Security

Security News

22 November 2022

Digesting CISA's Cross-Sector Cybersecurity Performance Goals

Last month, CISA released cross-sector cybersecurity performance goals (CPGs) in response to President Biden's 2021 National Security Memorandum on improving cybersecurity for critical infrastructure control systems. Since then, the CPGs have been observed by the cybersecurity community as “the floor” and “a baseline” to cybersecurity hygiene and practices. Even as basics to cyber hygiene, it is important to understand the released voluntary practices.

22 November 2022

Microsoft Releases Out-of-Band Update After Security Patch Causes Kerberos Issues

Microsoft has released an out-of-band update after learning that a recent Windows security patch started causing Kerberos authentication issues.

22 November 2022

Cisco Secure Email Gateway Filters Bypassed Due to Malware Scanner Issue

An anonymous researcher has disclosed several methods that can be used to bypass some of the filters in Cisco's Secure Email Gateway appliance and deliver malware using specially crafted emails.

21 November 2022

California County Says Personal Information Compromised in Data Breach

The County of Tehama, California, has started informing employees, recipients of services, and affiliates that their personal information might have been compromised in a data breach.

21 November 2022

Google Making Cobalt Strike Pentesting Tool Harder to Abuse

Google has announced the release of YARA rules and a VirusTotal Collection to help detect Cobalt Strike and disrupt its malicious use.

22 November 2022

US Offshore Oil and Gas Infrastructure at Significant Risk of Cyberattacks

The offshore oil and gas infrastructure faces cybersecurity risks that the Department of Interior should immediately address, the US Government Accountability Office (GAO) notes in a new report.

21 November 2022

33 Attorneys General Send Letter to FTC on Commercial Surveillance Rules

Attorneys general in 33 US states are urging the Federal Trade Commission (FTC) to take into consideration consumer risks as it looks into creating rules to crack down on commercial surveillance.

21 November 2022

PoC Code Published for High-Severity macOS Sandbox Escape Vulnerability

A security researcher has published details and proof-of-concept (PoC) code for a macOS vulnerability that could be exploited to escape a sandbox and execute code within Terminal.

Page 36 of 2215

Security News

Digesting CISA's Cross-Sector Cybersecurity Performance Goals

Microsoft Releases Out-of-Band Update After Security Patch Causes Kerberos Issues

Microsoft has released an out-of-band update after learning that a recent Windows security patch started causing Kerberos authentication issues.

Cisco Secure Email Gateway Filters Bypassed Due to Malware Scanner Issue

An anonymous researcher has disclosed several methods that can be used to bypass some of the filters in Cisco's Secure Email Gateway appliance and deliver malware using specially crafted emails.

California County Says Personal Information Compromised in Data Breach

The County of Tehama, California, has started informing employees, recipients of services, and affiliates that their personal information might have been compromised in a data breach.

Google Making Cobalt Strike Pentesting Tool Harder to Abuse

Google has announced the release of YARA rules and a VirusTotal Collection to help detect Cobalt Strike and disrupt its malicious use.

US Offshore Oil and Gas Infrastructure at Significant Risk of Cyberattacks

The offshore oil and gas infrastructure faces cybersecurity risks that the Department of Interior should immediately address, the US Government Accountability Office (GAO) notes in a new report.

33 Attorneys General Send Letter to FTC on Commercial Surveillance Rules

Attorneys general in 33 US states are urging the Federal Trade Commission (FTC) to take into consideration consumer risks as it looks into creating rules to crack down on commercial surveillance.

PoC Code Published for High-Severity macOS Sandbox Escape Vulnerability

A security researcher has published details and proof-of-concept (PoC) code for a macOS vulnerability that could be exploited to escape a sandbox and execute code within Terminal.

Meet

Resources

More About Us