We are facing an epidemic of cyber-attacks that threaten our vital supply chains for food and energy, steal military and government secrets, and rob American businesses of our intellectual property. More than ever, it is vital that organizations are applying foundational information security principles, and continuously adapting to new and emerging threats. I know it goes without saying, but to state the obvious, security controls must be applied in layers […]
Critical Google Chrome CVE-2022-1096 Emergency Patch- Not much is known about the vulnerability itself or how great the impact would be if exploited, but the unusual release of this patch, which notably addresses just one vulnerability, means that this update shouldn’t be ignored. https://www.pcmag.com/news/google-patches-this-years-second-actively-exploited-chrome-zero-day CVE-2022-1040- An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older. […]