risk management

When it comes to your industrial control systems, infallible cybersecurity is not just a nice-to-have; it’s a must. This is especially true in light of the latest vulnerabilities identified in Schneider Electric's Zelio Soft 2 software, as released in a recent advisory by the Cybersecurity and...

In a recent update published by the Microsoft Security Response Center (MSRC), a notable adjustment was made regarding the CVE-2024-30037 vulnerability. This specific vulnerability pertains to the Windows Common Log File System (CLFS) driver, which can lead to elevation of privilege for affected...

🤔

Original release date: May 28, 2021 Summary The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are responding to a spearphishing campaign targeting government organizations, intergovernmental organizations (IGOs), and non-governmental...

:cool: :p

Original release date: July 23, 2020 Summary Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise and Link Removed frameworks for all referenced threat actor techniques and mitigations. Over recent...

Original release date: October 3, 2018 Systems Affected Network Systems Overview The National Cybersecurity and Communications Integration Center (NCCIC) is aware of ongoing APT actor activity attempting to infiltrate the networks of global managed service providers (MSPs). Since May 2016...

About half of organizations say cybercrime is under-reported at their organizations, even when reporting is required. Continue reading...

Appropriate response to risk requires presenting information in a way that makes the security consequences impossible to ignore. Link Removed

Date: Thursday, June 27, 2019 Time: 02:00 PM Eastern Daylight Time Duration: 1 hour The threat of a cyberattack is so eminent, organizations can no longer simply put up defenses and hope either they aren’t attacked, or defenses will hold should one Continue reading...

Today, a single breach, physical or virtual, can cause millions of dollars of damage to an organization and potentially billions in financial losses to the global economy. Each week seems to bring a new disclosure of a cybersecurity breach somewhere in the world. As we look at the current state...

Protecting an organization depends on deep knowledge and experience, but a security to-do list can go a long way toward locking things down. Continue reading...

This solution seeks to provide end-to-end security that is resilient to today’s cyber-attacks so our industrial customers can operate their critical infrastructures with confidence and with no negative impact to their intellectual property and customer experience. As the Internet of Things...

We have a few laptops in our office that we are looking at putting some encryption on as they often leave the office. Bitlocker seems the best solution with it already on Windows 10 and free. I just wonder is Bitlocker worth putting onto the desktop PCs that are in the office and don't ever...

For the second in this series of blog entries we want to look into which vulnerability reports make it into the monthly release cadence. It may help to start with some history. In September 2003 we made a change from a release anytime approach to a mostly predictable, monthly release cadence...

Sponsored by: KeepItSafe - Date: Thursday, 12/14/17 at 2:00 PM EST Continue reading...

Today, a group of eight researchers from across the security industry released a research report on SHA-1 that demonstrates for the first time, a “hash collision” for the full SHA-1 hash algorithm (called “SHAttered”). This is a significant step toward understanding this type of security issue...

Severity Rating: Important Revision Note: V1.0 (October 11, 2016): Bulletin published. Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted...

Severity Rating: Important Revision Note: V1.0 (July 12, 2016): Bulletin published. Summary: This security update resolves a vulnerability in Microsoft .NET Framework. The vulnerability could cause information disclosure if an attacker uploads a specially crafted XML file to web-based...

Original release date: May 11, 2016 Systems Affected Outdated or misconfigured SAP systems Overview At least 36 organizations worldwide are affected by an SAP vulnerability Link Removed. Security researchers from Onapsis discovered indicators of exploitation against these organizations’ SAP...