2022 What Did we Learn in Cybersecurity?

49 posts on this blogsite oversitesentry in 2022 There were many different posts  I chose 4 to highlight in early ’22: What does Segmentation DonaldTrump Malware post Jan 25,22 Hackers are Ruthless: Attack Red Cross/ Red Crescent  500k stolen China Attacking News sites now & CISA agency declares patch APC UPS(Power Supplies) 3 Critical vulnerabilities. … Read more

Password Managers Hacked: Passwordstate and Lastpass

Passwordstate security failure was worse than Lastpass – but any entity can be hacked or have a cybersecurity failure. Looking into the specifics Passwordstate issue is discussed in portswigger website.   “Passwordstate was subject to scrutiny by Swiss security consultancy modzero AG following a customer request to check the password manager’s security. Modzero researchers Constantin … Read more

Less Than 100 Employees: 3x More Likely Target

At Technewsworld the following quote is interesting: “Attackers do not just target large enterprises. Recent reporting shows companies with less than 100 employees are three times more likely to be the target of a cyberattack — yet, often lack sufficient cybersecurity measures and resources to manage their risk,” said Shena Seneca Tharnish, VP for cybersecurity … Read more

OpenSSL fix NOT Critical but High vul

So the latest OpenSSL version in the 3.0 release has a fix which is version 3.0.7 which will address a critical vulnerability in the 3.x versions.  (so if you are using 2.x you are ok for now).  OpenSSL is the open source implementation of SSL and TLS secure communication protocols. MalwareBytes Blog had a post … Read more