Bug bounties are a useful way for vendors – and now government departments – to engage with honest, white hat, cyber security experts, to test systems for flaws. DoD issues call for hackers to dig into networks – The Record by Recorded Future
Blockchain security
Often it the online processes around blockchain and cyrpto-currencies that are exploited by the threat actors, not the blockchain itself – which remains secure. Following a year of research, a report by Trail of Bits, commissioned by the US Government Defense Advanced Research Projects Agency (DARPA) shows that the blockchain …
Log4Shell is still an exploited vulnerability
It seems a long time ago that the Log4Shell vulnerability was discovered. A vulnerability that had far reaching consequences as many systems used this framework for their logging functionality. The US Cybersecurity and Infrastructure Security Agency(CISA) with the United States Coast Guard Cyber Command (CGCYBER) has issued an advisory of …
Continue reading “Log4Shell is still an exploited vulnerability”
Three US Agencies issue an advisory about Chinese threat actors
The Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) have issued a joint advisory about Chinese state sponsored threats. People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices | CISA Chinese threat actors have been detected actively …
Continue reading “Three US Agencies issue an advisory about Chinese threat actors”
CISA adds one known vulnerability to it’s database and other advisories
The US Cybersecurity and Infrastructure Security Agency has added one new vulnerability to it’s Known Exploited Vulnerabilities Catalog and issued three advisories: CISA Adds One Known Exploited Vulnerability (CVE-2022-26134) to Catalog | CISA CISA Updates Advisory on Threat Actors Chaining Unpatched VMware Vulnerabilities | CISA CISA Releases Security Advisory on …
Continue reading “CISA adds one known vulnerability to it’s database and other advisories”