Cybersecurity Starts in the Boardroom
Keeping your software up to date is important for all of us – doubly so if you are the people producing the code: GitLab ‘strongly recommends’ patching critical RCE vulnerability (bleepingcomputer.com)
Collecting (stealing) credentials is a favourite pastime of threat actors – either to break into accounts directly or to add them to their credential stuffing attacks (looking for those people who reuse passwords) or just to sell on the dark web! Here they are doing it to users of the …
Continue reading “Credential theft – where the threat actors start and some advice”
The issue of a trusted insider betraying a trust either maliciously or for commercial gain is a problem we often discussed at university and never really came up with an answer. You need trusted people for any business to operate – you should use the “principle of least privilege” to …
The US Government’s CISA has released a range of security advisories, including updates required for VMware: VMware Releases Security Update | CISA CISA Updates Advisory on Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite | CISA CISA has also been issuing advice for industrial systems. If you use these …
Continue reading “US Cybersecurity and Infrastructure Security Agency security advisories”
Because it can be compromised and spread malware to you. Pirated 3DMark benchmark tool delivering info-stealer malware (bleepingcomputer.com) Just don’t do it. If you need a utility for free, try this site: PortableApps.com – Portable software for USB, portable, and cloud drives I do not guarantee the security of any …
Continue reading “Why pirated software is not a good idea and PortableApps are.”
