Globally, October is annually recognized as the cybersecurity awareness month. This is cognizant of the continuous need to keep end users updated with the latest knowledge and tips to remain safe online. Effective cybersecurity is a dynamic area that requires both human based and technology interventions! We encourage every organization to participate in this awareness drive by designing and executing creative cybersecurity awareness messages to users and clients. Like the old saying goes, cybersecurity is everyone’s responsibility.
Windows PowerShell is a task-based command-line shell or user interface that allows for task automation to manage operating systems and processes. This tool is increasingly used by malicious actors to gain control of systems once they infiltrate an organization’s network.
Password spraying is a tactic used by malicious actors to attempt gain unauthorized access to an account by systematic password guessing against multiple usernames. Several security updates show that this is a commonly used malicious tactic. This therefore requires system administrators to implement appropriate mitigation measures to reduces this happening in IT environments. The Uganda National CERT and Coordination Center recommends the following top tips:
The most popular smart phone operating systems are iOS, Android and HarmonyOS. Users can access their preferred apps through the official secure app stores such as Apple’s App Store, Google Play or Huawei AppGallery. Baseline security checks are carried out to ensure that the apps allowed into these stores are secure. However, there are instances when users may wish to download apps outside their official app store. These unofficial app stores are commonly referred to as third-party app stores. These are the common risks of using such third-party app stores
Repojacking is a tactic used by malicious actors to hijack old repository names and add scripts that target dependent applications. This happens when a developer changes or repository owner changes their username. Malicious actors target the combination of old username and repository name. Based on this, repo jacking is a threat that organizations should start monitoring whether developers are in-house or outsourced.
Three interrelated high-severity security flaws discovered in Kubernetes could be exploited to achieve remote code execution with elevated privileges on Windows endpoints within a cluster.