It has been one of those weeks, so let’s catch up with the cyber security advisories from one of my trusted sources, The US government Cybersecurity and Infrastructure Security Agency (CISA). There are alerts for Apple, Cisco and Mozilla products. Cisco Releases Security Advisories for Multiple Products | CISA Apple …
Apple and Google are plugging the same zero-day flaw
Research has now revealed that the cause of the recent Apple and Google zero-day patches was the same software library used by both software giants. Libwebp, a library found in millions of apps, was the source of the vulnerability. Incomplete disclosures by Apple and Google create “huge blindspot” for 0-day …
Continue reading “Apple and Google are plugging the same zero-day flaw”
Writing software is hard
Writing code for today’s sophisticated software is hard and no matter how careful the vendors are, how many beta and alpha testers they have, errors will always slip through. If those errors compromise the user’s security, you can bet a threat actor will discover them and exploit them. It is …
You cannot see a zero-point font…
The old trick of using a zero-point font in a document to conceal information you do not want to be readily detected by the reader, is being exploited again in a new way. This time it is being used to show Outlook emails as having been safely scanned when in …
Realistic Cyber Security – “Out of the mouths of AI”
I am very keen on the work of Bruce Schneier and his stuff pops up here on Smart Thinking from time to time – including this article by Diana: And this quote that I often use when writing about patches and updates: I was interested when on his blog, Bruce …
Continue reading “Realistic Cyber Security – “Out of the mouths of AI””
