Threat actors are always looking for the opportunity to abuse someone’s trust, exploit a tragedy or take advantage of something in the news, etc. etc. etc.. ChatGPT is in the news. Earlier this year, the popular artificial intelligence (AI) ChatGPT service started to charge for access and this has prompted …
No more Windows 7 security updates from tomorrow
Extended security updates for Windows 7 ends tomorrow 10 January 2023. You should not be using this operating systems anywhere. This includes any industrial or control machinery you have. When I spoke with my team, the last Windows 7 PC they remembered replacing was a C&C control PC during lock …
Continue reading “No more Windows 7 security updates from tomorrow”
Ransomware is never far from the news
Threat actors have been taking advantage of an exploited set of Microsoft credentials to embed ransomware attacks into signed drivers: Microsoft-signed malicious Windows drivers used in ransomware attacks (bleepingcomputer.com) And LockBit got through the cyber security defences of California’s Department of Finance: LockBit claims attack on California’s Department of Finance …
December’s Microsoft Patch Tuesday
SANS Internet Storm Diary has a comprehensive report on Microsoft’s Patch Tuesday: Microsoft December 2022 Patch Tuesday – SANS Internet Storm Center Here is the Microsoft release page: December 2022 Security Updates – Release Notes – Security Update Guide – Microsoft The Microsoft report gives much more information on the …
Google Chrome’s 9th zero-day vulnerability of 2022 now patched
Software is difficult and no matter how much vendors test, both black and white hackers will find vulnerabilities once the software has been released. The issue is how fast does the vendor respond with patches once a vulnerability has been found. Google Chrome emergency update fixes 9th zero-day of the …
Continue reading “Google Chrome’s 9th zero-day vulnerability of 2022 now patched”