Since it is October and it is Cybersecurity Awareness month, I like to acknowledge this event at least once – so why not do a top 3 items to be worried about? Out of the myriad of items to discuss from past discussions: #1 Phishing and spam attacks through email, text, or any level (social … Read more
NSA has a cybersecurity advisory It says that Pulse SecureTM, Palo Alto GlobalProtectTM, and Fortinet FortigateTM VPN(Virtual Private Network) products have vulnerabilities 3 of them VPN CVEs being currently exploited include but may not be limited to: CVE-2019-11510 and CVE-2019-1153 which allow for remote arbitrary file downloads and remote code execution on Pulse Connect Secure … Read more
Technewsworld has an interesting article: Cybersecurity Conundrum: Who’s Responsible for Securing IoT Networks? I do not want to focus on the IoT(Internet of Things) angle, instead pointing the spotlight at the responsibility of the Cyber breach (assuming they get breached): {Global research and advisory firm Gartner predicts that, by 2024, 75 percent of CEOs will … Read more
KrebsonSecurity has a post that mentions that the department of the Treasury has a Ransomware Advisory pdf. The Treasury is advising you not to pay Ransomware if your device is ransomed (encrypted unless you pay for a decryption key): Companies that facilitate ransomware payments to cyber actors on behalf of victims, including financial institutions, cyber … Read more
Zerologon Patches Roll Out Beyond Microsoft What if you have an older server? Like a Windows Server 2008? The Zerologon was a problem that was patched in August on a patch Tuesday of course. Race to patch as Microsoft confirms Zerologon attacks in the wild article also from ComputerWeekly.com Bottom line is that the vulnerability … Read more
