Insights

To Patch or Not To Patch

Software patches are being issued on a frequent basis and the often the number of patches is large. Patching takes time and people, two scarce resources. The alternative to patching is mitigation of the resource. This Insight looks at the impact of these alternatives. 

 

Patching takes time and resources but not patching can be devastating


We asked the new AI to do some simple rocket science. It crashed and burned

ChatGPT the new AI application has been touted as the new replacement for everything. Maybe not everything but it is being viewed as the way to do math write reports, and more. This shows it isn’t as smart as people believe and relying on it may lead to significant errors. 

ChatGPT maybe not as smart as we think


Cyberattack on Fintech Firm Disrupts Derivatives Trading Globally

Fintech, Financial Technology, has been growing at a rapid rate the past few years. A fintech firm suffered a successful ransomware attack that affected derivative trading globally.  

 

https://www.darkreading.com/attacks-breaches/cyberattack-fintech-firm-disrupts-derivatives-trading?fbclid=IwAR18fSLwqh67B3AcdmDHzjzyuwCWr2Ik484u0I5OxYrjZCtq5N5mnXKwciQ


CISA to Open Supply Chain Risk Management Office

Supply chain compromises have become more frequent and more devastating in their impact. CISA is now opening an office dedicated to these risks. 

CISA opens supply chain office


What is Doxing and Why Should You Care

Doxing is not an innocent action. It can cause significant damage to someone and may lead to death. Doxing is a crime of revenge and needs to be taken very seriously. 

Doxing is way more serious than it sounds


ChatGPT Opens New Opportunities for Cybercriminals: 5 Ways for Organizations to Get Ready

ChatGPT is an AI powered chatbot useful for creating realistic chats to be used for many purposes. However, if hacked, it can produce very realistic phishing questions and for other nefarious purposes. 

AI enabled chatbot creates great risks


Malware Comes Standard With This Android TV Box on Amazon

A bargain priced TV box from Android looked like a good deal. But investigations showed it contained multiple instances of malware. Installing the box released the malware which contacted malware servers to download more malware. 

Android TV box comes with malware installed


Zoho ManageEngine PoC Exploit to be Released Soon - Patch Before It's Too Late!

An exploit of ManageEngine is about to be released publicly. Your best defense is to install the patch released by Zoho and close the security hole.    

Patch before the exploit is released publicly


Microsoft Patches 4 SSRF Flaws in Separate Azure Cloud Services

Microsoft released many patches this week including some for very significant vulnerabilities. We recommend installing the patches as soon as possible. 

 

Microsoft releases patches for major flaws


Phishing – Still Incredibly Successful

Phishing is a technique used by cyber criminals to steal information or download an infection. It has been around for years, and much effort has gone into protecting against it. But it still succeeds far too often.

 

Phishing still too successful