Cybersecurity Starts in the Boardroom
We have written several articles recently about how critical patches and updates are to your cyber security. Here is another reason why: Proof-of-Concept released for critical Microsoft Word RCE bug (bleepingcomputer.com) Once the threat actors are aware of a vulnerability – whether it is patched or not – they will …
The US government Cybersecurity and Infrastructure Security Agency (CISA) added a vulnerability to its Known Exploited Vulnerabilities Catalog for ZK Framework: CISA Adds One Known Exploited Vulnerability to Catalog | CISA A updated version of the CISA Decider tool for the MITRE ATT&CK framework has been released. CISA Releases Decider …
Continue reading “CISA cyber security advisories and advice on MITRE ATT&CK”
Although a US government agency the Cybersecurity and Infrastructure Security Agency’s (CISA) Known Exploited Vulnerabilities Catalog is a valuable resource for anyone responsible for cyber security. It reports on mainstream and less used software so that offbeat package you use could be reported on one day! They have released an …
Continue reading “CISA advises three exploited vulnerabilities”
I have written before on the steps Apple takes in improving the cyber security of its users, such as the “walled garden” app store to reduce app risk, supporting older devices with security updates and enforcing strict conditions on how apps operate on Apple devices. But they are a bit …
To add to those I listed on Wednesday, the very useful US government Cybersecurity and Infrastructure Security Agency (CISA) site has security advisories for Cisco and another entry added to its Known Exploited Vulnerabilities Catalog: Cisco Releases Security Advisories for Multiple Products | CISA (we use some of these products …
Continue reading “More cyber security advisories this week from CISA”
