53 vulnerabilities in today’s Patch Tuesday There is a Dashboard set up by Morphus Labs 3 publicly disclosed and 17 critical. It is always important to keep up on your patching regimen, as today’s vulnerabilities become more and more dangerous in the future. But one has to assess the current and older vulnerabilities with what … Read more
Do you want to use the Internet? Computers? Tablets? Cellphones? There is no device created that is 100% secure with no risk. So now what? Risk management – is what we are supposed to do, where the risk of using something is lower than the value of using it. For example: using a computer for … Read more
We say things like: DO NOT CLICK ON Phishing emails!! But then Equifax creates www.experianidentityservice.co.uk ??? or creditexpert.co.uk/login/login Bsides in London earlier this year had a presentation by Meadow Ellis (@notameadow). Meadow makes a good point, as we as Cybersecurity professionals ask users to be careful what you click, and then somebody in the company … Read more
Area41 Defconswitzerland had an interesting video about attacking Single Sign-on technology SAML – Security Assertion Markup Language (basic tutorial on SAML) There are a few ways an attack can happen, while the initial connections are made (and all certificate info is exchanged or other info needed. Or after the initial connection was made and now the … Read more
Let’s set this up… You have paid attention to some Cyber security efforts, and have a number of defenses, maybe not “all of them” but your risk management matrix has shown you where to focus. What is impact on a device if having Cyber security problems? Assuming you set up the probability matrix of all … Read more
