3rd Party Risk Management and Data Destruction

Morgan Stanley Data Breach – Lessons to be Learned

The Morgan Stanley data breach of 2022 where surplus equipment was sent to a 3rd party for data destruction but ended up on eBay is a lesson’s learned treasure trove. From Data Retention and Destruction process failures to contract failures to 3rd party risk management failures, there are plenty of improvement opportunities for SMBs and MSPs to learn from here. This article highlights how you can improve your cybersecurity program from the failures of this breach.

okta security advisory

Security Advisory: Okta Breached

March 22nd, 2022: CyberHoot is investigating a potential breach at Okta, developers of a cloud-based identity and access management solution used by thousands of companies world-wide. Okta is currently investigating, …

php security advisory

Security Advisory: PHP Security Flaw

February 18th, 2022: If you’re using PHP in your network, check that you’re using the latest versions, currently 7.4.28 or 8.1.3. Released yesterday [2022-02-17], this version fixes various memory mismanagement …

wormable http hole

Advisory: Wormable Windows HTTP Bug

January 12th, 2022: Today Microsoft sent a notification of a critical risk to those who use Windows devices. The critical bug is CVE-2022-21907, also known as HTTP Protocol Stack Remote …

apple security patch

Apple Zero-Day Patch for Macs & iPhones

An anonymous Apple researcher found a security flaw in Macs and iPhones that hackers are actively exploiting. The vulnerability goes by CVE-2021-30807, with the researcher stating: “An application may be …