Cybersecurity Starts in the Boardroom
Research has now revealed that the cause of the recent Apple and Google zero-day patches was the same software library used by both software giants. Libwebp, a library found in millions of apps, was the source of the vulnerability. Incomplete disclosures by Apple and Google create “huge blindspot” for 0-day …
Continue reading “Apple and Google are plugging the same zero-day flaw”
Writing code for today’s sophisticated software is hard and no matter how careful the vendors are, how many beta and alpha testers they have, errors will always slip through. If those errors compromise the user’s security, you can bet a threat actor will discover them and exploit them. It is …
Keeping track of the software and hardware you use, that then are discovered to have security flaws in them is important, especially if those flaws are being exploited by threat actors. The quicker you or the people responsible for your cyber security know there are issues, the quicker any available …
The US government Cybersecurity and Infrastructure Security Agency (CISA) is a trusted source of information on security updates and exploited vulnerabilities. My team use it as one of their go to resources. The latest updates include the other vendors that release updates around the same time as Microsoft’s Patch Tuesday. …
The US government Cybersecurity and Infrastructure Security Agency (CISA) – an excellent source for keeping up with cyber security vulnerabilities and updates – has issued advisories for a number of products: VMware Releases Security Updates for Aria Operations for Networks | CISA Juniper Networks Releases Security Advisory for Junos OS …
