Cybersecurity Starts in the Boardroom
This is another good resource from the US government Cybersecurity and Infrastructure Security Agency (CISA). Vulnerabilities for Fortinet, Citrix have been added but also for Microsoft Defender and Veeam Backup both of which are vital tools in the fight against threat actors: CISA Adds Five Known Exploited Vulnerabilities to Catalog …
Continue reading “CISA adds five vulnerabilities to the Known Exploited Vulnerabilities Catalog”
Other companies gather around Microsoft’s Patch Tuesday and issue their updates round and about the same time and there are also the critical patches that are issued when needed. Here are some that are in the news but you should be checking your systems for updates: AWS fixes vulnerability affecting …
SANS Internet Storm Diary has a comprehensive report on Microsoft’s Patch Tuesday: Microsoft December 2022 Patch Tuesday – SANS Internet Storm Center Here is the Microsoft release page: December 2022 Security Updates – Release Notes – Security Update Guide – Microsoft The Microsoft report gives much more information on the …
I updated the pinned post at the top of the blog yesterday with warnings from Microsoft and Google about the potential for the Russia Ukraine cyber conflict to escalate over this winter. Here is an article by Alexander Martin from The Record looking at the risks and threats in more …
Zero-day attacks will always be a serious issue for anyone involved in cyber security. A zero-day cyber attack is one that happens in the gap between the hackers discovering a vulnerability in a system and putting an exploit out in the wild and the software vendors, discovering the same software …
Continue reading “Newly discovered zero-day vulnerability in Windows is being exploited now”
The US government Cybersecurity and Infrastructure Security Agency (CISA) has added a Microsoft Windows flaw to the Known Exploited Vulnerabilities Catalog. CISA Has Added One Known Exploited Vulnerability to Catalog | CISA
This is a weighty report from Microsoft looking at the state of cyber-attacks and responses – it is worth reading: Microsoft Digital Defense Report 2022 Your takeaway from this is – if you are better informed you can make better decisions on how to prepare your cyber security responses.
