Security Bulletin

I was recently looking at a ZIP file, and after some time, I noticed that 7Zip was not displaying a modification date/time:

It's past time to reimagine how to best nurture talent and expand recruiting and training to alleviate the shortage of trained cybersecurity staff. We need a diverse talent pool trained for tomorrow's challenges.

Gee interviews David, a hiring manager, to discuss why he looks for skills “outside of the box”, his mentoring experience, and more.

Security sensors are common in the home for both prevention and response in the event something goes wrong. But in the cloud, have you taken the same approach?

The National Cybersecurity Strategy calls for strong governance around vulnerability reporting – and that benefits everyone.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Wireshark 4.2.0rc1 is now available, which means that soon we will move from 4.0.x to 4.2.x.

Jim was inspired by my diary entry " IPv4 Addresses in Little Endian Decimal Format" to make a new tool " New tool: le-hex-to-ip.py".

For those of you that use wireshark, they released 4.0.9 and 3.6.17 followed a few hours later by 4.0.10 and 3.6.18 on 4 Oct. According to the release notes the problem was primarily a Mac issue.

Significant cybersecurity gaps have been discovered by the Department of Energy Office of the Inspector General in the Brookhaven National Laboratory, FedScoop reports.

BleepingComputer reports that default software and app configurations, improper user/admin privilege separation, inadequate internal network monitoring, lacking network segmentation, and subpar patch management were noted by the National Security...