I am not going to say much about this – just, insider threat, and you cannot write a policy for idiots! Be careful who you trust. Leaking Military Secrets on Gaming Discussion Boards – Schneier on Security
Active exploit for Follina – the still unpatched flaw in Microsoft Word
Here is another excellent breakdown, with screen shots, of phishing emails exploiting the Microsoft Word/Follina/ms-msdt flaw. Being aware of the types of phishing emails the threat actors use is part of the defence in depth you need to have great cyber security. TA570 Qakbot (Qbot) tries CVE-2022-30190 (Follina) exploit (ms-msdt) …
Continue reading “Active exploit for Follina – the still unpatched flaw in Microsoft Word”
New in the wild malware – SVCReady
Researchers at HP Wolf Security have started to see phishing spam email campaigns deploying a previously unknown malware family SVCReady. The HP security blog has a very good description of the malware and how it works – a bit techie – but towards the end it shows some images of …
Apple and FIDO
Apple will be releasing iOS 16 to the public this autumn, however the developer release was made at Apple’s World Wide Developers Conference 2022. Also announced were an array of forthcoming Apple hardware and software about to be released – what interests me here is that Apple, true to it’s …
Three US Agencies issue an advisory about Chinese threat actors
The Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) have issued a joint advisory about Chinese state sponsored threats. People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices | CISA Chinese threat actors have been detected actively …
Continue reading “Three US Agencies issue an advisory about Chinese threat actors”
