Cybersecurity Starts in the Boardroom
The Cyber Safety Review Board is operated by The Department of Homeland Security and in it’s inaugural report the Log4j vulnerability, spread and exploitation is discussed: CSRB Report on Log4j – Public Report – July 11 2022_508 Compliant (cisa.gov) It makes interesting reading. I wonder just how many developers do …
Continue reading “As predicted Log4j is going to be a problem for a long time”
The US Cybersecurity and Infrastructure Security Agency has added one new vulnerability to it’s Known Exploited Vulnerabilities Catalog for a Microsoft Windows privilege escalation vulnerability – this has been addressed in Microsoft’s July 2022 Patch Tuesday. CISA Adds One Known Exploited Vulnerability to Catalog | CISA
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued several advisories about security patches available from a range of vendors, including Adobe and Citrix: Adobe Releases Security Updates for Multiple Products | CISA SAP Releases July 2022 Security Updates | CISA Citrix Releases Security Updates for Hypervisor | CISA
It is that time again – among the fixes and patches from Microsoft, for July 2022 is one addressing CVE-2022-22047, Windows Elevation of Privilege Vulnerability – according to Microsoft a zero-day flaw that is being exploited by threat actors. For more details see Bleeping Computer’s excellent round-up of Patch Tuesday: …
We have come a long way in cryptography and computing since the Colossus electronic computer, (above), was built at Bletchley Park, during the Second World War, to break the Lorenz cipher. With the advances in computing technology, there is a foreseeable point in the future, possibly only ten years, when …
