Does the IoT = NextGen DDoS?

Last week witnessed a massive Distributed Denial of Service attack against, who provide DNS services to major websites. This had the effect of disrupting users of Twitter, Amazon, Tumblr, Reddit, Spotify and Netflix. The ‘botnet’ that performed this DDoS attack was comprised of hacked IoT (Internet of Things) devices, partly comprised of Chinese-made digital video recorders and IP cameras. The devices had been compromised…

Zero Day Vulnerability

What is a Zero Day attack, and how do I protect my business against them?

Oct 26th, 2016 Malware, Vulnerability Management James Gillies

An example of a zero day vulnerability would be a security weakness in an operating system such as Windows which is unknown to the vendor, in this case Microsoft. During the period of time that a hacker would discover and attempt to exploit that vulnerability, before the vendor becomes aware of the problem and then subsequently plugs up the security hole with a Windows Update…

How do we prevent ourselves getting burned in public?

Sep 7th, 2016 Data Breach, Information Risk Management James Gillies

There has been a lot of discussion in the technology world recently about the scheme where a team of security researchers MedSec Holdings disclosed details of alleged vulnerabilities in medical equipment they were testing, manufactured by St Jude Medical to investment researchers Muddy Waters in order to profit from the fallout when the vulnerabilities were made public. St Jude’s share price dropped by 4.4%. One…

Gravityscan Badge