California and New York already have strict regulations governing the protection of citizens’ private information. Proposed changes will make them even stricter and provide better protection for peoples’ private information.
A new exploit rated at most serious CVSS 10.0 allows attackers to execute code on the compromised devices and servers. It is imperative that the patch be installed as soon as possible. If the servers can be removed from the internet, even better.
A recently discovered vulnerability in some Intel chips is quite serious with a CVSS rating of 8.8. The vulnerability allows attackers to shut down hypervisors which oversee all the cloud servers. If this occurs, every user would be unable to work. There is a patch available, install it immediately.
Why attempt to break into company devices and servers when you can be invited in? In a new attack angle, cybercriminals are training their people in Pen testing, penetration testing that looks for holes. They then set up companies that performed pen testing. Every company needs pen testing. Be careful who you hire.
First cybercriminals encrypted your information and required a ransom payment to decrypt it. When companies began not paying, they exfiltrated private information and threatened to reveal it publicly if the ransom wasn’t paid. Now they went a step further. One company didn’t pay the ransom or report the breach. The attackers reported them to the regulators.
Cyber insurers are demanding more information about protections in place before approving a policy application. This can be challenging but can also be helpful in being cybersafe. The rates increases for not having the proper precautions in place can be used to justify cyber security expenses.
The Atlassian bug reported recently has been raised to a 10, the highest level of severity. If you use any of the affected systems patch now!
CISA, the government cyber security watchdog issued an alert about a vulnerability in the Service Location Protocol, SLP, that allows attackers to compromise the device and use it in Distributed Denial of Service attacks against others.
In an unfortunate example of how interconnected the financial markets are around the world, a breach at China’s largest bank disrupted trading around everywhere.
Few people know that connecting your phone to your car’s infotainment system gives the car manufacturer permission to capture all your texts and sell information about you to advertisers.
Car makers can record your texts and sell them