Cybersecurity Starts in the Boardroom
Zero-Days – will always be a problem and both Google and Mandiant are reporting rises in such exploitations in 2021. I have reported on this before but the point that comes out in Bruce Schneier’s piece is the numbers these research groups are reporting are detected or declared Zero-Days. What …
The UK’s National Cyber Security Centre with it’s partners in the Five Eyes, has issued an advisory for the top exploited software vulnerabilities in 2021 – meaning they could continue being the top exploits in 2022. 2021 Top Routinely Exploited Vulnerabilities | CISA Microsoft Exchange server, VMware, SonicWall and Log4j …
I have written a couple of time about the vulnerabilities in VMware – they are patched now but the article below shows there are groups still trying to attack those organisations, slow to patch, with an active exploit. Iran’s Rocket Kitten likely behind VMware exploitation • The Register Why bother. …
The US Government, Cybersecurity and Infrastructure Security Agency (CISA) has added several new Microsoft Windows, vulnerabilities to it’s database. These all need patches – so again it is a good time to check that your “auto-updating” is working or time to get an Octagon IT monitoring package and let experts monitor the …
This post was first published on 19 April 2022 Following up on the article below, here is a real world example of bug bounties working to improve cybersecurity. The US Government’s Department of Homeland Security (DHS) worked with a group of cyber security analysts, who uncovered 122 vulnerabilities in the …
