News, IT Industry News & Insights

Optimised data for better insights

Deliver clean, enriched log data to drive faster and smarter decisions.

Datastream

Find out more

Boost productivity with ecm

Secure, organize, and access business contact from one central platform.

Find out more

Enterprise Content

Licensing That Supports your strategy

DDS delivers licensing, support, and ongoing optimisation.

Find out more

Microsoft Licensing (CSP)

Trust no one.
verify explicitly

Always authentication and authorise based on real-time data.

Find out more

Zero Trust Cybersecurity

18 March 2026

Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOS

Apple on Tuesday released its first round of Background Security Improvements to address a security flaw in WebKit that affects iOS, iPadOS, and macOS. The vulnerability, tracked as CVE-2026-20643 (CVSS […]

17 March 2026

IPv4 Mapped IPv6 Addresses, (Tue, Mar 17th)

Yesterday, in my diary about the scans for “/proxy/” URLs, I noted how attackers are using IPv4-mapped IPv6 addresses to possibly obfuscate their attack. These addresses are defined in RFC 4038. […]

17 March 2026

South Korean Police Accidentally Post Cryptocurrency Wallet Password

An expensive mistake: Someone jumped at the opportunity to steal $4.4 million in crypto assets after South Korea’s National Tax Service exposed publicly the mnemonic recovery phrase of a seized […]

17 March 2026

CISA Flags Actively Exploited Wing FTP Vulnerability Leaking Server Paths

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a medium-severity security flaw impacting Wing FTP to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. […]

17 March 2026

Weekly Update 495

In the beginning, it was simple. A website, a database and 150M+ email addresses to search. Time has added serverless functions (which run on servers 🤷‍♂️), code on the edge, […]

16 March 2026

Free parking in Russia after Distributed Denial-of-Service attack knocks city’s parking system offline

Drivers in the Russian city of Perm have been enjoying an unexpected bonus this week: free parking. Not because the city council suddenly decided to embrace generosity – but rather […]

16 March 2026

Possible New Result in Quantum Factorization

I’m skeptical about—and not qualified to review—this new result in factorization with a quantum computer, but if it’s true it’s a theoretical improvement in the speed of factoring large numbers […]

16 March 2026

Android 17 Blocks Non-Accessibility Apps from Accessibility API to Prevent Malware Abuse

Google is testing a new security feature as part of Android Advanced Protection Mode (AAPM) that prevents certain kinds of apps from using the accessibility services API. The change, incorporated […]

16 March 2026

ISC Stormcast For Monday, March 16th, 2026 https://isc.sans.edu/podcastdetail/9850, (Mon, Mar 16th)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

14 March 2026

OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration

China’s National Computer Network Emergency Response Technical Team (CNCERT) has issued a warning about the security stemming from the use of OpenClaw (formerly Clawdbot and Moltbot), an open-source and self-hosted […]

14 March 2026

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m giving the Ross Anderson Lecture at the University of Cambridge’s Churchill College at 5:30 PM […]

14 March 2026

SmartApeSG campaign uses ClickFix page to push Remcos RAT, (Sat, Mar 14th)

Introduction This diary describes a Remcos RAT infection that I generated in my lab on Thursday, 2026-03-11. This infection was from the SmartApeSG campaign that used a ClickFix-style fake CAPTCHA […]

13 March 2026

Friday Squid Blogging: Increased Squid Population in the Falklands

Some good news: squid stocks seem to be recovering in the waters off the Falkland Islands. As usual, you can also use this squid post to talk about the security […]

13 March 2026

Chinese Hackers Target Southeast Asian Militaries with AppleChris and MemFun Malware

A suspected China-based cyber espionage operation has targeted Southeast Asian military organizations as part of a state-sponsored campaign that dates back to at least 2020. Palo Alto Networks Unit 42 […]

13 March 2026

Face value: What it takes to fool facial recognition

ESET’s Jake Moore used smart glasses, deepfakes and face swaps to ‘hack’ widely-used facial recognition systems – and he’ll demo it all at RSAC 2026

13 March 2026

A React-based phishing page with credential exfiltration via EmailJS, (Fri, Mar 13th)

On Wednesday, a phishing message made its way into our handler inbox that contained a fairly typical low-quality lure, but turned out to be quite interesting in the end nonetheless. […]

13 March 2026

Initial access techniques used by Iran-based threat actors

Analysis of attacks originating from Iran-linked threat groups reveals a preference for certain techniques Categories: Threat Research Tags: Iran, initial access

13 March 2026

March Patch Tuesday visits 15 product families

Eight Critical-severity bugs – none in Windows – appear in 84-CVE haul Categories: Threat Research Tags: Patch Tuesday, x-ops, Microsoft, Windows, detection

12 March 2026

iPhones and iPads Approved for NATO Classified Data

Apple announcement: …iPhone and iPad are the first and only consumer devices in compliance with the information assurance requirements of NATO nations. This enables iPhone and iPad to be used […]

12 March 2026

Rust-Based VENON Malware Targets 33 Brazilian Banks with Credential-Stealing Overlays

Cybersecurity researchers have disclosed details of a new banking malware targeting Brazilian users that’s written in Rust, marking a significant departure from other known Delphi-based malware families associated with the […]

12 March 2026

Cyber fallout from the Iran war: What to have on your radar

The cybersecurity implications of the war in the Middle East extend far beyond the region. Here’s where to focus your defenses.

Apple Fixes WebKit Vulnerability Enabling Same-Origin Policy Bypass on iOS and macOS

IPv4 Mapped IPv6 Addresses, (Tue, Mar 17th)

South Korean Police Accidentally Post Cryptocurrency Wallet Password

CISA Flags Actively Exploited Wing FTP Vulnerability Leaking Server Paths

Weekly Update 495

Free parking in Russia after Distributed Denial-of-Service attack knocks city’s parking system offline

Possible New Result in Quantum Factorization

Android 17 Blocks Non-Accessibility Apps from Accessibility API to Prevent Malware Abuse

ISC Stormcast For Monday, March 16th, 2026 https://isc.sans.edu/podcastdetail/9850, (Mon, Mar 16th)

OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration

Upcoming Speaking Engagements

SmartApeSG campaign uses ClickFix page to push Remcos RAT, (Sat, Mar 14th)

Friday Squid Blogging: Increased Squid Population in the Falklands

Chinese Hackers Target Southeast Asian Militaries with AppleChris and MemFun Malware

Face value: What it takes to fool facial recognition

A React-based phishing page with credential exfiltration via EmailJS, (Fri, Mar 13th)

Initial access techniques used by Iran-based threat actors

March Patch Tuesday visits 15 product families

iPhones and iPads Approved for NATO Classified Data

Rust-Based VENON Malware Targets 33 Brazilian Banks with Credential-Stealing Overlays

Cyber fallout from the Iran war: What to have on your radar

Links

Enterprise Solutions

SMB Solutions

Contact Us

Follow Us