Cybersecurity Starts in the Boardroom
AlienFox is a malicious modular toolkit that threat actors can buy via a private Telegram channel. New AlienFox toolkit steals credentials for 18 cloud services (bleepingcomputer.com) The malware can be configured to scan for misconfigured servers and steal authentication details and credentials for a range of popular cloud-based services such …
Continue reading “Available for sale – a toolkit to steal credentials”
This includes some older iPhones and iPads – with iOS 15 and 16 and iPadOS 15 and 16 getting updates – and the Studio Display: Apple Updates Everything – SANS Get them done. Not sure you need to do this? Here is an example of a data stealer specifically aimed …
The US government Cybersecurity and Infrastructure Security Agency (CISA) is one of my go to resources for cyber security information – particularly when it comes to patching vulnerable products. Cisco Releases Security Advisories for Multiple Products – CISA
The gap between the vendor discovering a vulnerability and the patch getting to you will always be an issue – this is the zero-day threat. It escalates if the threat actors became aware of the vulnerability and exploits it before the vendor becomes aware. Now research by Mandiant shows that, …
Drupal is a CMS platform, similar to WordPress, so it is out there on the internet, vulnerable for exploitation. So if you use Drupal get it patched: Drupal Releases Security Advisory to Address Vulnerability in Drupal Core | CISA Do you know if your organisation’s website is hosted on Drupal …
