Experts at CIS, the MS- and EI-ISACs, and our member organizations share their thoughts on why security awareness training is important.
Daily Archives: June 12, 2023
CVE-2022-43778
Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information disclosure.
CVE-2022-43777
Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information disclosure.
Business email compromise scams take new dimension with multi-stage attacks
In a campaign that exploits the relationships between different organizations, attackers managed to chain business email compromise (BEC) against four or more organizations jumping from one breached organization to the next by leveraging the relationships between them. The attack, which Microsoft researchers call multi-stage adversary-in-the-middle (AiTM) phishing, started with a compromise at a trusted vendor and targeted organizations from the banking and financial services sectors.
Surprise! Staff don’t like receiving phishing tests from their firms that pose as salary increases
UK law firm Knights certainly has an interesting way of keeping its staff happy.
CVE-2022-27541
Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information disclosure.
CVE-2022-27539
Potential Time-of-Check to Time-of Use (TOCTOU) vulnerabilities have been identified in the HP BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information disclosure.
CVE-2022-36331
Western Digital My Cloud, My Cloud Home, My Cloud Home Duo, and SanDisk ibi devices were vulnerable to an impersonation attack that could allow an unauthenticated attacker to gain access to user data.
This issue affects My Cloud OS 5 devices: before 5.25.132; My Cloud Home and My Cloud Home Duo: before 8.13.1-102; SanDisk ibi: before 8.13.1-102.
A Vulnerability in Fortinet FortiGate Could Allow for Remote Code Execution
A vulnerability has been discovered in Fortinet FortiGate, which could allow for remote code execution. Fortinet FortiGate is a firewall product that provides VPN functionality. Successful exploitation of this vulnerability could allow for remote code execution in the context of the affected service account. Depending on the privileges associated with the service account an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Service accounts that are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights
To solve the cybersecurity worker gap, forget the job title and search for the skills you need
BlackBerry CISO Arvind Raman looks beyond job titles when he has open positions to fill and instead focuses on the key skills required to do the work. That mindset allows Raman to readily identify and recruit qualified professionals from outside the security field, instead of simply seeking candidates working their way up the typical chain of security roles.
For example, he has hired finance professionals for risk- and compliance-related work and marketing pros for awareness training projects. “It’s about being aligned with what is really needed and what core functionalities are required for the role,” Raman says.
Some roles, of course, must be filled with experienced security professionals, he says, and in those cases, he looks for candidates who have held prior security roles. On the other hand, he believes many security positions can be filled by people skilled in other disciplines. “And for those you don’t have to limit your search to security people,” he adds.