Category Archives: business

BA fined record £20m for customer data breach

Personal details of more than 400,000 customers accessed by hackers in 2018

A £183m fine levied on British Airways for a data breach has been reduced to £20m after investigators took into account the airline’s financial plight and the circumstances of the cyber-attack.

The £20m fine is nonetheless the biggest ever issued by the Information Commissioner’s Office (ICO), following the 2018 incident in which more than 400,000 customers’ personal details were compromised by hackers.

Continue reading...

Bank of England paid £3m in ‘golden goodbyes’ over 15 months

Rise in settlements in 2019 included those paid to departing tech security staff shortly before major breach

The Bank of England paid departing staff almost £3m in “golden goodbyes” over 15 months, at the same time as an exodus of workers from its information security team.

Settlement payments to former staff surged to £2.3m in 2019, according to data provided to the Guardian under freedom of information laws. The Bank confirmed that former information security staff received some of the payments.

Continue reading...

Smartwatch maker Garmin hit by outages after ransomware attack

US company forced to shut down call centres, website and some other online services

Garmin has been forced to shut down its call centres, website and some other online services after a ransomware attack encrypted the smartwatch maker’s internal network and some production systems.

The US company shut down services including the official Garmin website and all customer services, including phone lines, online chat and email.

Related: The five: ransomware attacks

Ransomware is the most common form of criminal malware currently in use. Targets are commonly infected through malicious emails, which may trick them into downloading and running the software, or through exploiting vulnerabilities in other software such as Adobe Flash. When the ransomware program is activated, it encrypts the user’s hard drive with a single use encryption key, before flashing up a message asking for ransom, typically in the form of a payment in the cryptocurrency Bitcoin.

Continue reading...

EasyJet hacking attack: are you affected and what should you do?

The airline has said the personal information of 9 million customers has been compromised

EasyJet revealed on Tuesday it had suffered a “highly sophisticated” cyber-attack. It comes at a time of heightened concern about a surge in online and phone scams linked to the coronavirus pandemic.

Related: EasyJet reveals cyber-attack exposed 9m customers' details

Continue reading...

EasyJet reveals cyber-attack exposed 9m customers’ details

Airline apologises after credit card details of about 2,200 passengers were stolen
Q&A: are you affected and what should you do?

EasyJet has revealed that the personal information of 9 million customers was accessed in a “highly sophisticated” cyber-attack on the airline.

The company said on Tuesday that email addresses and travel details were accessed and it would contact the customers affected.

Continue reading...

Working From Home: Building Your Own Setup

This is the fifth week my company (Yoroi) and I are working from home (covid-19). While every company process is running smooth and fast, personal quarantine is getting quite long and heavy especially if you are accustom to travel a lot for working purposes. Under these circumstances home office setup becomes very important as you should be comfortable in delivering as much as you did while sitting in your perfectly fitting office. Moreover during the past few weeks I received many emails and private messages from people like me asking about personal suggestions on home setup. So I decided to write up a little blog post on my personal suggestions about home setup for remote workers.

First: What you do.

My personal home desk changed a lot during the years. On one hand new technology became available but on the other hand (and mostly important) my role and interests changed a lot over time. I started with a super-nerd home setup while I was in college, including soldering irons, desoldering air heater, Arduino boards all over the shelves, Raspberry with many cover flavors, three monitors one of them vertical oriented (for reading documentation), black screen and mechanical keyboards. This environment was fitting my needs in that specific time, but it would not fit my current needs. The first thing that you should do in refactoring your own home desk is to understand what you do. Not what you would like to do, but rather what you do. Before starting surfing on gadget websites, just focus on what you are doing on daily basis. A developer and a Malware analysts share few needs but their environments wont be closed each other. If you are a CXX your environment will look definitely different respect to your IT-Manager !

Second: Less is more.

I know many of you wont agree with this paragraph but in my personal point of view: “less is more” (cit. Mies). As many objects populate your desk as higher is the probability to get distracted from them. I tended to have books on my desks, and every time I watched them I took my mind to that story or to what the book gave me in term of knowledge and.. this was really distracting me. 6 things are my minimal and best setup. A Laptop, a Mouse, a Mechy keyboard, headphones, a big monitor and my phone.

Home SetUP

Monitor

Talking about monitor I would suggest a single big one. I used to have multiple monitors on my desk and it is amazing to see how many parallel tasks you would keep on them, but many parallel tasks does not necessary mean higher productivity. In my experience I noticed that it’s best to focus on 3 or 4 parallel tasks not more. So a big screen managed by a great window managed (see software section) would help you in not exaggerate on multiple tasks. However if you are a developer an additional vertical screen would definitely help you in consulting StackOverflow, GitHub and Documentations. In many other cases, I personally wont suggest more than two displays. My favorite size is 27″ and I do prefer “border less” monitor with adjustable “neck” in order to move it depending on chair position. Actually one of my favorite is SAMSUNG SR75 4K UHD Space Monitor, it is Ultra HD, great looking and very minimal in space, so you would have much more space for your arms.

Keyboard

Mechanical keyboard is a little pleasure of life. If you are a writer it is definitely a “mush have” while if you are a developer or a malware analyst it’s mostly a fashion. Contrary if you are a penetration tester or a adversarial simulator you would probably appreciate more foldable keyboards or if you are in IT guy you would probably love small and tiny keyboards light and easy to carry between racks on “work in progress” data-centers. Like in monitor ecosystem keyboard is a humongous world where there is not a “best in class” ever, there is what “you like most”. In my case I do love Varmilo keyboards since they allow many quite interesting customizations. Ergonomic plays a fundamental role in keyword choice, but even the most ergonomic keyboards could harm you if you have not a good body posture, so before getting into a very fancy ergonomic keyboard (like the most famous one HERE) try to correct your body posture.

Mouse

Mouse is one of the most used artifact that you will be touching since you sit on your comfortable chair, so you need to put the right attention on what you choose. While Kensington trackball mouse (here) is definitely my personal suggestion, I do not use it. Since I used to travel a lot during my normal working weeks I can’t carry it back and forth from travels. It’s a trackball is not comfortable to be moved at all. So I decided to take a small but yet nice mouse. If you are used to travel a lot like me, you would probably appreciate a Bluetooth mouse with no cables on the bag (remember less is more). The mouse should be small in size and light. I would suggest having a hard (metal) and mechanical wheel with strong inertia in order to give you back a nice scrolling feeling. One of my favorite is definitely the Logitech MX everywhere 2.

Computer

This would be the most important choice, indeed it could be quite easy to change monitor or a mouse, but chaining your PC it would be much more challenging (and expensive). Depending on what you are doing on your daily basis you would have many many choices. So let’s start from the mobility. In my case I move a lot between my offices and where I go I used to have external monitors, so I prefer small laptops. My principal tasks are between malware analysis (most for fun) and management (most for work), so I need many virtual machines (most for fun) and many chrome tabs (most for work). High performances in terms of SSD, CPU and RAM are required (virtualization and Malware analysis tool sets) . If you are a podcaster or a youtuber your would need an high performance graphic processor (especially if you post-process video) , if you are a writer you would probably love to write “around the globe” (not in a small cold office) so you would love a light laptop or if you are a developer or content designer you would probably love a MAC 😀 (just kidding you). My favorite so far is the RazerBlade Stealth 13″ which has incredible performances. Touchscreen monitor and retina display, beyond i7, 16GB ram and 500GB SSD. Generally speaking if you are looking for a PC and not for a MAC I would definitely suggest to take a look to one of the following tiny little but powerful laptops such as: Dell XPS 13, HP Spectre and ASUS ZenBook.

Headphones

If you are a music lover, well you’d better jump this section. I don’t use headphones for high quality music listening but rather for conferences and calls. However from time to time I love focusing by listening my favorite playlist so I had to figure-out what, in my personal point of view, could be a good arrangement. My best compromise was Jabra Move. If you don’t need music (or if you have a separate headphones for listening to music) having two “covered” ears (in term of stereo) could be quite annoying since it’s not so natural talking without having the right feel of your natural voice (with stereo headphone your voice is quite muffled). On the other hand if you want to listen to the music, definitely you cannot do with a mono headphone. Jabra Move looks like having a nice sound quality and nice integrated microphone, so that you could easily switch between conferences and music without changing hardware.

Software

First of all let me explain why I am crazy about window managers. When you get into the productivity world, having a well-configured system with personal shortcuts is not only a way to speedup the boring tasks (open windows, resize windows, create multi-desktop environments, open up the usual web pages for reading, download stuff and place it on the right folder, saving bookmarks, etc etc) it is actually a way to organize your entire day. As many patterns are available for eMail management (I do prefer the zero-inbox pattern, even if I don’t truly succeed in using it) many are available for virtual desktop management. While I was used to manage virtual desktop by functionality (and this works pretty well on MAC OS systems) on a my Linux box I prefer keeping virtual desktops by projects. So yes, I do have many duplicated applications running but specialized on a specific topic. Questionable, I know… but in this way I feel much more confident since I prefer to classify my work into projects rather than on functionalities over multiple virtual environments. Anyway, a great window management would definitely help you out. I’ve always been fascinated in using i3 tiling windows manger but I was always skeptical in the startup phase: on one hand the time to become fluent in i3 and on the other hand the installation procedure and configuration time was kind killing me. But recently I met regolith which change my way to thing window managers. Today I definitely would suggest you to try it at least for one week.

While a lot of ToDo-list software are available out there, I do prefer the simple Todo.txt. It is damn simple, you can access it from multiple devices, it has a command line, it could manage priorities and… it has a command line !! (did I already mentioned ). If you are a more “web oriented” guy, I would suggest you Trello-CLI, but really not more than that.

One of my favorite editor is VIM. But I am not an “old school guy”, I just love the many many plugin available for it and how you can transform it !

VIM Configuration

Once you’ve learned to dominate VIM you don’t need any editor ever, VIM is everywhere and you might customize it in a very quick and fast way. If you like how my VIM looks like HERE my configuration file, feel free to grab and use it if you wish.

Conclusion

I don’t think there would be a definitive setup. It will change over time depending on your needs. You might need electronic boards and soldering irons or a simple laptop at all. It really depends on what you are doing and what are the deliverables you are working on. In this “unusual” (at least for my corner) post I wanted to answer to many questions on the “perfect home setup” that came to me in the past three weeks. Actually I have my “perfect” setup which I’ve shared with you, but I am sure it will change over and over again even if it has changed a lot in the past few years. The only real suggestion that I’d like to appoint is: “Less is More”. Few things you hold on your desk few distraction-points you would have and faster would be your deliverable.

Have fun and #StayAtHome

Morrisons not liable for massive staff data leak, court rules

UK supreme court says retailer not to blame for actions of employee with grudge

The UK’s highest court has ruled that Morrisons should not be held liable for the criminal act of an employee with a grudge who leaked the payroll data of about 100,000 members of staff.

The supermarket group brought a supreme court challenge in an attempt to overturn previous judgments which gave the go-ahead for compensation claims by thousands of employees whose personal details were posted on the internet.

Continue reading...