Of course the company reports the data security mistake to the Information Commissioner’s Office and takes whatever steps are necessary to fix the problem. They then probably release a press statement explaining how their client’s data security was not impacted by their breach and credit card details etc are safe. …
Android Exploit Needs Patching
I ended last week with an infected Android app, now there is an advisory from CISA to patch a vulnerable Android driver: CISA warns govt agencies to patch actively exploited Android driver (bleepingcomputer.com) NVD – CVE-2021-29256 (nist.gov) Android devices that are used by employees as “BYOD” devices are always difficult …
Let’s finish the week with some Android malware
You have to exercise some control of any Android devices that your team are using for “BYOD”. At the very least educate them in the risk of Android apps even if they are downloaded from the Google Play Store. Rogue apps do get through: Apps with 1.5M installs on Google …
Continue reading “Let’s finish the week with some Android malware”
CISA Security Advisories
Regular readers know that I use the US government Cybersecurity and Infrastructure Security Agency (CISA) website as a reliable source of information on software and hardware vulnerabilities. Ones that impact the organisations we support are escalated to our support team, then I write about those and the rest here, for …
Ransomware and the Phishing Email
There has been some very high profile international cases of organisations getting infected with ransomware. Especially active is the LockBit gang. LockBit ransomware infection hits Japan’s top cargo port • The Register TSMC says IT supplier extorted by LockBit • The Register We should assume these organisations – a world …
