One thing I learnt very quickly whilst studying and after graduation was that my degree in cyber security was only the tool to make me think about cyber security properly and unless I kept my personal study up to date the degree would soon become useless. That is why I …
When software has bugs…
Software is complicated – it will have bugs and some of those bugs may have security issues. How you deal with this situation is a key part of your organisation’s cyber security plan. Why? If you are a regular reader here, you would have read about the several zero-day security …
Apple patches older devices against possible zero-day attacks
Apple has already issued patches for these vulnerabilities for newer devices and versions of their operating systems – now they reaching back to older devices. The patches apply to iOS and iPadOS 16.6 and later on iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, …
Continue reading “Apple patches older devices against possible zero-day attacks”
A zero-day story. If you use or used MOVEit then you need to read this.
MOVEit is (was) a very popular software package used by many to “securely” share files both internally and between organisations. But it has a security flaw which was exploited by the Clop ransomware gang before Progress Software, the owners of MOVEit knew there was a problem – but by then …
Continue reading “A zero-day story. If you use or used MOVEit then you need to read this.”
Apple and Google are plugging the same zero-day flaw
Research has now revealed that the cause of the recent Apple and Google zero-day patches was the same software library used by both software giants. Libwebp, a library found in millions of apps, was the source of the vulnerability. Incomplete disclosures by Apple and Google create “huge blindspot” for 0-day …
Continue reading “Apple and Google are plugging the same zero-day flaw”