Bug bounties are a vendor’s shortcut to software vulnerabilities – UPDATED 26 April 2022

This post was first published on 19 April 2022 Following up on the article below, here is a real world example of bug bounties working to improve cybersecurity. The US Government’s Department of Homeland Security (DHS) worked with a group of cyber security analysts, who uncovered 122 vulnerabilities in the …

Zero-day security vulnerabilities exploited in 2021 – UPDATED 25 4 2022

Magnifying glass looking for a zero-day attack

This post was first made on 22 April 2022 I regularly write about the issues around the zero-day vulnerability and our Social Engineering and Email Cyber Security Training course aims to equip individuals and organisations to meet the challenge that the zero-day poses. Google’s Project Zero has reported on it’s …

Do you have a Lenovo laptop? If so then this post is for you.

Some persistent and critical vulnerabilities have been discovered in Lenovo laptops – so check if yours is on the list. When “secure” isn’t secure at all: High‑impact UEFI vulnerabilities discovered in Lenovo consumer laptops | WeLiveSecurity Lenovo Notebook BIOS Vulnerabilities – Lenovo Support US If you need help fixing this …

You really have got to check your WatchGuard devices – care more about them than WatchGuard does!

WatchGuard – a market leader in security devices – appears to have kept a significant vulnerability secret – although it did patch the issue. WatchGuard failed to explicitly disclose critical flaw exploited by Russian hackers | Ars Technica If they patched the issue, then surely everything is fine. Well no. …