (the glass orb looking thing with the eye of Sauron in it) and thus gave said villain an insight to his mind. The bad news: Sauron knows everything Pippin knows. The good news: Pippin doesn’t know anything!

Continue reading

New investigation by Kaspersky on Cyber Attacks

By OTS in all

June 11, 2024

New investigation by Kaspersky on Cyber Attacks Kaspersky has recently concluded an investigation into cyber-attacks targeting the industrial sector in Eastern Europe. The investigation has revealed the employment of advanced tactics, techniques, and procedures (TTPs) by threat actors to compromise industrial organizations in the region. Industries such as manufacturing, industrial control system (ICS) engineering and integration have been particularly affected, emphasizing the urgent need for enhanced cybersecurity preparedness. According to the research a series of targeted attacks was revealed, aiming at data -breach through the creation of a channel with similarities to cases previously reported, such as ExCone, and DexCone, a fact that clearly manifests the participation of APT31 (also known as Judgement Panda and Zirconium).

Continue reading

The Fileless present of Malware and its evolving ML based detection, classification and prevention

By Ioannis Kiachidis in all

May 28, 2024

The Fileless present of Malware and its evolving ML based detection, classification and prevention The main approach for detection and prevention of malware is based upon the concept of file signatures. More specifically, the AV solutions are scanning the system’s storage devices and hash files at process/creation time. Then they compare each of these hashes with their respective curated database which contains signatures of known malware samples. If there is a match then the file is flagged as malicious and subsequent actions take place to contain it.

Continue reading

The Risk of Misinformation and Disinformation in Cyber Threat Intelligence Communities

By Angelos Alevizopoulos in all

May 27, 2024

The Risk of Misinformation and Disinformation in Cyber Threat Intelligence Communities The ever-growing digital landscape presents organisations with a double-edged sword: vast amounts of data on cyber threats and the challenge of sifting through it all. Here’s where Cyber Threat Intelligence (CTI) comes in. By analysing attacker behaviour and uncovering early signs of attacks, CTI empowers organisations to proactively defend themselves. However, a significant hurdle exists: misinformation. This misinformation comes in two forms: accidental mistakes (misinformation) and deliberate deception (disinformation).

Continue reading

How Local and Regional Authorities can improve their ransomware defenses

By John Forrester in all

December 19, 2023

How Local and Regional Authorities can improve their ransomware defenses A recent study done by the National Association of State CIOs (NASCiO) and Deloitte found in the US 75% of state CISOs view ransomware as a threat. As this Govloop report reported “…there’s good reason for that. A number of factos, the report notes that combine to make local and regional governments particularly vulnerable to this attack”. High impact: Ransomeware is capable of causing an organization’s operations to a halt.

Continue reading

CriM 2023

By Christian Wieser in all

October 11, 2023

CriM 2023 The Cyber Security Seminar and Workshops (CriM) has been running for 24 years. We are glad to host for three days experts on this year’s topic: Supply Chain and Cyber Security. The mornings are filled with lectures and the afternoon workshops give practical expereince. The attendence is free of charge and 5 ECTS are available for completing the course. Please join us between 14th and 16th of November 2023 here in Oulu.

Continue reading

Lessons learnt from cyber-attacks on Greek municipalities

By Elisavet Goutman in all, status

October 10, 2023

Lessons learnt from cyber-attacks on Greek municipalities Just how hard is to describe the importance of a service whose value the customers cannot quite comprehend or quantify in order to invest in it in the Greek public sector? If one had to answer this question, he would have to give many answers, depending on various factors. It is incredibly difficult for an organisation to fully comprehend the need and the importance of cybersecurity service or product when he hasn’t been exposed or harmed by a cyber-attack.

Continue reading

New Cybersecuirty Master's Program in Oulu

By Christian Wieser in all, status

September 1, 2023

New Cybersecuirty Master’s Program in Oulu Cyber security is a new study option based on the research excellence in software security at the University of Oulu. The student specialising in cyber security will be able to design, develop, test and evaluate systems, software or hardware for security goals in the ever evolving digital landscape​. As a whole, artificial intelligence and the development of different AI solutions play a role in all four study options.

Continue reading

Search

Categories

Tags