Cybersecurity Starts in the Boardroom
Here is another example of a phishing attack, from SANS Internet Diary – although I am not sure the average user will know what to do with an ISO file? The attack is interesting as it uses Base 64 to obscure it from detection. Malicious ISO Embedded in an HTML …
Continue reading “Training is everything when it comes to phishing emails”
Not sure what an iLo is? Then this story is probably not for you – but if you have an HP server that someone looks after for you, then pass this on to them. Over 20 thousand servers have their iLO interfaces exposed to the internet, many with outdated and …
The log4j vulnerability and it’s associated attack vectors was always going to be major cybersecurity crisis – and of course once the bad actors knew about it they would expand their exploitation. This article on the SANS internet shows how initial attempts to mitigate the log4j issue are now being …
Continue reading “When you have found a “good” thing, why stop?”
So yesterday was Patch Tuesday – and we all know what that means. Get the updates and patching done now! Here here are my favourite round-up articles: Microsoft Patch Tuesday – January 2022 – SANS Internet Storm Centre Microsoft starts 2022 with 96 CVEs for Patch Tuesday • The Register …
Targeting Chinese speaking people gives you a lot of potential targets but the researcher at SANS was unsure what this malicious does. Malicious Python Script Targeting Chinese People – SANS Internet Storm Center
