NSA has a cybersecurity advisory It says that Pulse SecureTM, Palo Alto GlobalProtectTM, and Fortinet FortigateTM VPN(Virtual Private Network) products have vulnerabilities 3 of them VPN CVEs being currently exploited include but may not be limited to: CVE-2019-11510 and CVE-2019-1153 which allow for remote arbitrary file downloads and remote code execution on Pulse Connect Secure … Read more
Technewsworld has an interesting article: Cybersecurity Conundrum: Who’s Responsible for Securing IoT Networks? I do not want to focus on the IoT(Internet of Things) angle, instead pointing the spotlight at the responsibility of the Cyber breach (assuming they get breached): {Global research and advisory firm Gartner predicts that, by 2024, 75 percent of CEOs will … Read more
Zerologon Patches Roll Out Beyond Microsoft What if you have an older server? Like a Windows Server 2008? The Zerologon was a problem that was patched in August on a patch Tuesday of course. Race to patch as Microsoft confirms Zerologon attacks in the wild article also from ComputerWeekly.com Bottom line is that the vulnerability … Read more
Are we being too complacent in our feeling of “nothing will happen to us” with regard to Cybersecurity? 2 stories tie this theme together: Phishing awareness training wears off after a few months Apparently retraining is required after 6 months. Ransomware and Observations from Recent IR investigations Businesses are still getting ransomware, not how it … Read more
Should Cybersecurity have some attention if you have not been hacked before? Does your business really need more Cybersecurity awareness? I.e. So What… Cybersecurity!!! Is this what you are thinking? That does not matter to me ? I guess if this is your default thinking after every new headline of Breaches and attacks… For example … Read more