Prof Bill Buchanan OBE FRSE

📣 NEW EPISODE: Digital Forensics Essentials #2 - Time travelling with SQLite Journals and WAL 👇 The latest DFE vlog has landed and Principal Analyst Alex Caithness is back to explain the lasting importance of the temporary world of SQLite Journals and Write-Ahead-Logs. #dfir #digitalforensics #digitalforensicsessentials https://lnkd.in/dPVcEutR

12

Showing a study on Bug Bounty programs and their evolution, by the BSC Hacking Group and other pioneering groups leading up to the stabilization of BSC Hacking. This research references the paper 'An Empirical Study of Bug Bounty Programs' authored by Thomas Walshe and Andrew Simpson.

2

‘Combatting Cyber Terrorism – A guide to understanding the cyber threat landscape and incident response planning’ by Richard Bingley is now available for pre-order! 📘 In his second book with IT Governance Publishing, Richard Bingley’s Combatting Cyber Terrorism – A guide to understanding the cyber threat landscape and incident response planning analyses the evolution of cyber terrorism and what organisations can do to mitigate this threat. Find out more and pre-order your copy today 👇 https://ow.ly/LNe550RnUjl #CyberTerrorism #CyberThreat #Preorder

11

🔒 Just Released: DSIT Cyber Breaches Survey 🚀 Sharing insights from the latest Cyber Security Breaches Survey commissioned by the Department for Science, Innovation and Technology (DSIT)! This comprehensive study provides a crucial snapshot of cyber security in UK organizations, shedding light on trends and challenges across businesses, charities, and educational institutions. 🔍 Key Findings: 🔹 Half of businesses (50%) and around a third of charities (32%) have reported experiencing cyber security breaches or attacks in the past year. And here’s a secret: threats usually don’t differentiate based on location. 🔹 When excluding phishing-related cyber crimes, the survey estimates that 3% of businesses have faced at least one non-phishing cyber incident in the last 12 months. 🔹 Encouragingly, organizations have improved their adoption of common cyber controls, including up-to-date malware protection, restricting administration rights, network firewalls, and agreed processes for handling phishing emails. 📊 Noteworthy Differences: 🔸 Smaller organizations lag behind medium/large ones in crucial areas:   ➡️ Only 31% of all businesses have completed cyber security risk assessments in the last year, compared to 72% of large businesses.   ➡️ Security monitoring tool usage stands at 33% for all businesses, contrasting with 71% for large businesses.   ➡️ Large businesses lead in reviewing security within their supply chain (48% vs. 11% for all businesses). 💼 Key Takeaways: (a) Smaller businesses aiming to collaborate with larger organizations must elevate their cyber security practices, especially considering the emphasis on supply chain security reviews. (b) While phishing remains a significant threat, it's essential to recognize the existence of other cyber risks and prioritize comprehensive security measures.

1

The last time our researchers assessed #cybercrime group #MuddledLibra, it was to dissect their #SocialEngineering tactics. Now, this group has begun to target cloud environments and SaaS applications. This article investigates in depth the ways that Muddled Libra has exploited both using the MITRE ATT&CK framework, from reconnaissance to exfiltration. https://bit.ly/43VgH5s #CloudThreatLandscape

51

In this new #WhitePaper, we use three scenarios to help illustrate how investigators can learn how to leverage various #artifacts to provide clues and identify critical evidence to help progress open investigations: https://ow.ly/igCr50Sh3cm #DFIR

27

A great article on the emerging new threat to our data. All should read this. Alan

2

📣 Digital Forensics Essentials – New episode heads-up The latest in the Digital Forensics Essentials series will land next week with Principal Analyst Alex Caithness set to unpack the subject of SQLite Journals and Write-Ahead-Logs for us. To get a flavour of what DFE has to offer, check out Alex explaining how one of the most common methods of encoding timestamps - the epoch timestamp - works. The video covers the basic mechanism used to encode these timestamps, common formats, methods and tools to decode them (including using Python, Excel and SQLite queries). #dfir #digitalforensics

21

The Real Minority Report? I attended the excellent INTERPOL Digital Forensics Experts Group (DFEG) 2024 conference last week, and the use of AI was top of the agenda. Its use in gathering evidence and reporting could open up a whole new world of digital investigation. And so, last week, Police Scotland announced that it would explore the usage of AI. I appreciate that most of this relates to the recovery of data related to a crime, but our society must worry about a Big Brother world of citizens being observed for every aspect of their lives. The Minority Report—released in 2002—predicted the future fairly well, with the usage of self-driving cars, touch analytics, personalised ads, video-controlled homes, facial/retina recognition, gesture-based actions, … and “predictive policing.” Read more: https://lnkd.in/drK97RNy

25

🚨 The latest UK cybersecurity sector analysis has been published today by the Department for Science, Innovation and Technology. 💻 Our AI capability was used to map the sector, identify cybersecurity companies and understand their products and services. We're proud to have worked again with Perspective Economics, Ipsos UK and CSIT. Key findings include: ➡ The UK’s cybersecurity sector showed significant resilience and growth, with a 13% increase in sector revenue and 2,700 new jobs. ➡ There are 2,091 firms in the UK providing cybersecurity products and services. ➡ We found 60,689 Full-Time Equivalents (FTEs) working in a cybersecurity-related role across the cybersecurity firms identified. ➡ Total annual revenues were £11.9 billion and total GVA was £6.5 billion. ➡ During 2023, 71 cybersecurity companies raised £271 million. You can read the full report here: https://lnkd.in/eXkap3bn #AI #NLP #Sectors #Webdata #MarketResearch #Cybersecurity

18

🚨 Opaxe subscribers be aware - Threat Actor Claims to Leak Database of Opaxe, Impacting 16,000 Users and 5.5 Million Records. "A curated data source for the mining and minerals industry. We collect, collate and republish listed mining company announcements so that you can access them quickly and easily, all in one place. We have more than 40,000 mining company announcements and 3 million data points extracted from these announcements." "Opaxe is a smart software platform that reconfigures and redistributes information and produces business insights to help mining professionals and investors make better decisions. Our founding team of industry experts and people with domain expertise understand the issues with data overload and not being able to find the wood from the trees. We set out to make it easy for you to locate the specific mining company announcement that you need, out of the 10,000’s of announcements that are out there."

4

🚨 Inside the British Library Cyberattack: Key Takeaways & Fallout 🚨 The recent British Library cyberattack has unveiled significant and costly security flaws. Key lessons learned include the importance of addressing technical debt, conducting holistic risk assessments, enhancing information governance, and implementing a defense-in-depth strategy. 📚🔐 #CyberSecurity #Infosec #RiskManagement #DataProtection #BritishLibrary #InfoGov #TechDebt #CyberDefense https://lnkd.in/dHeKebeV

1

Great interview from Application Security Weekly that explores: How can open source projects find a funding model that works for them? Simon Bennetts talks about his stewardship of Zed Attack Proxy and its journey from #OWASP to #OpenSSF to an Open Source Fellowship with Crash Override. Watch it here: https://hubs.la/Q02zTnC50 #Developers #DevOps #CyberSecurity #OpenSource

1

New guidance on Strengthening AI System Security released by the NSA, UK NCSC and others! The National Security Agency (NSA) is releasing a Cybersecurity Information Sheet (CSI), “Deploying AI Systems Securely: Best Practices for Deploying Secure and Resilient AI Systems.” While intended for national security purposes, the guidance has application for anyone bringing AI capabilities into a managed environment, especially those in high-threat, high-value environments. The best practices presented align to the main steps of AI deployment: 1. Secure the deployment environment 2. Continuously protect the AI system 3. Secure AI operation and maintenance - In this section, notice the importance of "Promot[ing] a security-aware culture to minimize the risk of human error". The full guidance can be found here: https://lnkd.in/e_6SJe3y #AI #artificialintelligence #security #cybersecurity #systems #deployment #resilience #guidance

34

4 Comments

Bug Bounty programs are often perceived as risky or potentially harmful. This blog aims to dispel such misconceptions by exploring why bug bounty programs are, in fact, not a risk but a strategic defence mechanism. Akansha bisht Abhinav Bangia Anurag Tripathi Dipti Bhadouriya #bugbounty #cybersecurity #ethicalhacking https://lnkd.in/gXvHWdXg

9

💻 For the 5th year running, Tussell has been cited in the Department for Science, Innovation and Technology's annual Cyber Security Sectoral Analysis Report. 📊 Produced by Tussell customers Perspective Economics, with support from glass.ai and CSIT, the report takes a look at the size and scale of the UK cyber industry. 📈 Tussell’s data is used throughout the report to examine the size of the #publicsector cyber marketplace. Tussell is the market's, media's and government's go-to source of insight into UK public procurement.  ✅ Want to see why? Book in some time with our team 👉  https://lnkd.in/eBzNjD6Z ✅ Check out the full report here 👉  https://lnkd.in/eXkap3bn #cyber #procurement #marketanalysis

5

A major new research programme from the University of Bristol, University of Oxford, and Lancaster University is set to address the grand challenge of providing cybersecurity at societal scale, following £6.8 million in funding from the Engineering and Physical Sciences Research Council (EPSRC). The SCULI (Securing Convergent Ultra-large Scale Infrastructures) programme will bring together experts from the Department of Computer Science, alongside counterparts at Bristol and Lancaster, to forge a pioneering new approach to delivering cybersecurity. While cybersecurity for components and systems is currently built and tested at small scale, before being upscaled, the SCULI programme, led by the University of Bristol, aims to transform this approach, by designing solutions to work at scale, bringing new levels of predictability and safety. With the UK revealed by a recent House of Commons inquiry as one of the countries most at risk of cyber-attack, Sadie Creese, Professor of Cybersecurity and department lead on the programme, said: ‘With the UK facing unprecedented risks to its critical services, the SCULI programme promises a crucial and timely shift in the scientific approach to the cybersecurity of large-scale infrastructure. We look forward to working with our colleagues at Bristol and Lancaster, industry and policy makers to deliver new levels of reliability and security to major national and global projects of the future.’ Read more: https://lnkd.in/e9-vDVPi Image description: A blue image of a computer board with a dark blue speech bubble over it with white text reading '‘With the UK facing unprecedented risks to its critical services, the SCULI programme promises a crucial and timely shift in the scientific approach to the cybersecurity of large-scale infrastructure.’ Sadie Creese, Professor of Cybersecurity' pointing to a photo of Professor Sadie Creese. There is another smaller blue box at the bottom right reading '@compscioxford #compscioxford'.

31