The US government Cybersecurity and Infrastructure Security Agency (CISA) has added a Microsoft Office/Windows HTML vulnerability to its Known Exploited Vulnerabilities Catalog. CISA Adds One Known Exploited Vulnerability to Catalog | CISA And from Microsoft: Storm-0978 attacks reveal financial and espionage motives | Microsoft Security Blog
Phishing this is how the malware gets in!
I’ll start this story with an example of a phishing attack run by one of the Russian sponsored hacking groups currently involved in the Russian Ukraine conflict. You are not likely to be one of their carefully selected targets but it illustrates how other threat actors operate. The group is …
Continue reading “Phishing this is how the malware gets in!”
Cyber Security Advisories
The US government Cybersecurity and Infrastructure Security Agency (CISA) has issued notices for updates for the products. Cisco Releases Security Update for SD-WAN vManage API | CISA Juniper Releases Multiple Security Updates for Juno OS | CISA You probably do not use these, but do you or someone in your …
Get that patching done
CISA – The US government Cybersecurity and Infrastructure Security Agency – is one of my trusted sources of information when it comes to software and firmware vulnerabilities and patching. Patching It is the week of Microsoft Patch Tuesday – here is the CISA advisory for Microsoft products: Microsoft Releases July …
NHS Data Breach – Trust or trust?
Barts Health NHS Trust is one of the largest in the country – and it’s cyber security has been breached by the BlackCat ransomware gang. Some of the data has already been leaked as a “proof of breach” to the Trust and to the members of staff whose data, held …
