Cybersecurity Starts in the Boardroom
…but sometimes they go wrong. Microsoft has had to fix a number of problems following the April Patch Tuesday. Microsoft says April Windows updates break VPN connections (bleepingcomputer.com) Microsoft: April Windows Server updates cause NTLM auth failures (bleepingcomputer.com) I included these stories in this week of device security as a …
Continue reading “There is no choice but to run cyber security updates…”
The US government Cybersecurity and Infrastructure Security Agency (CISA) site in one of my “go to” places for information on vulnerabilities, exploitations and patches. Built for the US Government, and American centric, it is still a great resource. This week it has run an excellent article for security professionals on …
Continue reading “US government Cybersecurity and Infrastructure Security Agency Advisories”
…for governments and for you. Hot on the heels of Microsoft’s Patch Tuesday – an important day of the month for patches and updates from many vendors – is appears that various threat actors gained access to an unpatched US Government Agency server, exploiting a three year old vulnerability that …
We often find problems with client configurations when we take over jobs, particularly when less-technically-able client try to do-it-themselves. If anyone needs an example as to why getting things set up correctly is difficult, Microsoft made a mistake with a server config and exposed some of their client’s information: Microsoft …
The hacking group TeamTNT has been spotted by the security company AquaSec attempting to hijack servers to run malware used to break Bitcoin encryption: TeamTNT hijacking servers to run Bitcoin encryption solvers (bleepingcomputer.com) The task is computationally intensive but if enough servers are compromised and a wide enough distributed computer created, …
Plug-ins is a way of vendors and third-parties extending the functionality of software – it work very well, the success of WordPress is partly based on plug-ins. Now the threat actor vendors are taking the same approach with their malware – with the plug-ins helping to obfuscate the malware to …
Linus servers are everywhere on the Internet, providing the infrastructure and hosting the Web sites and services we all use. So stealth malware that steals the performance of Linux machines is an issue for admins everywhere. Even though this attack appears to be tailored to specific targets, if you are …
