Cybersecurity Starts in the Boardroom
Zero-Days – will always be a problem and both Google and Mandiant are reporting rises in such exploitations in 2021. I have reported on this before but the point that comes out in Bruce Schneier’s piece is the numbers these research groups are reporting are detected or declared Zero-Days. What …
This post was first made on 22 April 2022 I regularly write about the issues around the zero-day vulnerability and our Social Engineering and Email Cyber Security Training course aims to equip individuals and organisations to meet the challenge that the zero-day poses. Google’s Project Zero has reported on it’s …
Continue reading “Zero-day security vulnerabilities exploited in 2021 – UPDATED 25 4 2022”
Following up on the two articles I posted yesterday, to give you an awareness of the threat landscape, here are two articles discussing how that landscape is constantly changing. Criminals adopting new methods to bypass improved defenses • The Register Cybercriminals are finding new ways to target cloud environments | …
Continue reading “When you improve your defences – the hackers change their tactics”
Other cyber security stories have really overtaken the log4j/log4shell issue, but it is still out there and sometimes, because developers are so dependent on the framework, patches lead to more issues. Here is an example where even the biggest organisations have problems: Amazon Web Services Log4j patches blew holes in …
Here is something I wrote for the Octagon Technology blog last month. It started out looking at the zero-day issue and then explored the tools available to create “defence in depth” cyber security and finished with an explanation of how you can keep up with this blog in using Outlook …
Continue reading “Why keeping up with the cyber security news is important”
