How can ransomware risk be close to 0%? I made a video on Rumble and Anchor (Spotify) Rumble Video: The video is using information from the NIST document NISTIR 8374 RANSOMWARE RISK MANAGEMENT:A CYBERSECURITY FRAMEWORK PROFILE Ransomware Risk Management Fundamentals NIST document Cybersecurity disinformation – Platform disinformation – If done right the ransomware risk … Read more
Looking across the Internet for new stories and new events in this holiday season I look at the fundamentals, thus found the NIST Cybersecurity framework profile:Ransomware Risk Management Specifically the NIST.IR.8374 document From this document I have grabbed 3 basic items which everyone should be aware of in the image as well as in text … Read more
I bumped intothis site (Dresec) latest post is “Phishing with Google calendar” His first sentence is a disclaimer as he does not want other people to use the information to send phishing calendar invites. To him (and me) it is only designed to be a test within our organizations. Here is the sample … Read more
So the latest OpenSSL version in the 3.0 release has a fix which is version 3.0.7 which will address a critical vulnerability in the 3.x versions. (so if you are using 2.x you are ok for now). OpenSSL is the open source implementation of SSL and TLS secure communication protocols. MalwareBytes Blog had a post … Read more
Nothing to see here – in Microsoft Land – Portswigger has the story: Apparently there is a feature in Microsoft Office Online Server that causes a Remote Code Execution(RCE) vulnerability. After hackers use a SSRF (Server Side Request forgery) attack, they can attack the systems with RCE. When Microsoft was told about this vulnerability they … Read more
