Fresh Thinking for the Modern CISO
powered by Kudelski Security
Microsoft Type 1 Font Parsing Critical 0-Day Remote Code Execution Vulnerabilities
Summary On March 23rd, 2020 Microsoft publicly disclosed the existence of two critical 0-Day vulnerabilities in all recent versions of the Microsoft Windows operating system. Microsoft is aware of limited targeted attacks that leverage these 0-Day vulnerabilities and...
read more
Cybersecurity Concerns with COVID-19
We are having increasing numbers of conversations with clients about cybersecurity and business continuity challenges resulting from the rapid adoption of work-from-home scenarios to combat the spread of COVID-19. Clients are interested in cybersecurity policy updates...
read more
Security Advisory: Microsoft Server Message Block 3 (SMBv3) Remote Code Execution Vulnerability
Updated on March 12th, 2020: to reflect that Microsoft has now made a patch for the vulnerability available. As such, we’ve updated the advisory reflects updated mitigations. Summary On March 10th, a critical Remote Code Execution (RCE)...
read more
5 Ways to Up Your Threat Management Game
Good security programs start with a mindset that it's not about the tools, it's what you do with them. Here's how to get out of a reactive fire-drill mode with vulnerability management. The basis of a good security program starts with a mindset that it's not about the...
read more
Global Cybersecurity Outlook: Andre Kudelski at World Economic Forum
The annual cost of cyberattacks is expected to reach $6 trillion by 2021. What trends will shape cybersecurity in the near future? On the Forum Agenda: - Threats and opportunities for emerging technologies - New models of public-private information exchange -...
read more
This is Not Another 2020 CISO Trends Piece
Microsoft Chief Security Advisor and former Coca-Cola Company CISO, Jim Eckart, spoke at Kudelski Security’s Sales Kick Off in January. Below is a summary of his presentation. Every new year brings a glut of articles on industry predictions and with it, inevitable...
read more
Cybercriminalité; La sécurité des réseaux électriques devient vitale
Kudelski se profile dans la sécurité des infrastructures critiques alors que la Confédération est en train d’étudier la vulnérabilité du système électrique La cybersécurité est au cœur de la controverse qui oppose l’entreprise chinoise Huawei à l’administration...
read more
CurveBall: Microsoft Windows CryptoAPI Spoofing Vulnerability Webcast
Kudelski Security's Francisco Donoso, Director - Global Security Strategy, provides a brief webcast overview of CurveBall, the Microsoft Windows cryptographic API vulnerability. Today, we'll be talking about CurveBall, a Microsoft Windows cryptographic API...
read more