The DHS is inviting hackers to break into its systems, but there are rules of engagement
The United States Department of Homeland Security (DHS) is inviting security researchers to uncover vulnerabilities and hack into its systems, in an attempt to better...
Smashing Security podcast #256: Virgin Media just won’t take no for an answer, NFT apes, and bad optics
After a brief discussion of the Log4Shell vulnerability panic, we chat about how Virgin Media has got itself into hot water, a fat-fingered fumble at...
How to Defend Against Windows Management Instrumentation Attacks
The Windows Management Instrumentation (WMI) protocol – infrastructure on a Windows-based operating system – is used for management data and operations. It provides a uniform...
Microsoft Patch Tuesday, December 2021 Edition
Microsoft, Adobe, and Google all issued security updates to their products today. The Microsoft patches include six previously disclosed security flaws, and one that is...
Inside Ireland’s Public Healthcare Ransomware Scare
The consulting firm PricewaterhouseCoopers recently published lessons learned from the disruptive and costly ransomware attack in May 2021 on Ireland’s public health system. The unusually...
Log4Shell: The race is on to fix millions of systems and internet-connected devices
Everyone is talking about Log4Shell, a zero-day remote code execution exploit in versions of log4j, the popular open source Java logging library. Read More
Top 10 Malware November 2021
In November 2021, the Top 10 stayed consistent with the previous month with the exception of Gh0st, Mirai, and Ursnif, which returned to the Top...
End-of-Support Software Report List
The importance of replacing software before its End-of-Support (EOS) is critical. EOS occurs when software updates, patches, and other forms of support are no longer...
CIS Benchmarks December 2021 Update
The following CIS Benchmarks have been updated or released. We’ve highlighted the major updates below. Each Benchmark includes a full changelog that can be referenced...
Smashing Security podcast #255: Revolting receipts, a Twitter fandango, and shopkeeper cyber tips
"Demonically" possessed devices print out antiwork propaganda, advice on how to secure your store, and is Twitter's new photo privacy policy practical? All this and...