We often find problems with client configurations when we take over jobs, particularly when less-technically-able client try to do-it-themselves. If anyone needs an example as to why getting things set up correctly is difficult, Microsoft made a mistake with a server config and exposed some of their client’s information: Microsoft …
US Cybersecurity and Infrastructure Security Agency security advisories
The US government Cybersecurity and Infrastructure Security Agency (CISA) has issued security advisories for Zimbra and Oracle: CISA Updates Advisory on Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite | CISA Oracle Releases October 2022 Critical Patch Update | CISA
What can you do if you get infected by ransomware?
Fall back and use your ransomware resilient back-up to recover your encrypted information – and hope that your data classification and segregation has protected your most sensitive information from exfiltration and exposure in the public domain. Or you could hope that the Dutch police have recovered the ransomware decryption key …
Continue reading “What can you do if you get infected by ransomware?”
Detecting the undetectable!
Here is some research by Tomer Bar, Director of Security Research at SafeBreach on how they detected some backdoor malware, which was originally designated fully undetectable (FUD) powershell backdoor, but obviously now it is detected. It all starts with a malicious Microsoft Word document, that includes a macro that starts …
My latest article on our training website CyberAwake.co.uk
Yesterday CyberAwake published my article looking at how snippets of information can leak out of a company and aid a threat actor:
