Cybersecurity Starts in the Boardroom
Apple declares that sharing device usage information with them is anonymous, but researchers are claiming this is not true and Apple can associate actual iCloud users to this shared information. Apple Device Analytics Contain Identifying iCloud User Data, Claim Security Researchers – MacRumors Would Apple do this? They are already …
Continue reading “Can Apple identify us from “anonymous” data?”
Zero-day attacks will always be a serious issue for anyone involved in cyber security. A zero-day cyber attack is one that happens in the gap between the hackers discovering a vulnerability in a system and putting an exploit out in the wild and the software vendors, discovering the same software …
Continue reading “Newly discovered zero-day vulnerability in Windows is being exploited now”
The US government Cybersecurity and Infrastructure Security Agency (CISA) has added a Microsoft Windows flaw to the Known Exploited Vulnerabilities Catalog. CISA Has Added One Known Exploited Vulnerability to Catalog | CISA
It comes round every month – make sure your team has updated. Here is a link to Lawrence Abrams’ excellent roundup of the updates and patches from Microsoft at Bleeping Computer. It includes details of the zero-day vulnerabilities patched: Microsoft November 2022 Patch Tuesday fixes 6 exploited zero-days, 68 flaws …
Threat actors are carrying out massive attacks, looking for unpatched Cisco AnyConnect Windows clients: Cisco AnyConnect Windows client under active attack • The Register
