Pelion Consulting

The Maritime and Port Authority of Singapore (MPA) signed a memorandum of understanding (MoU) with Microsoft on 29 July 2024 to collaborate in innovative technologies including cloud computing, artificial intelligence (AI), data analytics, robotics, and cybersecurity, to support the adoption and development of digital and green solutions for the maritime industry. #MaritimeInnovation #Cybersecurity #DigitalTransformation #GreenMaritime #MPACollaboration #PelionCyberSecurity #MicrosoftPartnership

CrowdStrike is being sued by shareholders after a faulty software update by the cybersecurity firm crashed more than eight million computers and caused chaos around the world. The lawsuit accuses the company of making "false and misleading" statements about its software testing. It also says the company's share price dropped 32% in the 12 days after the incident, causing a loss in market value of $25bn (£14.5bn). CrowdStrike denies the allegations and says it will defend itself against the proposed class action lawsuit. #CrowdStrikeLawsuit #ShareholderLawsuit #CybersecurityOutage #GlobalOutage #PelionCyberSecurity #DataSecurity #CorporateResponsibility

Meta to pay $1.4 billion to settle Texas facial recognition data lawsuit #MetaLawsuit #FacialRecognition #DataPrivacy #PrivacySettlement #TexasLawsuit #PelionCyberSecurity #DataProtection

Personal details of millions of UK voters were left "vulnerable to hackers" because passwords were not changed and software not updated, the UK's data privacy watchdog has found. The Electoral Commission, which oversees UK elections, has been formally reprimanded by the Information Commissioners Office (ICO) over the security lapse. Beginning in August 2021 cyber-attackers were able to access computers containing the Electoral Registers, which hold details of voters including millions of those not available publicly. The Electoral Commission said it regretted that sufficient protections were not in place to prevent the cyber-attack. "As the ICO has noted and welcomed, since the attack we have made changes to our approach, systems, and processes to strengthen the security and resilience of our systems and will continue to invest in this area," it said in a statement. The investigation did not find any evidence that personal data was misused, or that any direct harm has been caused by the attack. The ICO said hackers had access to the Electoral Commissions' systems for over a year. It was only spotted when an employee reported that spam emails were being sent from the commission's own email server. The hackers were eventually booted out in 2022. The UK government has formally accused China of being behind the attack on the commission, claims the Chinese embassy rejected as "malicious slander". #VoterDataBreach #CyberSecurityBreach #DataProtection #ElectionSecurity #PelionCyberSecurity #HackerAttack #DataPrivacy

🔒 UNDERSTANDING YOUR RISK 🔒 Are your IT and OT interfaces secure? At Pelion Cyber Security, we specialize in identifying, analyzing, and evaluating risks to ensure your systems and information are managed and controlled effectively. By understanding the Likelihood vs Risk of various scenarios, we help protect your business from potential threats. 📋 ASSET REGISTER 📋 With our comprehensive Asset Register methodology, we assess risk exposure both before and after implementing protection measures. This proactive approach significantly reduces the likelihood of cyber-attacks, safeguarding your critical infrastructure. ⚠️ REASONABLE RISK ⚠️ "Everything connected to the network, even if it's not." We identify and secure all information assets—networks, hardware, systems, business data, passwords, and operational technology. By tracking and documenting everything on your network, we help you understand and mitigate potential threats to your business systems, owners, and employees. 📞 Contact Pelion Cyber Security Today! 📞 For expert assistance in implementing a full asset register, tracking everything on your network, and fully understanding the risks associated with each item, reach out to us now. Protect your business with Pelion Cyber Security! Stay informed. Stay protected. @Pelion Consulting - LinkedIn @pelioncybersecurity - Instagram @pelioncybersec - Facebook @CyberPelion - X pelion-consulting.com #PelionCyberSecurity #CyberSecurity #RiskManagement #AssetRegister #InformationSecurity #CyberProtection #NetworkSecurity #OTSecurity #ITSecurity #DataProtection

A number of notable governments have announced plans to upgrade their cyber defences as the risk of cyberattacks rises globally. In the Indo-Pacific region, representatives from the governments of Japan, Australia, India and the US recently met in Tokyo to discuss the threats posed by China to both cybersecurity and maritime safety in the region. Elsewhere, the UK has been described as “desperately exposed” to cyber threats, according to the government’s Science Secretary Peter Kyle (via The Guardian). #Cybersecurity #GlobalThreats #GovernmentSecurity #CyberProtection #NationalSecurity #PelionCyberSecurity #DataProtection

An unknown threat actor has been linked to a massive scam campaign that exploited an email routing misconfiguration in email security vendor Proofpoint's defenses to send millions of messages spoofing various popular companies like Best Buy, IBM, Nike, and Walt Disney, among others. "These emails echoed from official Proofpoint email relays with authenticated SPF and DKIM signatures, thus bypassing major security protections — all to deceive recipients and steal funds and credit card details," Guardio Labs researcher Nati Tal said in a detailed report shared with The Hacker News. The cybersecurity company has given the campaign the name EchoSpoofing. The activity is believed to have commenced in January 2024, with the threat actor exploiting the loophole to send as many as three million emails per day on average, a number that hit a peak of 14 million in early June as Proofpoint began to enact countermeasures. "The most unique and powerful part of this domain is the spoofing method – leaving almost no chance to realize this is not a genuine email sent from those companies," Tal told the publication. "This EchoSpoofing concept is really powerful. It's kind of strange it is being used for large-scale phishing like this instead of a boutique spear-phishing campaign – where an attacker can swiftly take any real company team member's identity and send emails to other co-workers – eventually, through high-quality social engineering, get access to internal data or credentials and even compromise the entire company. #ProofpointFlaw #PhishingEmails #EmailSecurity #CyberAttack #Spoofing #PelionCyberSecurity #DataBreach

The Apple Vision Pro is the newest tool for Australians to access three-dimensional, immersive online environments, also known as the metaverse. Released in Australia earlier this month, it allows users to take a (virtual) walk in the savanna from their living room, watch sports matches in an immersive environment, or even buy a house after completing a virtual inspection. But these new online environments also have the potential to enable new crimes. Metacrimes are those crimes occurring in the metaverse. They challenge our definitions of crimes in the digital realm, because they do not fit into existing frameworks of reporting and investigating crime. Our new study tackles this problem by shedding light on the key characteristics of metacrimes. And by understanding these crimes better, we will be better able to fight them. #Metacrimes #CyberCrime #CyberSecurity #DigitalSafety #PelionCyberSecurity #OnlineThreats #TechEthics

The shipping sector is reportedly facing a spike in cyberattacks tied to state-sponsored hackers. The industry saw at least 64 cyber incidents last year, the Financial Times reported Saturday (July 27), citing research by the Netherlands’ NHL Stenden University of Applied Sciences. That study found that there were three such incidents in 2013 and zero in 2003. More than 80% of the incidents logged since 2001 that involved a known attacker originated in Russia, China, North Korea or Iran, the study showed. “The international rules-based order … the great system [that benefited shipping] since the second world war is under threat like never before,” Guy Platten, secretary-general at the International Chamber of Shipping, which represents shipowners controlling about 80% of the world’s commercial fleets, told the FT. The report also noted that shipping experts are warning that the industry — which has since its infancy dealt with the physical threat of pirates — is not prepared for the online variety. “IT spend in the maritime sector is pretty low,” said Stephen McCombie, a maritime IT security professor at NHL Stenden. Shipowners, McCombie added, “are looking for people with maritime knowledge and cybersecurity knowledge,” though that is not a large group. #PelionCyberSecurity #ShippingIndustry #Cyberattacks #MaritimeSecurity #WWIIThreatLevel #CyberThreats #GlobalTradeSecurity

New research from Appsbroker CTS has shown that despite increased investment in cybersecurity, a significant number of IT leaders in the UK feel less secure now than they did a year ago. In a survey of 150 IT and security decision-makers, over 87% said that security risks keep them awake at night. The report, titled “Tipping the cyber scales: How defenders can get back in the game,” highlights the top five concerns: ransomware, lack of visibility, identity misuse, misconfiguration, and vulnerabilities. The survey data revealed that 90% of respondents believe the risk and severity of cyber-attacks have increased over the past year. Furthermore, 61% stated that the attack surface is now 'impossible to control'. There is also considerable anxiety surrounding emerging technologies, with 79% worrying that innovations such as GenAI are 'changing the game' and leaving them unprepared. Despite 97% of IT leaders reporting an increase in their cybersecurity investments, more than half still feel less secure today than they did a year ago. Specifically, 61% are not confident that their current level of investment will be sufficient to reduce their overall risk. Ed Russell, CISO Business Manager at Appsbroker CTS, acknowledged the challenging landscape, stating, “As cyber attacks become more frequent, advanced and insidious, continually evolving your cybersecurity measures is the only way to protect against an ever-changing threat. This starts with knowing which investments are having the biggest impact on reducing the attack surface and mitigating risk.” One notable finding from the report is the pervasive sense of defeat among IT leaders. According to the research, 71% believe that any company claiming to be secure is lying to itself, and 57% think that cyber criminals will keep winning irrespective of investment in cybersecurity. This sentiment highlights a potentially demoralising outlook for businesses striving to safeguard their digital assets. #PelionCyberSecurity #UKIT #CybersecurityConcerns #ITLeaders #SecurityInvestments #TechSecurity #CyberThreats