Comment: Mozilla Firefox Flaw Allowed Spoofing of HTTPS Browser Padlock, Fixed

Firefox feature

It has recently been reported that the Mozilla Foundation fixed a flaw in its Firefox browser that allowed spoofing of the HTTPS secure communications icon, displayed as a padlock in the browser address window. Successful exploitation of the flaw could have allowed a rogue website to intercept browser communications. The patch was part of the […]

CISA: US Govt Agencies, CI Orgs. Hit Via Pulse Secure Vulns – CISO Comments

CISA’s alert –  Exploitation of Pulse Connect Secure Vulnerabilities – confirms that attackers breached US government agencies and other critical organizations by exploiting vulnerabilities in Pulse Secure products. “Since March 31, 2021, CISA assisted multiple entities whose vulnerable Pulse Connect Secure products have been exploited by a cyber threat actor.” The CISO of Shared Assessments, the […]

Apple Attacked By REvil Ransomware – Response

Extraordinary Financial Performance for 2015

Following news today that Apple was targeted in a ransomware attack carried out by REvil – with a key Apple supplier in Taiwan being sent threats around stolen blueprints of new iPads and iMacs – please find below commentary from security expert.

Eversource Energy Data Breach Comment

It has been reported that a misconfiguration error has exposed personal data belonging to customers of New England’s largest energy provider. On March 16, Eversource discovered that one of its cloud data storage folders had erroneously been set to open access rather than to restricted access. The company serves more than 3.6 million electric and natural gas customers in […]