Zero-day software vulnerabilities are an issue for every vendor – how quick they react to them when they eventually find out they have a problem will be a key part of the risk in your cyber security planning. Google seems to get on this issue really quickly – as far …
Phishing Primer – Social Engineering (pt. 1)
Just because it is me, I am going to start this Back-to-Basics mini-series by not talking about phishing emails but looking at a key component of a malicious email attack – social engineering. So what is Social Engineering? In its most basic form, it is the advertising we are all …
Continue reading “Phishing Primer – Social Engineering (pt. 1)”
Ahead of Microsoft’s Patch Tuesday – Apple Patches
You need to check these have been done on any iOS or macOS device that handles your organisation’s sensitive data. Johannes Ullrich on SANS INternet Storm Centre has an excellent summary of the updates: Apple Patches Everything: macOS, iOS, iPadOS, watchOS, tvOS updated. – SANS Internet Storm Center Auto-updates are …
Continue reading “Ahead of Microsoft’s Patch Tuesday – Apple Patches”
How to deceive an LLM AI
Bruse Schneier has an excellent article on how large language model AIs are being maliciously manipulated because of an old-style vulnerability being exploited. AT&T was probably the first organisation hit by such an attack that exploits systems that use the same channel for both data and commands. Back in the …
Email problems in the Channel Islands
Guernsey’s Data Protection Commissioner Brent Homan has published a report showing that the leaking of personal data on the island has risen. More than 1,000 people affected by data breaches – BBC The Office of the Data Protection Authority (ODPA) says over 1500 people have been impacted. The reported stated …
