Cybersecurity Starts in the Boardroom
If you, as a threat actor, could embed your malware into a software module, that is then used by many innocent and unaware software developers in their packages, they release to the general public, wouldn’t you? That looks like a lot of infected machines for a small amount of work. …
Continue reading “Software repositories are a target for threat actors”
The issue of a trusted insider betraying a trust either maliciously or for commercial gain is a problem we often discussed at university and never really came up with an answer. You need trusted people for any business to operate – you should use the “principle of least privilege” to …
Threat actors invest time and effort into beating security measures, especially when the targets are so profitable. Android users have proven to be lucrative targets: Malware devs already bypassed Android 13’s new security feature (bleepingcomputer.com) Make sure you have policies and procedures in place if your team are BYODing Android …
Continue reading “Android malware has already circumvented new OS security features”
We have clients who use the popular VNC (Virtual Network Computing) service to access computers – all of them implement our security policy. Do you have a security policy that covers this type of software and access? Over 9,000 VNC servers exposed online without a password (bleepingcomputer.com)
Be More Like Dave – Dilbert Comic Strip on 2022-08-07 | Dilbert by Scott Adams …so you or your cyber security consultant should check any code (web app or software) you have written for you. How secure is open source software? Do you use open source software or have software …
Continue reading “Because It’s Friday – Writing code is difficult…”
