Cybersecurity Starts in the Boardroom
This post was first published on 20 June 2022 Update 22 June 2022 We have not had to wait for the next Patch Tuesday for the fix – Microsoft has issued an out-of-band patch for Windows: Windows emergency update fixes Microsoft 365 issues on Arm devices (bleepingcomputer.com) Original post There …
Continue reading “Has June’s Patch Tuesday broken some Microsoft 365 sign-ins? UPDATE 22 June 2022”
If the patch is not effective or worse it breaks something else whilst fixing the vulnerability. This happened to Microsoft: Microsoft fixes Windows authentication woes • The Register But you still have to run those patches and updates as an unpatched system is a target for threat actors. Better to …
Continue reading “I love patches as part of a cyber security plan – but there is a problem!”
The title says it all – here is Johannes’ article for the details: An Update on CVE-2022-26809 – MSRPC Vulnerability – PATCH NOW – SANS Internet Storm Centre Microsoft’s advice: CVE-2022-26809
US federal alert warns of the discovery of malicious cyber tools | US national security | The Guardian I use the Cybersecurity and Infrastructure Security Agency, (CISA) a lot. Many of the blog posts I run here, start there. However there is a vast amount of information on the CISA …
The Information Commissioner’s Office has issued a £98,000 penalty to Tuckers Solicitors based in London. The solicitors firm suffered a ransomware attack where confidential information including, PII and case material was lost. UK lawyer fined for not patching fast enough before attack • The Register
