If you cannot view this email please click here



Hacking Cloud Compliance Reviews

Computing Security Awards

The 2019 Computing Security Awards, which took place at the Leonardo Royal Hotel, London City by Tower Bridge, were a huge success, with this packed-out prestige venue seeing the achievements of the industry’s top organisations and individuals rightly celebrated. To see who won what – and lap up the atmosphere of a truly gala occasion : https://www.computingsecurityawards.co.uk

Industry Insight

Bring your devices, not your problems

When staff bring their own devices into work, security can be greatly compromised. Rob Allen, director of marketing & technical services, Kingston Technology Europe, looks at how to meet this challenge

main headline

Editor's Focus

Ransomware strikes entire cities

Governments and healthcare organisations have now become key targets in an increasingly aggressive campaign of ransomware attack

main headline

Master Class

Understanding Data Loss Protection

Steve Watts, CEO of SecurEnvoy, A Shearwater Group plc Company, offers his insights on how the ideal DLP solution can protect all categories of valuable data

main headline

Biometric Challenge

Put to the test

The rise of biometrics has brought a rise in hackers trying to fool the system, using spoofs or fake biometrics. Could compulsory standardised testing be the answer?

main headline

Force United

Joining forces in fightback

Email and data security company Mimecast has launched a Cyber Alliance Program designed to align security vendors into an extensive cyber resilience ecosystem

main headline

Perfect Partners

Winning ways

When the UK's largest commercial FTSE 100 property company went in search of a technology partner to deliver at the highest level, it turned to OryxAlign

main headline

Upsides and Downsides

Riding the learning curve

Artificial Intelligence (AI) applies Machine Learning (ML), deep learning and other techniques to solve actual problems. But there are downsides, too

main headline

Held to Ransom

Smoke - with lots of fire!

When a ransomware attack takes place, losses can be measured in millions of dollars and thousands of hours of remediation work. Yet relatively simple measures can prevent most of these

main headline

Product Review

Libraesva Email Archiver

Libraesva has a strong pedigree in the email security market and our independent review says that its latest Email Archiver comes up trumps

main headline

SecurEnvoy SecureIdentity DLP

SecurEnvoy, a pioneer in the field of multi-factor authentication (MFA), has turned this expertise to identity, access and data security management – to great effect

main headline


Deployed as a SaaS (software as a Service) solution, edgescan delivers an innovative 'bionic' defence that powerfully combines machine automation with human intelligence

main headline

Welcome to the November 2019 issue of the Computing Security Newsletter.

We’ve long come to recognise that no one is safe from attacks on line and that there are no boundaries beyond which perpetrators will not go. So, it wasn’t at all surprising when an ongoing phishing campaign recently targeted the United Nations and several humanitarian aid organisations, including UNICEF and UN World Food using landing pages impersonating legitimate Microsoft Office 365 login pages.

The campaign has been actively launching attacks since March 2019, according to researchers at Lookout Phishing AI, with the two domains used to host the phishing toolkits and related content being associated with an IP network block and an ASN (Autonomous System Number) that were also used by threat actors to deliver malware in the past.

Among other beleaguered organisations in this phishing campaign, the attackers attempted to steal user credentials from the United Nations Development Programme, the Heritage Foundation, the International Federation of the Red Cross and Red Crescent Societies, and the United States Institute of Peace.

The attackers also use SSL certificates to further increase the illusion that their landing pages are legitimate Microsoft Office 365 login pages. Out of all the certificates used so far in this campaign, the researchers found that only six of them were still valid until mid or late November, a possible clue pointing to the attacks that are still active.

"All major browsers will alert users about the use of expired SSL certificates. As these warnings are very clear (and in fact often hard to dismiss) it would be near impossible to entice a user to enter their login credentials on a site that uses an expired certificate," Lookout says. "As a result, expired SSL certificates observed on some of the phishing sites can provide insight into the time period of the attack." To make sure you get your copy of the Newsletter emailed to you personally, every time, click here to register.

Brian Wall, Editor
Computing Security

Follow us :




To unsubscribe click here See our Privacy Policy here

Published by: BTC 35 Station Square Petts Wood BR5 1LZ

Tel: +44 (0) 1689 616 000
Fax: +44 ( 0) 1689 826 622