The US government Cybersecurity and Infrastructure Security Agency (CISA) is one of my trusted sources for cyber security information. They have recently added a number of known vulnerabilities to their Known Exploited Vulnerabilities Catalog – including, Veritas Backup Exec, Windows and the recently patched Apple vulnerabilities. CISA Adds Five Known …
Apple updates fix Zero-day flaws
Apple updates have been issued across it’s range of devices to address to address two zero-day flaws discovered in their operating systems. The affected range of devices is extensive but as of writing there have been no reports of active exploitation of the flaws. The best thing to do is …
Fast encryption ransomware
Researchers have discovered a new strain of ransomware malware, they have named Rorschach, which has a very fast encryption engine. New Rorschach ransomware is the fastest encryptor seen so far (bleepingcomputer.com) This makes having a well trained team, who know exactly what to do if they even suspect they may …
Patches are not always available for critical flaws
I write a lot about patches being one of the most important steps in any cyber security plan – a quick search for “patches” on this site will show you how important they are. However you also need more in your cyber security plan than simply software patching as vendors …
Continue reading “Patches are not always available for critical flaws”
I just love this cyber security story…
This is all just academic research (at the moment) but here is a story about exploiting the range of voice assistants, Siri, Google Assistant, Alexa and Cortana, using voice commands, issued from one device, that are inaudible to the human owners, but can activate another device. To do what? Here …
