I love patches as part of a cyber security plan – but there is a problem!

Patches and Updates

If the patch is not effective or worse it breaks something else whilst fixing the vulnerability. This happened to Microsoft: Microsoft fixes Windows authentication woes • The Register But you still have to run those patches and updates as an unpatched system is a target for threat actors. Better to …

CISA joint advisory on access control. Are you still missing MFA?

The US Cybersecurity and Infrastructure Security Agency has issued a joint advisory with the cyber security organisations from the UK, New Zealand, Netherlands and Canada listing ten regularly exploited weak security controls, poor configurations, and bad practices that allow threat actors to compromise networks. Here is the article: Weak Security …