Cybersecurity Starts in the Boardroom
It has been a busy couple of weeks for those threat actors and now the Cybersecurity and Infrastructure Security Agency (CISA) has caught up and added twenty-one known exploits this week – so far. CISA Adds 21 Known Exploited Vulnerabilities to Catalog | CISA Many mainstream products are in the …
Continue reading “Twenty-one additions to the known exploited database!”
If the patch is not effective or worse it breaks something else whilst fixing the vulnerability. This happened to Microsoft: Microsoft fixes Windows authentication woes • The Register But you still have to run those patches and updates as an unpatched system is a target for threat actors. Better to …
Continue reading “I love patches as part of a cyber security plan – but there is a problem!”
The quote is from an article by Royal Hansen, Vice President of Engineering for Privacy, Safety, and Security, outlining how Google sees it’s role in making it a more secure world. Building a secure world (blog.google) I always have a seed of doubt when I read anything like this from …
Continue reading “Google – “cybersecurity is one of the top issues facing the world today””
This is a really interesting blog from Microsoft examining cyber crime from the prospective of a law abiding real world economic model: Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself – Microsoft Security Blog Cyber-gangs have been shaping themselves as real businesses for a while, with business …
Yesterday the US Cybersecurity and Infrastructure Security Agency (CISA) has issued and advisory for Google Chrome patches: Google Releases Security Updates for Chrome | CISA They also posted their Microsoft Patch Tuesday advisory: Microsoft Releases May 2022 Security Updates | CISA
