Apple this week has patched a wide range of security fixes, including one in WebKit that is being actively exploited and impacting all supported iPhones. The security update, included in iOS 16.1.2, macOS Ventura, macOS Big Sur, macOS Monterey, Apple TV, fixes a bug that would allow arbitrary code execution if maliciously crafted web content […]
Palo Alto Networks is releasing Xpanse Active Attack Surface Management, a new tool built into the cybersecurity solution provider’s Cortex platform designed to help security teams actively find and fix known and unknown internet-connected risks. According to the Santa Clara, Calif.-based company, Xpanse Active Attack Surface management (Xpanse Active ASM) is designed with automation to […]
Microsoft is launching the public preview for hardware and firmware assessments in Microsoft Defender Vulnerability Management, a new feature designed to give organizations full visibility into device manufacturer, processor and BIOS information. According to the Redmon, Wash. IT giant, firmware and hardware attacks are on the rise as hackers target hardware components to gain high […]
New research from vulnerability management software company Tenable finds that nearly three-quarters of organizations remain vulnerable to the Log4Shell vulnerability as of Oct. 1, nearly a full calendar year after the critical bug in the widely used Java logging tool Log4j was discovered. When Log4Shell was discovered in December 2021, Tenable found that one in […]
Vulnerability management company Tenable is creating a new research alliance program designed to share information prior to vulnerability disclosures and reduce the window of opportunity threat actors have to exploit newly disclosed vulnerabilities. According to the company, the Tenable Research Alliance Program allows security teams and system administrators to address attack paths and mitigate vulnerabilities […]
Microsoft has released fixes for 85 vulnerabilities as part of the October 2022 Patch Tuesday, including 15 that are rated critical and one listed as being exploited in the wild. However, the company still has yet to release patches for the two Exchange vulnerabilities that were reported as being actively exploited last week. Admins should […]
Vulnerability management software provider Tenable is releasing Tenable One, a new exposure management platform designed to unify discovery and visibility into all assets and asses their exposures and vulnerabilities across the entire attack surface for proactive risk management. The company says Tenable One combines vulnerability management, external attack surface management, identity management and cloud security […]
Microsoft is warning organizations to mitigate two zero-day vulnerabilities in Exchange Server that are being actively exploited in the wild and can result in hands-on-keyboard access and Active Directory reconnaissance and data exfiltration. The vulnerabilities are CVE-2022-41040–a server-side request forgery (SSRF) vulnerability–and CVE-2022-41082–a remote code execution bug via Exchange PowerShell. According to Microsoft, CVE-2022-41040 can enable […]
Editor’s note: There is a lot going on in the world of IT, from emerging technologies to digital transformation and new cybersecurity threats. However, we can’t possibly cover it all, so we’ll bring you This Week in IT, a curated summary of IT and enterprise technology stories each week. The difficulties of vulnerability management in […]
Apple has discovered two actively exploited zero-day vulnerabilities that could give attackers full access to a wide range of Apple devices, prompting the company to release security updates and urging users to apply the fixes immediately. According to Apple, the two zero-day out-of-bounds write bugs affect iPhone 6s and later, all iPad Pro models, iPad […]
FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets
View all Guides
Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.
Enter Today!