The US government Cybersecurity and Infrastructure Security Agency (CISA) has issued security advisories for Zimbra and Oracle: CISA Updates Advisory on Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite | CISA Oracle Releases October 2022 Critical Patch Update | CISA
What can you do if you get infected by ransomware?
Fall back and use your ransomware resilient back-up to recover your encrypted information – and hope that your data classification and segregation has protected your most sensitive information from exfiltration and exposure in the public domain. Or you could hope that the Dutch police have recovered the ransomware decryption key …
Continue reading “What can you do if you get infected by ransomware?”
Detecting the undetectable!
Here is some research by Tomer Bar, Director of Security Research at SafeBreach on how they detected some backdoor malware, which was originally designated fully undetectable (FUD) powershell backdoor, but obviously now it is detected. It all starts with a malicious Microsoft Word document, that includes a macro that starts …
My latest article on our training website CyberAwake.co.uk
Yesterday CyberAwake published my article looking at how snippets of information can leak out of a company and aid a threat actor:
Microsoft updates – not on Patch Tuesday
The issues with Microsoft’s Windows SSL/TLS handshake failures is too important to wait for next month’s Patch Tuesday: Microsoft fixes Windows TLS handshake failures in out-of-band updates (bleepingcomputer.com)
