Cybersecurity Starts in the Boardroom
The US Cybersecurity and Infrastructure Security Agency has added one new vulnerability to it’s Known Exploited Vulnerabilities Catalog and issued three advisories: CISA Adds One Known Exploited Vulnerability (CVE-2022-26134) to Catalog   | CISA CISA Updates Advisory on Threat Actors Chaining Unpatched VMware Vulnerabilities | CISA CISA Releases Security Advisory on …
Continue reading “CISA adds one known vulnerability to it’s database and other advisories”
The EnemyBot malware had added VMware and F5 critical flaws to it’s attack vectors: EnemyBot malware adds enterprise flaws to exploit arsenal • The Register The worse thing about this malware, (other than if it infects your systems), is that the “unarmed” code is available on Github.
I have written about the usefulness and the threat that Microsoft Office document macros can pose to your cyber security. This flaw, called Follina, exploits Office functionality to retrieve an HTML file, and Microsoft Support Diagnostic Tool (MSDT) to run some malicious code, which can lead to privilege escalation attacks. …
A new malware strain known as Cheerscrypt or Cheers, is targeting a VMware enterprise virtualisation tool – VMware ESXi systems. Ransomware Cheerscrypt targets VMware ESXi systems • The Register
I think it is a good thing that the Indian government is giving it’s full support to tightening up cyber security in the country. However it seems that their responses, which seem good on paper are not so when translated into the real world: Indian authorities issue conflicting advice about …
