I know it is October now with fall and the changing color of the leaves almost here (or starting to color slowly). October Cybersecurity awareness with the season changing we also have to prepare our digital life. Should you wait for shoring up your cybersecurity until after the hack? Of course this is a … Read more
I keep going to the same topics, since we have the same issues come up again and again. We have discussed the Psychology of Security (all of these topics are also in my book “Too Late You’re Hacked”), in this blog before – just search for Psychology of Security and you will see the posts. … Read more
Patch your software and hardware (portswigger article) Password management – Keep passwords locked – 2FA MFA, Backup and test backups – social engineering – Phishing education (CISA – Cybersecurity& Infrastructure Security AgencyTips) Test your environment Why did i give the patching/upgrade the highest importance, because a policy of upgrading can lead your environment … Read more
is everything fixed now about 4 months after the vulnerability was disclosed (and discussed here December 13,2021) So on this day in March (the 4th) Threatpost has a story from a few days ago: Millions of Java Apps Remain Vulnerable to Log4Shell (a Log4J vulnerability) The main sentences in the story are the following: “Researchers … Read more
why is the defense always behind? Are there some things that we inherently do not like to do?If there is something that is denying us from doing what is necessary to create a good defense then we have to be mindful of these actions – let’s review some Catch22 items. Let’s face it … Read more