In several of my most recent IT and Cyber Security Audits I have encountered problems similar to those in this report from the US National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) – misconfigurations. NSA and CISA Release Advisory on Top Ten Cybersecurity Misconfigurations | CISA …
The National Cyber Security Centre releases the “most exploited” of 2022
The NCSC in collaboration with allies from around the world have released a list of those cyber vulnerabilities that were the most exploited by threat actors last year. NCSC and allies reveal most common cyber vulnerabilities exploited in 2022 – NCSC There are two main trends in the report: Defend …
Continue reading “The National Cyber Security Centre releases the “most exploited” of 2022”
CISA security advisories
The UK’s National Cyber Security Centre has joined with the US government Cybersecurity and Infrastructure Security Agency (CISA), FBI and US National Security Agency (NSA) to issue a security advisory about vulnerabilities in Cisco devices: APT28 Exploits Known Vulnerability To Carry Out Reconnaissance and Deploy Malware on Cisco Routers | …
Other patches and updates in the news
Other companies gather around Microsoft’s Patch Tuesday and issue their updates round and about the same time and there are also the critical patches that are issued when needed. Here are some that are in the news but you should be checking your systems for updates: AWS fixes vulnerability affecting …
Three US Agencies issue an advisory about Chinese threat actors
The Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) have issued a joint advisory about Chinese state sponsored threats. People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices | CISA Chinese threat actors have been detected actively …
Continue reading “Three US Agencies issue an advisory about Chinese threat actors”