Cybersecurity Starts in the Boardroom
Of course there is, and in some surprising places. Here is a report by the The Citizen Lab, examining how Microsoft Bing censors autosuggestions on politically sensitive Chinese names and other topics. This is not only applied in China, as we would expect, but in other regions too! Bada Bing, …
I talk about the vulnerabilities in Microsoft products a lot – whatever anyone thinks, in business, we live in a Microsoft world. However I have posts about Linux, MacOS and smartphone OS’s – here is one that can impact Mac users. Uncovering a macOS App Sandbox escape vulnerability: A deep …
Continue reading “Hacking everywhere – even if you use MacOS”
This is a longer read from the Microsoft Security Blog and the Microsoft Threat Intelligence Center (MSTIC) and it illustrates that all businesses and organisations regardless of size or ability to pay are in the threat actor’s sights: North Korean threat actor targets small and midsize businesses with H0lyGh0st ransomware …
Continue reading “H0lyGh0st ransomware targets small and medium businesses”
The US Cybersecurity and Infrastructure Security Agency has added one new vulnerability to it’s Known Exploited Vulnerabilities Catalog for a Microsoft Windows privilege escalation vulnerability – this has been addressed in Microsoft’s July 2022 Patch Tuesday. CISA Adds One Known Exploited Vulnerability to Catalog | CISA
It is that time again – among the fixes and patches from Microsoft, for July 2022 is one addressing CVE-2022-22047, Windows Elevation of Privilege Vulnerability – according to Microsoft a zero-day flaw that is being exploited by threat actors. For more details see Bleeping Computer’s excellent round-up of Patch Tuesday: …
