Let’s list some of the problem areas: Ransomware Phishing Backups – Restore Remote Access Cloud Computing Awareness Issues – Training If you do not prepare for the future then it will create surprises when you least expect it or the future may make changes in ways that you will not appreciate. An example of this … Read more
The human factor is always underappreciated in helping decide on what can be done with our Computer Security. “Security Mental Model: Cognitive map approach” Tahani Albalawi, Kambiz Ghanzinour and Austin Melton paper: The computer security community has developed formal methods for providing security properties to systems and organizations. However, the human role has often … Read more
Ransomware hitting the unsuspecting small business that does not have all the Security pieces in place(SCMedia story:” Here are the most common ways businesses get compromised by ransomware“. Darkreading has a story:”Manufacturing Sees rising Ransomware Threat” What is considered a ‘small business’ ? The SBA considers several criteria (how many employees – less than 500) … Read more
NSA has a cybersecurity advisory It says that Pulse SecureTM, Palo Alto GlobalProtectTM, and Fortinet FortigateTM VPN(Virtual Private Network) products have vulnerabilities 3 of them VPN CVEs being currently exploited include but may not be limited to: CVE-2019-11510 and CVE-2019-1153 which allow for remote arbitrary file downloads and remote code execution on Pulse Connect Secure … Read more
Zerologon Patches Roll Out Beyond Microsoft What if you have an older server? Like a Windows Server 2008? The Zerologon was a problem that was patched in August on a patch Tuesday of course. Race to patch as Microsoft confirms Zerologon attacks in the wild article also from ComputerWeekly.com Bottom line is that the vulnerability … Read more
