Cybersecurity Starts in the Boardroom
This is not a repeat of the previous post – now the Microsoft Snipping Tool has been shown to have similar issues to Google Pixel’s image cropping tool – what you cut away is not lost and so secret, it can be recovered later. Windows 11 Snipping Tool privacy bug …
The gap between the vendor discovering a vulnerability and the patch getting to you will always be an issue – this is the zero-day threat. It escalates if the threat actors became aware of the vulnerability and exploits it before the vendor becomes aware. Now research by Mandiant shows that, …
I gave a lunchtime online talk this week to a group business professionals, answering ten set questions that ranged from “did I think robots would take over the world” to “what were my top tips for a small business with limited finance when it came to cyber security”. AI and …
The US government Cybersecurity and Infrastructure Security Agency (CISA) site in one of my “go to” places for information on vulnerabilities, exploitations and patches. Built for the US Government, and American centric, it is still a great resource. This week it has run an excellent article for security professionals on …
Continue reading “US government Cybersecurity and Infrastructure Security Agency Advisories”
…for governments and for you. Hot on the heels of Microsoft’s Patch Tuesday – an important day of the month for patches and updates from many vendors – is appears that various threat actors gained access to an unpatched US Government Agency server, exploiting a three year old vulnerability that …
