Search Results: vulnerabilities

What You Need To Know About New IoT Vulnerabilities

Two recently vulnerability disclosures say millions of IoT devices could allow attackers to spy on organizations or control affected devices.

August 26, 2021 Zachary Comeau Leave a Comment

The IoT has long been thought to be full of gaping vulnerabilities for attackers to exploit, and it’s now becoming a reality as two recently vulnerability disclosures say millions of IoT devices could be at risk and allow attackers to spy on organizations or completely control affected devices. IoT Inspector was the first to disclose […]

Patch the Print Nightmare Vulnerabilities Now

Several threat actors are now using the PrintNightmare vulnerabilities in ransomware attacks on unpatched systems.

August 13, 2021 Zachary Comeau Leave a Comment

Much has been made of the vulnerabilities recently discovered in the Windows Print Spooler Service and Microsoft’s patches for the issue. Now, systems that remain unpatched are being attacked by ransomware operators. In a new report, Cisco Talos says a threat actor is exploiting those vulnerabilities – dubbed PrintNightmare – to spread laterally across a […]

44 Vulnerabilities Addressed in Microsoft’s August Security Release

IT admins should prioritize patches for several critical flaws, including one that is being actively exploited.

August 11, 2021 Zachary Comeau Leave a Comment

Microsoft’s August security patches include fixes for 44 vulnerabilities, including three zero days and one that is being actively exploited. The most important patches fix issues related to the Windows Print Spooler remote code execution vulnerability and the Windows LSA spoofing vulnerability and an actively exploited vulnerability in Windows Update Medic Service. Because of the […]

Fix These Human Vulnerabilities

Remote workers, distracted and cognitively taxed under the stresses of the pandemic may have been more likely to click on threats.

August 5, 2021 Alyssa Borelli Leave a Comment

Remote workers, distracted and cognitively taxed under the stresses of the pandemic may have been more likely to click on threats.

What You Need To Know About Vulnerabilities and Data Breaches in 2021

August 5, 2021 Zachary Comeau Leave a Comment

A pair of new reports from Risk Based Security find that disclosed software and hardware vulnerabilities continue to increase while reported data breaches in most parts of the world decline. For IT administrators struggling to keep pace with the rapid changes in cybersecurity, the reports provide some useful insight into exactly what you’re up against. […]

Patch These Heavily Exploited Vulnerabilities Now

Vulnerabilities in Citrix, Pulse, Microsoft and Fortinet products are among the most commonly exploited, according to federal agencies.

July 28, 2021 Zachary Comeau Leave a Comment

When a vendor or security researcher discloses a vulnerability in an IT product, organizations should be quick to apply the patch or implement a secure workaround to protect networks from bad actors that are quick to exploit that vulnerability. When those vulnerabilities are in widely used products from popular vendors like Citrix, Pulse, Microsoft and […]

The Top Three Most Dangerous Software Vulnerabilities

Mitre released its annual list of the most dangerous software vulnerabilities for developers and users alike to be aware of and patch ASAP.

July 23, 2021 Alyssa Borelli Leave a Comment

Mitre released its annual list of the most dangerous software vulnerabilities for developers and users alike to be aware of and patch ASAP.

Microsoft IDs Three Vulnerabilities In NETGEAR Routers

Microsoft has identified three new vulnerabilities in a series of NETGEAR routers that can open the gates to an entire organization.

July 1, 2021 Zachary Comeau Leave a Comment

Microsoft has identified three new vulnerabilities in a series of NETGEAR routers that can compromise a network’s security and give attacker free reign throughout an entire organization. In a new blog, the Microsoft 365 Defender Research Team says that while researching device fingerprinting in the new device discovery capabilities in Microsoft Defender for Endpoint, it […]

My TechDecisions Podcast Episode 121: Hafnium and the Microsoft Exchange Server Vulnerabilities

MJ Shoer, SVP and executive director of the CompTIA ISAO, joins the podcast to discuss the recently disclosed vulnerabilities in Microsoft Exchange Server.

March 12, 2021 Zachary Comeau Leave a Comment

MJ Shoer, SVP and executive director of the CompTIA ISAO, joins the podcast to discuss the recently disclosed vulnerabilities in Microsoft Exchange Server.

Warning: Chinese Threat Actors Targeting Unpatched Vulnerabilities

The U.S. Cybersecurity and Infrastructure Security Agency warns of Chinese threat actors targeting government agencies via unpatched vulnerabilities.

September 16, 2020 Zachary Comeau Leave a Comment

A new advisory from the U.S. Cybersecurity and Infrastructure Security Agency warns of Chinese government-affiliated cyber threat actors using publicly available and open-source information to leverage unpatched software vulnerabilities to attack U.S. government agencies. According to the warning, hacking groups affiliated with the Chinese Ministry of State Security for the last 12 months have been […]