It has been one of those weeks, so let’s catch up with the cyber security advisories from one of my trusted sources, The US government Cybersecurity and Infrastructure Security Agency (CISA). There are alerts for Apple, Cisco and Mozilla products. Cisco Releases Security Advisories for Multiple Products | CISA Apple …
Apple and Google are plugging the same zero-day flaw
Research has now revealed that the cause of the recent Apple and Google zero-day patches was the same software library used by both software giants. Libwebp, a library found in millions of apps, was the source of the vulnerability. Incomplete disclosures by Apple and Google create “huge blindspot” for 0-day …
Continue reading “Apple and Google are plugging the same zero-day flaw”
Writing software is hard
Writing code for today’s sophisticated software is hard and no matter how careful the vendors are, how many beta and alpha testers they have, errors will always slip through. If those errors compromise the user’s security, you can bet a threat actor will discover them and exploit them. It is …
Known Exploited Vulnerabilities
Keeping track of the software and hardware you use, that then are discovered to have security flaws in them is important, especially if those flaws are being exploited by threat actors. The quicker you or the people responsible for your cyber security know there are issues, the quicker any available …
The US government Cybersecurity and Infrastructure Security Agency security advisories
The US government Cybersecurity and Infrastructure Security Agency (CISA) is a trusted source of information on security updates and exploited vulnerabilities. My team use it as one of their go to resources. The latest updates include the other vendors that release updates around the same time as Microsoft’s Patch Tuesday. …