Cyberattacks on Dropbox, Europe’s biggest copper producer and another Australian business make this week’s headlines. Here are the latest threats and advisories for the week of November 4, 2022. Threat Advisories and Alerts Google Chrome Suffers Seventh Zero-Day Vulnerability of the Year Google has released an emergency update for its Chrome web browser to address its seventh zero-day vulnerability (CVE-2022-3723) of the year. If the security flaw is exploited, attackers could perform remote code execution, access memory regions that could crash applications or read sensitive information of other apps. Google Chrome users are advised to update their browsers immediately.  Source: https://thehackernews.com/2022/10/google-issues-urgent-chrome-update-to.html Patches Released for Two High-Severity OpenSSL Vulnerabilities The popular cryptography library OpenSSL has released an update to address high-severity

The 2022 (ISC)² Cybersecurity Workforce Study revealed a global workforce gap of 3.4 million professionals. While 55% of respondents believe diversity will increase among their teams within two years, it is no surprise that diversity in the cybersecurity industry is still lacking. To bridge the gap and effectively secure information and assets, we need to cast a wider net and embrace greater diversity within the profession – specifically, enabling individuals from all backgrounds to join the field and equip them with the right tools to succeed in their cybersecurity career journey. To empower individuals to continuously grow in their cybersecurity careers, this week, (ISC)² announced five global partnerships to support diversity, equity and inclusion initiatives. These partners include: Australian Women

The International Association of Privacy Professionals (IAPP) and (ISC)² teamed up to dive into similar challenges facing security and privacy professionals in a constantly evolving world. The latest (ISC)² Workforce Study shows an IT background – either from education or work experience – remains the most common point of entry for cybersecurity roles as 63% of participants reported it as their path to cybersecurity. This percentage has lowered in recent years, giving way to a variety of other entry points. Today, just over one-third of cybersecurity professionals get their start outside of IT. This number continues to expand as the profession sees exponential growth and businesses embrace diversity in order to bridge the workforce gap of 3.4 million and protect

By Allen Ari Dziwa, CISSP, CCSP a risk specialist and SME for the Federal Reserve Bank of Cleveland. He has worked in technology and cybersecurity consulting for 15 years. Allen currently serves on the Board of Directors of ISSA North Texas, E-Council’s Ethical Hacking Advisory Board and contributed to CISSP reviews for (ISC)². He is a certified ethical hacker and certified threat intelligence analyst. The purpose of a Board of Directors is to provide governance and hold senior management accountable, including implementing cybersecurity strategy within established cyber risk appetite. A goal for any organization is generating revenue from business activities, which in most cases involves the use of technology and systems exposed to the internet. The use of technology and