The US government Cybersecurity and Infrastructure Security Agency (CISA) is a great resource for keeping up with the issues with software you may be using. They have highlighted issues with Fortinet and security updates for Cisco: Fortinet Releases March 2023 Vulnerability Advisories | CISA Cisco Releases Security Advisory for IOS …
Why you need to keep things patched
We have written several articles recently about how critical patches and updates are to your cyber security. Here is another reason why: Proof-of-Concept released for critical Microsoft Word RCE bug (bleepingcomputer.com) Once the threat actors are aware of a vulnerability – whether it is patched or not – they will …
CISA cyber security advisories and advice on MITRE ATT&CK
The US government Cybersecurity and Infrastructure Security Agency (CISA) added a vulnerability to its Known Exploited Vulnerabilities Catalog for ZK Framework: CISA Adds One Known Exploited Vulnerability to Catalog | CISA A updated version of the CISA Decider tool for the MITRE ATT&CK framework has been released. CISA Releases Decider …
Continue reading “CISA cyber security advisories and advice on MITRE ATT&CK”
CISA advises three exploited vulnerabilities
Although a US government agency the Cybersecurity and Infrastructure Security Agency’s (CISA) Known Exploited Vulnerabilities Catalog is a valuable resource for anyone responsible for cyber security. It reports on mainstream and less used software so that offbeat package you use could be reported on one day! They have released an …
Continue reading “CISA advises three exploited vulnerabilities”
Apple cyber security may have a flaw
I have written before on the steps Apple takes in improving the cyber security of its users, such as the “walled garden” app store to reduce app risk, supporting older devices with security updates and enforcing strict conditions on how apps operate on Apple devices. But they are a bit …
