More than six months after the Log4Shell vulnerability was discovered in the widely used Java logger Log4j, cybersecurity agencies are warning of the continued exploitation of the bug in unpatched VMWare Horizon and Unified Access Gateway servers. The U.S. Cybersecurity and Infrastructure Agency (CISA), along with the U.S. Coast Guard Cyber Command (CGCYBER), say malicious […]
The public preview for Windows Autopatch is now available for organizations that want to automate the process of managing and rolling out updates for Windows and Microsoft 365 apps about a month before it is expected to reach general availability. The Autopatch service, free for certain Windows licenses, is designed to take the burden of […]
In the wake of Active Directory authentication failures caused by Microsoft’s May 2022 Patch Tuesday updates, the U.S. Cybersecurity and Infrastructure Security Agency has removed a Windows LSA spoofing zero day bug from its catalog of vulnerabilities agencies are required to patch. The bug, CVE-2022-26925, is a Windows LSA spoofing flaw that was patched last […]
Security analysts at Skybox Security uncovered a 42% increase in new ransomware programs targeting known vulnerabilities last year, including critical vulnerabilities discovered in Log4j and Exchange Server. The San Jose, Calif. cybersecurity company’s 2022 Vulnerability and Trends Report, released this week, details how quickly hackers capitalize on new security bugs and continue to reduce the […]
IT admins have a lot of patching to do this month as Microsoft has released patches to address nearly 130 security vulnerabilities, including 10 critical bugs and three with a CVSS of 9.8. According to Zero Day Initiative (ZDI), the vulnerability disclosure initiative of cybersecurity firm Trend Micro, this volume of patches has not been […]
One of Microsoft’s largest announcements about improvements to the Windows management experience for IT professionals last week was Windows Autopatch, a new feature of Windows Enterprise E3 designed to keep Windows and Office software on enrolled endpoints updated automatically. According to Microsoft, Patch Tuesdays — when the company releases monthly security patches the second Tuesday […]
With thousands of new software vulnerabilities to protect against each year, it is critical that organizations develop a robust vulnerability management program that can quickly identify and remediate vulnerabilities in IT environments. Issues like Log4Shell, PrintNightmare, ProxyLogon and dozens of other critical vulnerabilities in widely used systems have kept IT departments up at night as […]
VMware is urging customers to immediately patch vulnerabilities in ESXi, Workstation, Fusion and Cloud Foundation running in on-premises or co-located settings. The patches fix a total of five CVEs in those products that were disclosed during the Tianfu Cup, a Chinese security event that VMware participates in. According to the company, the flaws were reported […]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has been extremely active in helping both the public sector and private sector respond to cybersecurity threats, and is often one of the leading voices when new threats emerge. The agency, part of DHS, has released guides, advisories and other resources on current and historical threats, and […]
Organizations with iPhones, iPads in their IT environment should apply a new Apple security update that fixes a new zero day code execution vulnerability that has been exploited in the wild. In an advisory, Apple said the issue impacts a wide range of devices, including: iPhone 6s and later, iPad Pro (all models), iPad Air […]
FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets
View all Guides
Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.
Enter Today!