Review – 6 Advisories Published – 6-28-22
Today, CISA’s NCCIC-ICS published six control system security advisories for products from Motorola Solutions (3), Advantech, Omron, and ABB. Motorola Advisory #1 – This advisory discusses the OT:ICEFALL vulnerabilities in…
Committee Hearings – Week of 6-26-22
With the House conducting remote hearings and the Senate in their two-week 4th of July weekend, there is a very light hearing scheduled. There will be three spending bill markups…
Hertzbleed explained
You may have heard a bit about the Hertzbleed attack that was recently disclosed. Fortunately, one of the student researchers who was part of the team that discovered this vulnerability…
The Trail of Bits Hiring Process
When engineers apply to Trail of Bits, they’re often surprised by how straightforward and streamlined our hiring process is. After years of experience, we’ve cut the process to its bedrock,…
SynLapse – Technical Details for Critical Azure Synapse Vulnerability
This blog was originally published by Orca Security on June 14, 2022. Written by Tzah Pahima, Orca Security. One attack vector closed, additional hardening is recommended This blog describes the…
Enabling Pervasive Zero Trust
This blog was originally published by CrowdStrike on March 9, 2022. Written by George Kurtz, CrowdStrike. The security problems that plague organizations today actually haven’t changed much in 30 years.…
Cloud Security Alliance, Cyber Risk Institute Partner to Create Cloud Controls Matrix (CCM) Addendum for the Financial Sector
Strategic collaboration addresses sector-specific requirements within CCM frameworkSEATTLE – June 28, 2022 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices…
CSA and the Cyber Risk Institute: CCM Addendum for the Financial Sector
The CSA Cloud Controls Matrix (CCM) is 11 years old. Almost a teenager! Over time it has evolved and matured and has been a fundamental piece of the cloud journey…
Security Vulnerability Remediation: To Patch or Not to Patch?
Type: Blogs Security Vulnerability Remediation: To Patch or Not to Patch? 5 Life-Saving Questions to Ask Yourself Today Knowing the answers to these 5 security vulnerability remediation questions can help…
How Pulsar Security Established their Continuous Cyber Workforce Development
Learn how Pulsar Security leveraged Offensive Security cybersecurity training program to establish their continuous workforce development and upskilled their security team. The post How Pulsar Security Established their Continuous Cyber…