Cybersecurity Starts in the Boardroom
I write a lot about patches being one of the most important steps in any cyber security plan – a quick search for “patches” on this site will show you how important they are. However you also need more in your cyber security plan than simply software patching as vendors …
Continue reading “Patches are not always available for critical flaws”
CISA is the US government’s Cybersecurity and Infrastructure Security Agency and a very good source cyber security and software patching information. Last week they posted several software patching updates and known vulnerabilities that are being exploited and mitigations for them. Samba Releases Security Updates for Multiple Versions of Samba | …
AlienFox is a malicious modular toolkit that threat actors can buy via a private Telegram channel. New AlienFox toolkit steals credentials for 18 cloud services (bleepingcomputer.com) The malware can be configured to scan for misconfigured servers and steal authentication details and credentials for a range of popular cloud-based services such …
Continue reading “Available for sale – a toolkit to steal credentials”
This includes some older iPhones and iPads – with iOS 15 and 16 and iPadOS 15 and 16 getting updates – and the Studio Display: Apple Updates Everything – SANS Get them done. Not sure you need to do this? Here is an example of a data stealer specifically aimed …
The US government Cybersecurity and Infrastructure Security Agency (CISA) is one of my go to resources for cyber security information – particularly when it comes to patching vulnerable products. Cisco Releases Security Advisories for Multiple Products – CISA
