There you go – we cannot get away from cyber security patches and updates… Apple has issued updates for just about everything, addressing over sixty vulnerabilities, one of which is being exploited. Apple security releases – Apple Support Your Apple devices should be set to auto-update, but you should let …
Stuck on updates!
I admit I write about updates a lot – but they are important, as illustrated by the chaos caused by CrowdStrike. You cannot live without them and sometimes you cannot live with them. I often use this slide, quoting Bruce Schneier, when I write about updates – you are guaranteed …
A new week in cyber security news…
After all the “excitement” of CrowdStrike last week, let’s start this week with some good old fashioned bad news cyber security research. Secure Boot is completely broken on 200+ models from 5 big device makers | Ars Technica Let’s get a definition of Secure Boot from Copilot AI: “Secure Boot …
Because It’s Friday – Sorry
I was going to avoid CrowdStrike in today’s “Because It’s Friday”, which is why I ran this on Wednesday: In the aftermath of CrowdStrike… Sharks! But then Randall Munroe got involved on xkcd: xkcd: CrowdStrike If you want something that is not “Global IT Outage” related, this is what this …
Putting the effort in – 3000 fake accounts
Hackers known as “Stargazer Goblin” running a network called Stargazers Ghost Network have been distributing malware, in particular info-stealing malware via over 3,000 fake accounts on GitHub. Over 3,000 GitHub accounts used by malware distribution service (bleepingcomputer.com) Using these accounts, compromised WordPress websites and relying on GitHub’s reputation as trusted …
Continue reading “Putting the effort in – 3000 fake accounts”
“Part of your incident response has to be the message to your stakeholders.”
This is a quote from our promotional material about creating incident response plans. CrowdStrike If you cause a Global IT Outage you had better have a message that is better than a $10 Uber Eats voucher: CrowdStrike backlash over $10 apology voucher for IT chaos – BBC News Your Takeaway …
Continue reading ““Part of your incident response has to be the message to your stakeholders.””
Not CrowdStrike – Kombat Hamsters
Not all the news this week is going to be about a global company messing up their updates! Threat actors are always looking for the quickest and easiest way to reach the greatest number of victims – that is how their “business model” works! So exploiting a game with 250 …