Cybersecurity Starts in the Boardroom
Here is a cyber security threat, that could get into your business and not be detected by your anti-virus. It is not a zero day vulnerability, it just does not get detected! CinaRAT Delivered Through HTML ID Attributes – SANS Internet Storm Centre This is where training comes in to …
Continue reading “Here’s why you need more than anti-virus, you need training as well”
Dina Temple-Raston writing at The Record, shows how we have to treat hackers with “respect”. Not respect for what they do or how they do it, but respect so our response to them matches their determination to make money. Ransomware-as-a-service, or RaaS, is the franchise business model for cyber criminals, …
It is that time of the month again when vendors send out the patches. Pixel 3 smartphone then this is probably your last update as Google has stated they are discontinuing support for the device. Critical Android 12 bug fixed in February security patches • The Register The usual set …
Following the recent publicity of Linux vulnerabilities, here is an announcement from The Linux Foundation, of $10m of donations to their Open Source Security Foundation (OpenSSF). Among the donors are Microsoft and Google. Linux Foundation announces $10 million cross-industry investment in Open Source Security Foundation (scmagazine.com)
Here is an interesting article from the team at Apache dealing with patching the Log4j problem: The Apache Log4j team talks about the Log4Shell patching process – The Record by Recorded Future But the exploits in the wild are still happening: Threat actor target Ubiquiti network appliances using Log4Shell exploits …
Continue reading “Log4j exploits and behind the scenes with the Apache patching team”
