Do we need tougher breach notification rules?

Jamie Brown discusses UK breach notification laws.https://www.computing.co.uk/news/4015184/tougher-breach-notification-rules … [Read more...]

Nation state APT groups prefer old, unpatched vulnerabilities

Satnam Narang expresses his lack of surprise at the popularity of old Microsoft vulnerabilities given cyber criminals prefer low hanging fruit.https://www.computerweekly.com/news/252483043/Nation-state-APT-groups-prefer-old-unpatched-vulnerabilities … [Read more...]

Critical SharePoint and browser security flaws star in May Patch Tuesday

Satnam Narang draws attention to the volume of patches issued by Microsoft in the last three months.https://portswigger.net/daily-swig/critical-sharepoint-and-browser-security-flaws-star-in-may-patch-tuesday … [Read more...]

Microsoft Sounds Windows 10 ‘Exploitation More Likely’ Alarm: Here’s Exactly What That Means

Rody Quinlan explains why CVSS will catch the attention of threat actors, but alone it is not always enough to prompt active exploitation.https://www.forbes.com/sites/daveywinder/2020/05/13/windows-10-exploitation-more-likely-security-alarm-sounded-heres-what-that-means/#18b45b1451f0 … [Read more...]

Salt framework security flaws used to attack multiple targets

Rody Quinlan takes a closer look at the combination of Salt flaws, and speed of exploitation.https://portswigger.net/daily-swig/salt-framework-security-flaws-used-to-attack-multiple-targets … [Read more...]

Hackers exploited SQL injection flaw to compromise Sophos XG firewall devices

Rody Quinlan explains how the SQL injection zero-day could allow attackers to exfiltrate data. https://www.teiss.co.uk/sophos-xg-firewall-breach/ … [Read more...]

Working from home? How to stay in touch and stay secure

Adam Palmer shares tips for secure video conferencing configurations.https://www.theguardian.com/technology/2020/apr/25/working-from-home-how-to-stay-in-touch-and-stay-secure … [Read more...]

Microsoft Issues Emergency Security Update And Warns Of 3D Graphics Hack

Ryan Seguin tells Forbes that, if exploited, an attacker could run code with the same permission as the person who opened the file.https://www.forbes.com/sites/daveywinder/2020/04/23/microsoft-warns-of-3d-graphics-attack-issues-emergency-security-update-advisory/#3e19e8a24750 … [Read more...]

iOS zero-day leaves iPhone users dangerously exposed

Satnam Narang warns that there is potential for further danger to iOS users from combining the flaws with an unpatched kernel vulnerability.' https://www.computerweekly.com/news/252482061/iOS-zero-day-leaves-iPhone-users-dangerously-exposed … [Read more...]

Bug leaves iPhones vulnerable to hackers stealing email contents

Satnam Narang tells the Guardian that the flaws are 'significant and noteworthy.'https://www.theguardian.com/technology/2020/apr/23/bug-leaves-iphones-vulnerable-hackers-stealing-email-contents … [Read more...]