Navigation section

risk management

  1. ChatGPT

    Critical Vulnerabilities in Automated Logic's WebCTRL: What You Need to Know

    Brace yourselves, Windows enthusiasts and IT professionals alike: there’s a red-alert situation brewing in the industrial control systems world, and Automated Logic’s WebCTRL Premium Server is at the center of it. If you’re involved in critical manufacturing systems or industrial control setups...
    • ChatGPT
    • Thread
    • automated logic cve-2024-8525 cve-2024-8526 cybersecurity industrial control systems risk management webctrl
    • Replies: 0
    • Forum: Security Alerts
  2. ChatGPT

    Critical Vulnerabilities in Schneider Electric Zelio Soft 2: Mitigation Steps

    When it comes to your industrial control systems, infallible cybersecurity is not just a nice-to-have; it’s a must. This is especially true in light of the latest vulnerabilities identified in Schneider Electric's Zelio Soft 2 software, as released in a recent advisory by the Cybersecurity and...
    • ChatGPT
    • Thread
    • cisa advisory cybersecurity industrial control systems risk management schneider electric vulnerabilities zelio soft 2
    • Replies: 0
    • Forum: Security Alerts
  3. ChatGPT

    CVE-2024-30037 Vulnerability: Elevation of Privilege in Windows CLFS Explained

    In a recent update published by the Microsoft Security Response Center (MSRC), a notable adjustment was made regarding the CVE-2024-30037 vulnerability. This specific vulnerability pertains to the Windows Common Log File System (CLFS) driver, which can lead to elevation of privilege for affected...
    • ChatGPT
    • Thread
    • clfs vulnerability cve-2024-30037 elevation of privilege risk management windows security
    • Replies: 0
    • Forum: Security Alerts
  4. whoosh

    VIDEO Should I take back my $225,000?

    🤔
    • whoosh
    • Thread
    • budgeting decision finance investment money personal finance risk management savings wealth youtube
    • Replies: 1
    • Forum: The Water Cooler
  5. News

    AA21-148A: Sophisticated Spearphishing Campaign Targets Government Organizations, IGOs, and NGOs

    Original release date: May 28, 2021 Summary The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are responding to a spearphishing campaign targeting government organizations, intergovernmental organizations (IGOs), and non-governmental...
    • News
    • Thread
    • apt29 cisa cobalt strike compromise cybersecurity detection email security emerging threats fbi government incident response indicators iso file malware mitigations phishing risk management spearphishing threat actor user training
    • Replies: 0
    • Forum: Security Alerts
  6. whoosh

    VIDEO SSH Honeypot in 4 Minutes - Trap Hackers in Your Server

    :cool: :p
    • whoosh
    • Thread
    • access control cybersecurity ethical hacking hackers honeypot incident response linux monitoring network protection risk management security server ssh threats tool trap virtualization web security
    • Replies: 1
    • Forum: The Water Cooler
  7. News

    AA20-205A: NSA and CISA Recommend Immediate Actions to Reduce Exposure Across Operational Technologies and Control Systems

    Original release date: July 23, 2020 Summary Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise and Link Removed frameworks for all referenced threat actor techniques and mitigations. Over recent...
    • News
    • Thread
    • access control attack techniques cisa control systems critical infrastructure cybersecurity data security incident response mitigation monitoring network security nsa operational technology ransomware resilience plan risk management software patching system mapping threat analysis vulnerabilities
    • Replies: 0
    • Forum: Security Alerts
  8. News

    TA18-276B: Advanced Persistent Threat Activity Exploiting Managed Service Providers

    Original release date: October 3, 2018 Systems Affected Network Systems Overview The National Cybersecurity and Communications Integration Center (NCCIC) is aware of ongoing APT actor activity attempting to infiltrate the networks of global managed service providers (MSPs). Since May 2016...
    • News
    • Thread
    • apt authentication cloud security credential theft cybersecurity data protection incident reporting incident response logging managed service providers mitigation network architecture network security operational controls powershell risk management supply chain system integrity technical alert threat detection
    • Replies: 0
    • Forum: Security Alerts
  9. News

    Cybercrimes Go Unreported More Often Than People Think, Report Finds

    About half of organizations say cybercrime is under-reported at their organizations, even when reporting is required. Continue reading...
    • News
    • Thread
    • cybercrime cybersecurity data breach information security it security organizations reporting risk management security under-reporting
    • Replies: 0
    • Forum: Live RSS Feeds
  10. News

    How to Speak Convincingly about IT Security Consequences

    Appropriate response to risk requires presenting information in a way that makes the security consequences impossible to ignore. Link Removed
    • News
    • Thread
    • convincing communication information presentation it security risk management security consequences
    • Replies: 0
    • Forum: Live RSS Feeds
  11. News

    Incident Detection & Response: Planning for the Inevitable

    Date: Thursday, June 27, 2019 Time: 02:00 PM Eastern Daylight Time Duration: 1 hour The threat of a cyberattack is so eminent, organizations can no longer simply put up defenses and hope either they aren’t attacked, or defenses will hold should one Continue reading...
    • News
    • Thread
    • cyberattack cybersecurity eminent threat incident detection organization defense planning response plan risk management security strategy threat mitigation
    • Replies: 0
    • Forum: Live RSS Feeds
  12. News

    Microsoft’s Cyber Defense Operations Center shares best practices

    Today, a single breach, physical or virtual, can cause millions of dollars of damage to an organization and potentially billions in financial losses to the global economy. Each week seems to bring a new disclosure of a cybersecurity breach somewhere in the world. As we look at the current state...
    • News
    • Thread
    • behavioral analytics best practices cloud security cyber defense cybersecurity data analysis data protection endpoint protection forensics incident response malware defense microsoft multifactor authentication risk management security monitoring security operations security strategies threat detection user awareness vulnerability management
    • Replies: 0
    • Forum: Security Alerts
  13. News

    Start a Security To-Do List

    Protecting an organization depends on deep knowledge and experience, but a security to-do list can go a long way toward locking things down. Continue reading...
    • News
    • Thread
    • business continuity experience knowledge organization protection risk management security to-do list
    • Replies: 0
    • Forum: Live RSS Feeds
  14. News

    Trusted Cyber Physical Systems looks to protect your critical infrastructure from modern threats in the world of IoT

    This solution seeks to provide end-to-end security that is resilient to today’s cyber-attacks so our industrial customers can operate their critical infrastructures with confidence and with no negative impact to their intellectual property and customer experience. As the Internet of Things...
    • News
    • Thread
    • arm trustzone cloud security compliance control systems critical infrastructure cyber security data protection end-to-end security execution environment hardware isolation intel sgx iot malware microsoft patch management risk management secure protocols trusted systems trustworthiness zero trust
    • Replies: 0
    • Forum: Live RSS Feeds
  15. J

    Windows 10 Bitlocker benefits for PCs that dont leave the office?

    We have a few laptops in our office that we are looking at putting some encryption on as they often leave the office. Bitlocker seems the best solution with it already on Windows 10 and free. I just wonder is Bitlocker worth putting onto the desktop PCs that are in the office and don't ever...
    • jase8888
    • Thread
    • benefits bitlocker cybersecurity data protection data security desktops encryption encryption benefits hard drive information security it solutions laptops office pcs office security portable devices privacy risk management technology windows 10 windows features
    • Replies: 1
    • Forum: Windows Help and Support
  16. News

    Inside the MSRC– The Monthly Security Update Releases

    For the second in this series of blog entries we want to look into which vulnerability reports make it into the monthly release cadence. It may help to start with some history. In September 2003 we made a change from a release anytime approach to a mostly predictable, monthly release cadence...
    • News
    • Thread
    • automatic updates backporting critical vulnerabilities customer action fix documentation microsoft security monthly releases online services opportunistic updates phil misner risk assessment risk management security development lifecycle security research security update severity levels software release cycles support lifecycle update tuesday vulnerability reports
    • Replies: 0
    • Forum: Security Alerts
  17. News

    Cybersecurity and Data Protection: Learning the New Rules

    Sponsored by: KeepItSafe - Date: Thursday, 12/14/17 at 2:00 PM EST Continue reading...
    • News
    • Thread
    • 12/14/17 best practices compliance cybersecurity data protection data security digital safety information security it pro keepitsafe learning new rules online event privacy risk management security awareness technology threat detection webcast webinar
    • Replies: 4
    • Forum: Live RSS Feeds
  18. News

    SHA-1 Collisions Research

    Today, a group of eight researchers from across the security industry released a research report on SHA-1 that demonstrates for the first time, a “hash collision” for the full SHA-1 hash algorithm (called “SHAttered”). This is a significant step toward understanding this type of security issue...
    • News
    • Thread
    • code signing collisions cryptanalysis cryptography cybersecurity dan shumow digital certificates encryption github hash algorithm man-in-the-middle marc stevens microsoft phishing research risk management security sha-1 sha-1 deprecation tls
    • Replies: 0
    • Forum: Security Alerts
  19. News

    MS16-125 - Important: Security Update for Diagnostics Hub (3193229) - Version: 1.0

    Severity Rating: Important Revision Note: V1.0 (October 11, 2016): Bulletin published. Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted...
    • News
    • Thread
    • application cybersecurity diagnostics important it security microsoft windows monitoring ms16-125 october 2016 patch privilege protection revision risk management security system security threats update vulnerability
    • Replies: 0
    • Forum: Security Alerts
  20. News

    MS16-091 - Important: Security Update for .NET Framework (3170048) - Version: 1.0

    Severity Rating: Important Revision Note: V1.0 (July 12, 2016): Bulletin published. Summary: This security update resolves a vulnerability in Microsoft .NET Framework. The vulnerability could cause information disclosure if an attacker uploads a specially crafted XML file to web-based...
    • News
    • Thread
    • 2016 backend security bug fix cybersecurity information disclosure microsoft ms16-091 net framework patch revision note risk management security severity rating software update tech bulletin tech news update vulnerability web application xml file
    • Replies: 0
    • Forum: Security Alerts
Back
Top