This report makes interesting reading – it gives an insight of the big picture of cyber threats and risks. As businesses we have to find our risks in all of this: New Cyber Signals report from Microsoft – Microsoft Security Blog
Ransomware is never far from the news
Threat actors have been taking advantage of an exploited set of Microsoft credentials to embed ransomware attacks into signed drivers: Microsoft-signed malicious Windows drivers used in ransomware attacks (bleepingcomputer.com) And LockBit got through the cyber security defences of California’s Department of Finance: LockBit claims attack on California’s Department of Finance …
CISA adds five vulnerabilities to the Known Exploited Vulnerabilities Catalog
This is another good resource from the US government Cybersecurity and Infrastructure Security Agency (CISA). Vulnerabilities for Fortinet, Citrix have been added but also for Microsoft Defender and Veeam Backup both of which are vital tools in the fight against threat actors: CISA Adds Five Known Exploited Vulnerabilities to Catalog …
Continue reading “CISA adds five vulnerabilities to the Known Exploited Vulnerabilities Catalog”
Other patches and updates in the news
Other companies gather around Microsoft’s Patch Tuesday and issue their updates round and about the same time and there are also the critical patches that are issued when needed. Here are some that are in the news but you should be checking your systems for updates: AWS fixes vulnerability affecting …
December’s Microsoft Patch Tuesday
SANS Internet Storm Diary has a comprehensive report on Microsoft’s Patch Tuesday: Microsoft December 2022 Patch Tuesday – SANS Internet Storm Center Here is the Microsoft release page: December 2022 Security Updates – Release Notes – Security Update Guide – Microsoft The Microsoft report gives much more information on the …
