Technewsworld has an interesting article: Cybersecurity Conundrum: Who’s Responsible for Securing IoT Networks? I do not want to focus on the IoT(Internet of Things) angle, instead pointing the spotlight at the responsibility of the Cyber breach (assuming they get breached): {Global research and advisory firm Gartner predicts that, by 2024, 75 percent of CEOs will … Read more
KrebsonSecurity has a post that mentions that the department of the Treasury has a Ransomware Advisory pdf. The Treasury is advising you not to pay Ransomware if your device is ransomed (encrypted unless you pay for a decryption key): Companies that facilitate ransomware payments to cyber actors on behalf of victims, including financial institutions, cyber … Read more
Zerologon Patches Roll Out Beyond Microsoft What if you have an older server? Like a Windows Server 2008? The Zerologon was a problem that was patched in August on a patch Tuesday of course. Race to patch as Microsoft confirms Zerologon attacks in the wild article also from ComputerWeekly.com Bottom line is that the vulnerability … Read more
Are we being too complacent in our feeling of “nothing will happen to us” with regard to Cybersecurity? 2 stories tie this theme together: Phishing awareness training wears off after a few months Apparently retraining is required after 6 months. Ransomware and Observations from Recent IR investigations Businesses are still getting ransomware, not how it … Read more
As you may know, Patch Tuesday is the second Tuesday of the month (which happens to be September 8th on this month), literally the earliest it can happen. So today – the 14th of September, we had a little bit of time to evaluate the massive numbers of software pieces that need to be upgraded. … Read more
