The release says one vulnerability, but if you check there are two, for Microsoft and Fortinet. CISA Has Added One Known Exploited Vulnerability to Catalog | CISA
Yesterday was Patch Tuesday for Microsoft
So, everyone knows what that means, for the users, slow internet connections as we all gather in those vital updates, for the administrators, checking what needs to be done and checking that it has happened – including checking that the users have not skipped the updates because they are too …
Continue reading “Yesterday was Patch Tuesday for Microsoft”
A series on the Insider Threat – and your first tip on dealing with it!
Recently I have covered a couple of incidents that revolve around a betrayal of trust – often called the insider threat: The Insider Threat – it may be at the top of the company… – Smart Thinking Solutions The Insider Threat and $250,000 – Smart Thinking Solutions This got me …
Continue reading “A series on the Insider Threat – and your first tip on dealing with it!”
Why do I write so much about Social Engineering and Phishing Attacks?
Because for the effort the threat actors put in, the returns can be very high, so it is worth their while sending out billions of malicious messages to see who they can catch. It could be you… Now in the age of online “as-s-service” software, it has become even easier …
Continue reading “Why do I write so much about Social Engineering and Phishing Attacks?”
Supply Chain slip up… Something like this could easily happen to you…
It is actually a serious cyber security incident, with many questions for Toyota to answer. An outsourced developer left crucial security information, that could have exposed hundreds of thousands of customer records on a public facing repo on GitHub. This was done in 2017 and only discovered in September 2022, …
Continue reading “Supply Chain slip up… Something like this could easily happen to you…”