Regular readers know that I use the US government Cybersecurity and Infrastructure Security Agency (CISA) website as a reliable source of information on software and hardware vulnerabilities. Ones that impact the organisations we support are escalated to our support team, then I write about those and the rest here, for …
Reduce that Attack Surface
The US government Cybersecurity and Infrastructure Security Agency (CISA) is one of our go to location for information about exploited vulnerabilities and patching – the type of resource I discuss in this week’s CyberAwake article: The Zero-day Threat – What can you do about it? Keeping up with these issues …
Other patches and updates in the news
Other companies gather around Microsoft’s Patch Tuesday and issue their updates round and about the same time and there are also the critical patches that are issued when needed. Here are some that are in the news but you should be checking your systems for updates: AWS fixes vulnerability affecting …
Two very different hacking campaigns in the wild now
These two articles from Bleeping Computer shows the wide range of cyber security issues an organisation has to be aware of and take action about. One is the traditional malware getting into your systems and stealing sensitive information which it then sends out to the threat actors, to be used …
Continue reading “Two very different hacking campaigns in the wild now”
CISA issues security advisories across a range of popular products
It has been a busy couple of days at the US Cybersecurity and Infrastructure Security Agency as they issue a range of security advisories: Drupal Releases Security Update | CISA Microsoft Releases Guidance on Zero-Day Vulnerabilities in Microsoft Exchange Server | CISA Cisco Releases Security Updates for Multiple Products | …
Continue reading “CISA issues security advisories across a range of popular products”
