Cybersecurity Starts in the Boardroom
This is a follow-up to last week’s story: New commercial spyware for phones – Smart Thinking Solutions This is Google describing how they countered the Hermit smartphone malware and discusses their Project Zero for countering zero-day threats. Spyware vendor targets users in Italy and Kazakhstan (blog.google) Your best defence against …
Continue reading “Google Threat Assessment Group tackles smartphone malware”
The patches and fixes are out but Octagon’s support team is still getting enquiries about the Microsoft Follina flaw. Here is a blog post by Ben, one of the support team at Octagon, outlining what you need to know. And Smart Thinking’s article:
This post was originally made on 9 June 2022 Update 15 June 2022 Microsoft has included updates in it’s Patch Tuesday bundle to address this issue: Microsoft Patch Tuesday – Follina zero-day fixed – Smart Thinking Solutions Get the updates done as soon as possible. Let’s hope this is really …
The National Cyber Security Centre are back with their weekly threat report – having had a week off for the Queen’s Platinum Jubilee. Threat Report 10 June 2022 – NCSC.GOV.UK However it does not mention the latest information on the Microsoft Word / msdt.exe / Follina zero-day cyber security risk:
Here is another excellent breakdown, with screen shots, of phishing emails exploiting the Microsoft Word/Follina/ms-msdt flaw. Being aware of the types of phishing emails the threat actors use is part of the defence in depth you need to have great cyber security. TA570 Qakbot (Qbot) tries CVE-2022-30190 (Follina) exploit (ms-msdt) …
Continue reading “Active exploit for Follina – the still unpatched flaw in Microsoft Word”
