A report uses FBI data to parse out state-by-state hacking data by the number of victims and total financial losses for every 100,000 residents. Image: GettyImages/Petri Oeschger In recent months, a string of high-profile cyberattacks has reverberated across critical aspects of the U.S. infrastructure ranging from petroleum and meat production to local water supplies, bringing network security front and center for companies and households alike. In June, automated marketing company, Get Response, released a report…

When I was younger, and printed newspapers were a more common household purchase, I remember fondly watching my mother play a game called “Spot the Ball.” For those of you not familiar with this, it consisted of a photograph of a recent football (soccer) match with the ball removed from the image, and the goal was to place a cross or series of crosses indicating where you thought the ball was. Inevitably, the paper would…

In my previous post, I disclosed that SonicWall had quietly released vulnerability fixes over the course of several days before vulnerability advisories were published for CVE-2020-5135. Rather than properly fixing CVE-2020-5135, SonicWall’s fix introduced a new vulnerability in the same code. SonicWall was aware of the new vulnerability but deferred the small fix until the next release, more than 6 months later. These disclosures, more than most, touched into a couple of interesting topics with…

Today’s VERT Alert addresses Microsoft’s July 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-954 on Wednesday, July 14th. In-The-Wild & Disclosed CVEs CVE-2021-34527 The vulnerability dubbed PrintNightmare was patched prior to the Tuesday patch drop, but it is still worth including here. This vulnerability also generated a bit of confusion. There is confusion around the CVE associated with the vulnerability. CVE-2021-1675 was patched in June and…

In the latest VMware multi-cloud podcast, Eric Nielsen (@ericnpro) and I (@djasso7494) sat down with Mandy Storbakken to discuss DevOps and its relationship to Cloud Management.  Mandy is a Senior Technical Manager leading VMware’s Emerging Business Solution Architects.   She is also a core member of the VMware Cloud Management Center of Excellence team and in her most recent role before this one, Mandy was a VMware Cloud Technologist with a primary focus on Multi-Cloud Management….

It’s widely accepted that people are the weakest part of any organisation’s security defences. You can spend months designing flawless processes and you can invest in state-of-the-art technology to detect threats, but these both only work if the people using them know what they’re doing. That’s why information security policies are arguably the most important part of an organisation’s defence. They are a list of instructions for staff to follow in various scenarios, covering a…