Cybersecurity Starts in the Boardroom
This is always a difficult conversation with clients – when we come across redundant hardware or hardware that is reaching or reached it’s EOL – “you need to replace it”. It is always the cost! However sometimes you just have to do it – especially if it causes a security …
For smaller organisations updating network devices is often overlooked. CISA is warning of a flaw in Zyxel firewalls that is being actively exploited by hackers even though the vendor issued patches for the vulnerability over a month ago! CISA Adds One Known Exploited Vulnerability to Catalog | CISA Hackers exploit …
If your network uses Zyxel equipment then you need to check if it is on the list compromised equipment that needs patching. Zyxel warns of critical vulnerabilities in firewall and VPN devices (bleepingcomputer.com)
Selling redundant gear and wiping hard drives on computers has pretty much become standard over the last few years – whether the machines are going for resale, donation, upcycling or recycling. But what happens when it comes to cyber security critical network devices? These bits of kit can be eye-wateringly …
Continue reading “So selling redundant gear sounds like a good idea…”
I write a lot about patches being one of the most important steps in any cyber security plan – a quick search for “patches” on this site will show you how important they are. However you also need more in your cyber security plan than simply software patching as vendors …
Continue reading “Patches are not always available for critical flaws”
Domien Schepers and Aanjhan Ranganathan of Northeastern University and Mathy Vanhoef of imec-DistriNet, KU Leuven, have published a paper demonstrating a flaw in the way WiFi access points handle power saving requests to and from devices. This could enable a threat actor to manipulate the WiFi frames passing between devices …
There is an interesting article over on SANS Internet Storm today – Johannes Ullrich has been tracking some public vulnerabilities in D-Link and Netgear devices that are not mentioned on the vendor pages and for many there are no patches available: What’s the deal with these router vulnerabilities? – SANS …
Continue reading “Do you have a D-Link or Netgear router – if so they may be vulnerable”
