Cybersecurity Starts in the Boardroom
Apple will be releasing iOS 16 to the public this autumn, however the developer release was made at Apple’s World Wide Developers Conference 2022. Also announced were an array of forthcoming Apple hardware and software about to be released – what interests me here is that Apple, true to it’s …
The Microsoft Digital Crimes Unit has gone to court to seize 41 domains alleged to have been used by an Iranian cybercrime group called Bohrium. The Bohrium group ran a targeted email spear-phishing operation against organizations in the US, Middle East, and India. As part of the operation they would pose …
I have written before about the security limitations of “Internet of Things” (IoT) devices. Many of them are simple devices, possibly based on older tech, they tend to lack the hardware to allow for regular security updates, etc, etc etc. At least the UK Government is enacting laws to make …
I have written about this Microsoft Word vulnerability earlier this week: New attack using Microsoft Office documents – could you or your team recognise it? – Smart Thinking Solutions There is still not patch – but Microsoft has issued some mitigation guidance: Guidance for CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability …
Continue reading “Microsoft guidance for Office zero-day vulnerability – Follina”
I have written about the usefulness and the threat that Microsoft Office document macros can pose to your cyber security. This flaw, called Follina, exploits Office functionality to retrieve an HTML file, and Microsoft Support Diagnostic Tool (MSDT) to run some malicious code, which can lead to privilege escalation attacks. …
