My TechDecisions

Vulnerability Management

Tenable Cloud Security with Agentless Assessment and Live Results

Tenable Announces Cloud Security Agentless Assessment for Faster Detection

August 10, 2022 Zachary Comeau Leave a Comment

Vulnerability management software provider Tenable is introducing Tenable Cloud Security Agentless Assessment paired with Tenable Cloud Security Live results to help organizations remediate vulnerabilities faster and prevent zero-day bugs from being exploited. This unifies the company’s cloud security posture and vulnerability management tools into a single, agentless solution designed to help customers address the critical […]

Read More
Log4j, Older Vulnerabilities, CISA KEV

Log4Shell Will Remain an Issue For a Decade

July 25, 2022 Zachary Comeau Leave a Comment

The critical vulnerability discovered late last year in the popular Java logger Log4j will be impacting IT environments for years due to the difficulty in finding and remediating vulnerable instances of the tool, according to a new report from the U.S. Department of Homeland Security’s Cyber Safety Review Board. The board—established in the wake of […]

Read More
Log4j, Older Vulnerabilities, CISA KEV

Log4Shell Exploitation Continues, Agencies Warn

June 24, 2022 Zachary Comeau Leave a Comment

More than six months after the Log4Shell vulnerability was discovered in the widely used Java logger Log4j, cybersecurity agencies are warning of the continued exploitation of the bug in unpatched VMWare Horizon and Unified Access Gateway servers. The U.S. Cybersecurity and Infrastructure Agency (CISA), along with the U.S. Coast Guard Cyber Command (CGCYBER), say malicious […]

Read More
MIcrosoft Entra External ID

June 2022 Patch Tuesday: Follina Included in 60 Microsoft Bug Patches

June 14, 2022 Zachary Comeau Leave a Comment

Despite issuing patches for just 60 security bugs this month, Microsoft’s June Patch Tuesday release include a fix for Follina, a dangerous remote code execution zero-day in the company’s Windows Support Diagnostic Tool that is being actively exploited. According to Microsoft, attackers who successfully exploit the bug, tracked as CVE-2022-30190, can run arbitrary code with […]

Read More
Microsoft Defender Vulnerability Management

Microsoft Releases New Defender Vulnerability Management Tool In Public Preview

May 13, 2022 Zachary Comeau Leave a Comment

Microsoft is releasing a public preview of Microsoft Defender Vulnerability Management, a new single solution that includes Microsoft’s full set of vulnerability management capabilities to help companies mitigate software bugs more easily. According to Microsoft, the new Defender feature builds on core threat and vulnerability management tools launched in 2019, including threat and vulnerability management […]

Read More
SBOMs

Report: Older Vulnerabilities Plaguing Legacy Systems

March 8, 2022 Zachary Comeau Leave a Comment

New critical software vulnerabilities are discovered every month, but its older vulnerabilities in legacy systems that continue to plague IT departments and cybersecurity professionals, according to new research from cybersecurity firm F-Secure. The report, Attack Landscape Update, dishes on trending cybersecurity threats, including ransomware, malware, phishing and more, but the most alarming information in the […]

Read More
CISA Software Security

CISA Adds 95 New Bugs To Database Of Known Exploited Vulnerabilities

March 4, 2022 Zachary Comeau Leave a Comment

There are 95 new known exploited vulnerabilities that IT and security professionals should immediately investigate and mitigate, including several that date back at least a decade, according to the U.S. Cybersecurity and Infrastructure Security Agency (CISA). The agency added the vulnerabilities to its catalog of known exploited vulnerabilities based on evidence of exploitation in the […]

Read More
Microsoft Defender Endpoint Mobile

Microsoft Defender For Endpoint Can Now Manage Bugs in Android, iOS Devices

February 3, 2022 Zachary Comeau Leave a Comment

Microsoft is rolling out the general availability of a feature that allows administrators to manage the security and vulnerability management of Android and iOS devices with Microsoft Defender for Endpoint. The new cross-platform coverage, threat and vulnerability management capabilities now support all major device platforms across the organization, spanning workstations, servers and now mobile devices, […]

Read More