How to develop cyber risk mitigation strategy?
If you have been following this post series welcome back and thank you for your support. Hopefully, you have a change to complete the Business Impact Assessment (BIA) exercise and you have recognized the critical systems, critical network, and critical data of your business that need to be protected. Yes, the outcome of the BIA […]
Cybersecurity Threat Advisory: Cisco Unity Connection vulnerability
A new Cisco Unity Connection vulnerability, designated as CVE-2024-20272, has been discovered which poses a significant risk to organizations utilizing Cisco Unity Connection. Read this Cybersecurity Threat Advisory in detail to learn about the vulnerability and how to secure your system. What is the threat? A vulnerability in the web-based management interface of Cisco Unity […]
Cybersecurity Threat Advisory: Critical Outlook vulnerability exploited
Microsoft recently discovered Russian state-sponsored hacker group APT28 (“Fancybear” or “Strontium”) exploiting a critical Outlook flaw to gain access to Microsoft Exchange accounts and steal their critical information. This Cybersecurity Threat Advisory looks at the threat and recommendations to protect against it. What is the threat? The security vulnerability, known as CVE-2023-23397, is a critical escalation of […]
A case study of a cyber attack where hackers manage to shutdown 30 Ukrainian substations in 2015
This week, we are going to look at a case study of a cyber attack that contributed to the hack shutdown 30 Ukrainian substations in 2015. Industrial Control System (ICS) are generally separated from the corporate networks (which are business administrative networks), but it is not the case. The openness between networks contributed to the […]
Cybersecurity Threat Advisory: High-severity WebRTC vulnerability
A critical vulnerability identified as CVE-2023-7024 poses a significant threat to Google Chrome and Microsoft Edge browser users. This high-severity flaw, a heap-based buffer overflow in the WebRTC framework, can lead to remote code execution and potential compromise of sensitive data. Read this Cybersecurity Threat advisory to learn how to mitigate the risks of this vulnerability. What […]
How to identify business critical systems?
If you are a returning viewer, welcome back to the 2nd posts of this month and thank you for your support. For this week, let’s have a look on business critical systems. There are three critical systems: 1. Mission critical systems These are the systems that are responsible for executing the functions organizations depend on […]
Cybersecurity Threat Advisory: Updated Bumblebee malware loader discovered
Today’s Cybersecurity Threat advisory discusses the update to the popular Bumblebee malware loader that increases its defense evasion capabilities. The loader is commonly distributed via “.lnk” (softlink/shortcut) files attached to an email or compressed in a .zip archive attached to an email. Once installed, the loader allows attackers to deploy their desired payload onto affected […]
Identifying your business assets (Confidentiality, Integrity, Availability)
Welcome back if you have been following our posts for cyber awareness month last month. If you are new to this post series, welcome and thank you for your support. As you probably realized, IT becomes integral to day-to-day operation of a business, the cost of failing to protect these systems becomes greater. All organizations […]
Cybersecurity Threat Advisory: Significant increase of cyber incidents
This Cybersecurity Threat Advisory sheds light on the recent global events between Israel and Hamas that have caused a surge in cyber incidents from hacker activists, also known as “hacktivists”. These attacks have been experienced on both sides of the conflict, as well as in other nations. Common targets of these attacks have been government […]
Avoid bankruptcy by Cyber ATTACK
We recently learned that cyber threat actors, with the intention of financial gain, have started to convert their business model to a subscription service. This service offers subscribers protection to be excluded from being ransom in the future. Welcome to the new digital era of extortion by actors who operate like mafia, extorting money to […]