Cybersecurity Starts in the Boardroom
Hackers have been actively working to exploit the Spring4Shell vulnerability – now it has been detected in the wild deploying the Mirai botnet. Spring4Shell under active exploit by Mirai botnet herders • The Register CVE-2022-22965 Analyzing the Exploitation of Spring4Shell Vulnerability in Weaponizing and Executing the Mirai Botnet Malware (trendmicro.com) …
Continue reading “Spring4Shell in the wild executing the Mirai botnet”
The ability to sideload apps on an Android device, bypassing any curation in the Google Play Store and the apparent regularity that that app store misses malicious content in Android apps, is an constant cyber security issue for anyone using Android. Here are two recent examples: Android apps with 45 …
Continue reading “Android apps found with hidden malicious functions”
There are reports of hackers exploiting Microsoft Exchange servers, that have not been patched, to distribute spam email infected with IcedID malware. If you do run IcedID on your PC, the malware compromises the security of your machine opening a backdoor for other malware to be injected into your computer. …
Continue reading “IcedID Malware – something you do not want run – so check your Exchange server”
I am frequently asked what I think of DropBox or other method for organisations to share files across the internet with other organisations, often after I have been speaking about Microsoft 365, OneDrive and SharePoint. Possibly after I have mentioned that these services that have, authentication, authorisation and accountability (AAA) …
Recently the security of open source software has been questioned, particularly with respect to Linux vulnerabilities that have a huge impact due to Linux’s use as internet infrastructure. When volunteer coders are keeping the software secure – who takes responsibility. Steps have started to be taken to increase the security …
