CISA issues security advisories across a range of popular products

It has been a busy couple of days at the US Cybersecurity and Infrastructure Security Agency as they issue a range of security advisories: Drupal Releases Security Update | CISA Microsoft Releases Guidance on Zero-Day Vulnerabilities in Microsoft Exchange Server | CISA Cisco Releases Security Updates for Multiple Products | …

CISA adds three vulnerabilities to the Known Exploited Vulnerabilities Catalog

The US Cybersecurity and Infrastructure Security Agency has added three known exploits to its Known Exploited Vulnerabilities Catalog – this list should be seen as a “Must Patch Now” list. Two of the exploits are for Microsoft Exchange are being actively exploited: CISA Adds Three Known Exploited Vulnerabilities to Catalog …

The Insider Threat – it may be at the top of the company…

I wrote about the insider threat to organisations last week: And today there is a story with an insider threat twist. The president of a Japanese Sushi company, Kobi Tanabe, has been arrested and accused of accessing information from his previous employer, through contacts and sub-ordinates who still work there. …