CISA has issued an emergency federal alert for a new exploit in the wild for Microsoft NetLogon security. This new exploit has been successfully reverse engineered from August 2020 “Patch Tuesday” update fixes. While many corporate & home users are already protected — it would be important for those who lag behind to get updated […]
Apple has released security updates to address vulnerabilities as part of iOS 14 & other related product releases that introduce new functionalities also https://us-cert.cisa.gov/ncas/current-activity/2020/09/17/apple-releases-security-updates https://support.apple.com/en-us/HT211850 https://www.apple.com/ios/ios-14/ An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Apple security pages for the following […]
A new exploit has been successfully re-engineered from August 2020 “Patch Tuesday” update fixes. While many corporate & home users are already protected — it would be important for those who lag behind to get updated at least to AUG-2020 current levels for security updates. https://us-cert.cisa.gov/ncas/current-activity/2020/09/14/exploit-netlogon-remote-protocol-vulnerability-cve-2020-1472 CISA is aware of publicly available exploit code for […]
https://us-cert.cisa.gov/ncas/current-activity/2020/09/15/iran-based-threat-actor-exploits-vpn-vulnerabilities CISA and the Federal Bureau of Investigation (FBI) have released a Joint Cybersecurity Advisory on an Iran-based malicious cyber actor targeting several U.S. federal agencies and other U.S.-based networks. This Advisory analyzes the threat actor’s indicators of compromise (IOCs); and tactics, techniques, and procedures (TTPs); and exploited Common Vulnerabilities and Exposures (CVEs). CISA encourages […]
This September 2020 IIL blog article speculates further technology developments will increase use of Artificial Intelligence & automation within the PM process itself. Artificial Intelligence in Project Management I therefore expect that the following key elements will define the future of project management: 1. Data-driven decision-making processes — A change towards a data and fact-driven […]
This September 2020 IIL blog article features a valuable article on how to better integrate client & other stakeholder participation in major projects. The 6 Principles of Stakeholder Engagement [Infographic] In Stakeholder-led Project Management: Changing the Way We Manage Projects Louise M. Worsley sets out 6 principles for engaging project stakeholders. I thought they were […]
This September 2020 IIL blog article features a valuable article on how to improve addressing day-to-day tasks. A client focus, 80/20 rule on what is most important, and to build your own daily planning list are all excellent recommendations How to boost your career with simple time allocation tricks This article ambitions to provide you […]
Annually each September is designated as “National Preparedness Month”. The theme is to prepare in advance for potential security events where a contingency plan should be updated to all latest changes & firms should be ready from DR perspective or other outages. https://us-cert.cisa.gov/ncas/current-activity/2020/09/03/september-national-preparedness-month September is National Preparedness Month, which promotes family and community disaster planning. […]
The USA cybersecurity agencies are alerting organizations of increasing “network flood attacks” that can cause slowdowns or shutdown servers. https://us-cert.cisa.gov/ncas/current-activity/2020/09/04/dos-and-ddos-attacks-against-multiple-sectors CISA is aware of open-source reporting of targeted denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks against finance and business organizations worldwide. For more information, see CISA’s Tip onUnderstanding Denial-of-Service Attacks. A DoS attack is accomplished by […]
Microsoft has released important “Patch Tuesday” monthly security updates. These should applied promptly as some of these vulnerabilities have potential to be actively exploited in-the-wild: https://isc.sans.edu/forums/diary/Microsoft+September+2020+Patch+Tuesday/26544/ https://blog.talosintelligence.com/2020/09/microsoft-patch-tuesday-for-sept-2020.html https://www.thezdi.com/blog/2020/9/8/the-september-2020-security-update-review https://patchtuesdaydashboard.com/ https://portal.msrc.microsoft.com/en-us/security-guidance/summary https://us-cert.cisa.gov/ncas/current-activity/2020/09/08/microsoft-releases-september-2020-security-updates For September, Microsoft released patches for 129 CVEs in Microsoft Windows, Edge (EdgeHTML-based and Chromium-based), ChakraCore, Internet Explorer (IE), SQL Server, Office and Office […]
