Cybersecurity Starts in the Boardroom
Device security has definitely been the theme of this week and I thought this article by Dan Goodin on Ars Technica illustrated the problem of insecure devices – especially routers. Hacked and used by both threat actors and national espionage teams. Hacker free-for-all fights for control of home and office …
Continue reading “Let’s finish the week with another device security article”
This is not the headline you want you want to read, when you have written Microsoft into your cyber security plan as an A1 trusted supplier of services! Hackers exploited Windows 0-day for 6 months after Microsoft knew of it | Ars Technica Mine and your expectations of Microsoft is …
It has emerged that senior executives at Microsoft had their emails hacked and monitored by Russian threat actors for nearly 2 months. Microsoft network breached through password-spraying by Russian-state hackers | Ars Technica The attack was not sophisticated. The threat actors – Midnight Blizzard – using nothing more than a …
I write a lot about patches and updates – that is because they are an important element in any cyber security plan. The quote above from Bruce Schneier sums it up. However not everyone reads my articles or Bruce’s books: Xfinity waited 13 days to patch critical Citrix Bleed 0-day. …
…do you get it checked? It may seem a strange thing to think about, surely the programmers know how to produce secure code? But recent research has shown that even the biggest organisations have coders who continuously leave valuable credentials embedded in their public facing apps. These transgressions often arise …
