The US Cybersecurity and Infrastructure Security Agency has released a security advisory for Cisco software: Cisco Releases Security Update for Cisco Identity Services Engine | CISA
A phishing email leads to a £4.4m fine
I write a lot about phishing emails and social engineering attacks, because it is probably the way threat actors could most easily get malware inside your defences and from there compromise your security, your information and ultimately your wallet! The Berkshire based construction company, Interserve Group Ltd, with an employee …
CISA security advisories
The US Cybersecurity and Infrastructure Security Agency is a good source of cyber security information – which is why I try and pass on those that are relevant to my readers. Here are two of the latest: Their Known Exploited Vulnerabilities Catalog is a resource for tracking flaws and issues …
Mis-configuration – a common mistake many organisations make when setting up their cyber security – including Microsoft!
We often find problems with client configurations when we take over jobs, particularly when less-technically-able client try to do-it-themselves. If anyone needs an example as to why getting things set up correctly is difficult, Microsoft made a mistake with a server config and exposed some of their client’s information: Microsoft …
US Cybersecurity and Infrastructure Security Agency security advisories
The US government Cybersecurity and Infrastructure Security Agency (CISA) has issued security advisories for Zimbra and Oracle: CISA Updates Advisory on Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite | CISA Oracle Releases October 2022 Critical Patch Update | CISA
