Read Time:3 Second
Google spots first Android malware distributed by Turla group
Monthly Archives: July 2022
How to conduct a tabletop exercise
Read Time:27 Second
Tabletop exercises give your organization an opportunity to practice incident response plans. They are both an opportunity to rehearse and revise existing plans and a training opportunity for new employees.
Done well, tabletop exercises “allow for the discovery of ways to reduce your threat surface,” says Stephen Jensen, senior director of operations at the Center for Internet Security (CIS). “When you rehearse in a tabletop format, your written policies go from just being plain policies to becoming well-written policies and procedures.”
Breaking down CIS’s new software supply chain security guidance
Read Time:25 Second
Securing the software supply chain continues to be one of the most discussed topics currently among IT and cybersecurity leaders. A study by In-Q-Tel researchers shows a rapid rise in software supply chain attacks starting around 2016, going from almost none in 2015 to about 1,500 in 2020. The Cloud Native Computing Foundation’s (CNCF’s) catalog of software supply chain attacks also supports a rise in this attack vector.
How to manage Microsoft’s Excel and Office macro blocking
Read Time:51 Second
Microsoft has pulled back on its decision to block downloaded Excel files containing macros by default. They have said they will push this change out again in the future. If you were caught flat-footed by this decision and suddenly couldn’t figure out how to unblock your Excel files that you relied upon, you need to act before Microsoft rolls this out again. Evaluate now why you are allowing such risky behavior and how you can better protect your firm.
While Microsoft pulled back from this decision, I urge you to look for additional ways to protect users from phishing lures and attack vectors that include malicious Office files. Because many of these attacks come via email, but not necessarily as email attachments, evaluate whether your phishing protection and user education are appropriate. I’ve seen many a phishing lure come in via web links, pretend cloud services, and other techniques that bypass traditional antivirus and file filtering.
Legal Experts Concerned Over New UK Digital Reform Bill
DOJ Recovers $500K Paid to North Korean Ransomware Actors
Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
Read Time:32 Second
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the Internet. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
gnupg1-1.4.23-15.el8
Read Time:7 Second
FEDORA-EPEL-2022-3f3b227ed1
Packages in this update:
gnupg1-1.4.23-15.el8
Update description:
Security fix for CVE-2022-34903
gnupg1-1.4.23-19.el9
Read Time:7 Second
FEDORA-EPEL-2022-d9c834f286
Packages in this update:
gnupg1-1.4.23-19.el9
Update description:
Security fix for CVE-2022-34903
gnupg1-1.4.23-18.fc35
Read Time:6 Second
FEDORA-2022-0dbfb7e270
Packages in this update:
gnupg1-1.4.23-18.fc35
Update description:
Security fix for CVE-2022-34903