January 22nd, 2018 by John
The World Economic Forum has released its annual Global Risks Report, which prominently addresses cyber risk. They’ve also released a Cyber Resilience Report, which comes in two parts: “a reference architecture for public-private collaboration, and cyber policy models.” The playbook, intended to be adaptable to any nation’s values and interests, takes up fourteen policy topics and analyzes them in terms of their impact on five areas: security, privacy, economic value, accountability, and fairness.
Posted in Cybersecurity & Infosec, Risk Management
January 17th, 2018 by John
Please folks, don’t post passwords on PostIt Notes… especially when you are on TV.
Posted in Cybersecurity & Infosec
January 3rd, 2018 by John
https://www.csoonline.com/article/3245037/security/researcher-drops-15-year-old-macos-zero-day-that-leads-to-full-system-compromise.html
Posted in Cybersecurity & Infosec, Exploits & Attacks
January 3rd, 2018 by John
Posted in Cybersecurity & Infosec
December 6th, 2017 by John
US-CERT has released a security update regarding a vulnerability in Apache Struts versions 2.5 to 2.5.14. The Apache Software Foundation released Apache Security Bulletins S2-054 and S2-055, which respectively address CVE-2017-15707 and CVE-2017-7525.
The vulnerabilities could allow a remote, unauthenticated attacker to perform a denial-of-service (DOS) by submitting malicious JSON data. The vulnerable systems use an outdated JSON-lib library with the Struts REST plugin. Read More
Posted in Cybersecurity & Infosec, Exploits & Attacks