It has been one of those weeks, so let’s catch up with the cyber security advisories from one of my trusted sources, The US government Cybersecurity and Infrastructure Security Agency (CISA). There are alerts for Apple, Cisco and Mozilla products. Cisco Releases Security Advisories for Multiple Products | CISA Apple …
Apple and Google are plugging the same zero-day flaw
Research has now revealed that the cause of the recent Apple and Google zero-day patches was the same software library used by both software giants. Libwebp, a library found in millions of apps, was the source of the vulnerability. Incomplete disclosures by Apple and Google create “huge blindspot” for 0-day …
Continue reading “Apple and Google are plugging the same zero-day flaw”
You cannot see a zero-point font…
The old trick of using a zero-point font in a document to conceal information you do not want to be readily detected by the reader, is being exploited again in a new way. This time it is being used to show Outlook emails as having been safely scanned when in …
Known Exploited Vulnerabilities
Keeping track of the software and hardware you use, that then are discovered to have security flaws in them is important, especially if those flaws are being exploited by threat actors. The quicker you or the people responsible for your cyber security know there are issues, the quicker any available …
Ransomware is back in the news
Ransomware is probably the most serious cyber security threat any organisation has to deal with. The threat actors are relentless with their efforts to infect both targeted victims and victims of opportunity. The usual ways in are a phishing email or infected webpage, with a convincing social engineering message. Here …