Cybersecurity Starts in the Boardroom
The BlackLotus malware is going to be a problem – Microsoft Window’s cyber security stance relies on a the UEFI (Unified Extensible Firmware Interface) secure boot. If it can be compromised then all Windows users could have a problem. Even Windows 11 users. Here is Bruce Schneier’s view of the …
Continue reading “Breaking Windows Secure Boot is a big deal”
Threat actors are always looking for the opportunity to abuse someone’s trust, exploit a tragedy or take advantage of something in the news, etc. etc. etc.. ChatGPT is in the news. Earlier this year, the popular artificial intelligence (AI) ChatGPT service started to charge for access and this has prompted …
Extended security updates for Windows 7 ends tomorrow 10 January 2023. You should not be using this operating systems anywhere. This includes any industrial or control machinery you have. When I spoke with my team, the last Windows 7 PC they remembered replacing was a C&C control PC during lock …
Continue reading “No more Windows 7 security updates from tomorrow”
Threat actors have been taking advantage of an exploited set of Microsoft credentials to embed ransomware attacks into signed drivers: Microsoft-signed malicious Windows drivers used in ransomware attacks (bleepingcomputer.com) And LockBit got through the cyber security defences of California’s Department of Finance: LockBit claims attack on California’s Department of Finance …
SANS Internet Storm Diary has a comprehensive report on Microsoft’s Patch Tuesday: Microsoft December 2022 Patch Tuesday – SANS Internet Storm Center Here is the Microsoft release page: December 2022 Security Updates – Release Notes – Security Update Guide – Microsoft The Microsoft report gives much more information on the …
