Myanmar Cyber Crime Bosses Handed to China You may remember that a couple of weeks ago I reported that the Myanmar government turned over control of the part of the country where Crime bosses were running various social engineering scams and human trafficking to the rebels who threatened to shut them down. Now there are […]
Continue reading → [DISPLAY_ACURAX_ICONS]TSA Updates Cybersecurity Guidelines for Pipeline Operators After the Colonial Pipeline meltdown last year, TSA, who regulates pipeline cybersecurity (don’t ask), issued a set of regulations for pipeline operators to follow. Given that TSA had less than a dozen people in their cybersecurity department and zero industrial IoT expertise, it is not a surprise that […]
Continue reading → [DISPLAY_ACURAX_ICONS]The cloud is not magic. Nor does it fix all vulnerabilities. Cases in point. Two security vendors are accusing Microsoft of unnecessarily putting customers’ data at risk. The vendors, Orca Security and Tenable, are not bit players with a grudge, so you have to, at least, listen to them. According to the source: In a […]
Continue reading → [DISPLAY_ACURAX_ICONS]Security company Imperva says that almost all companies have internal databases with known vulnerabilities. The average vulnerable database has 26 publicly disclosed flaws. More than half of them are rated Critical or high severity. They collected this data over the past FIVE YEARS. While being internal does make it slightly harder for the hackers to […]
Continue reading → [DISPLAY_ACURAX_ICONS]The average time to weaponize a new bug is seven days. that means that you have about half that time to harden your system to that attack. Almost no one regularly patches serious bugs that quickly. In 2019 Threatpost said that it took organizations 102 days to patch (see link above). That was in 2019. […]
Continue reading → [DISPLAY_ACURAX_ICONS]Once a new bug is publicly announced, it takes, on average, seven days for bad guys to figure out how to weaponize it. Experts say that this means that you need to harden your systems against that new attack within 72 hours. That is not very long, even for the best of operations. How long […]
Continue reading → [DISPLAY_ACURAX_ICONS]