CISA Aims For More Robust Open Source Software Security for Government and Critical Infrastructure

The agency’s roadmap outlines a plan for prioritizing where open source software makes infrastructure potentially vulnerable. Continue reading CISA Aims For More Robust Open Source Software Security for Government and Critical Infrastructure

Infosec products of the month: August 2023

Here’s a look at the most interesting products from the past month, featuring releases from: Action1, Adaptive Shield, Bitdefender, Bitwarden, Forescout, ImmuniWeb, Kingston Digital, LastPass, Lineaje, LOKKER, Menlo Security, MongoDB, Netskope, NetSPI,… Continue reading Infosec products of the month: August 2023

Action1 platform update bridges the gap between vulnerability discovery and remediation

Action1 Corporation has released a new version of its solution. The updated Action1 patch management platform brings together vulnerability discovery and remediation, helping enterprises fortify their defenses against threats such as ransomware infecti… Continue reading Action1 platform update bridges the gap between vulnerability discovery and remediation

Microsoft Patch Tuesday, June 2023 Edition

Microsoft Corp. today released software updates to fix dozens of security vulnerabilities in its Windows operating systems and other software. This month’s relatively light patch load has another added bonus for system administrators everywhere: It appears to be the first Patch Tuesday since March 2022 that isn’t marred by the active exploitation of a zero-day vulnerability in Microsoft’s products. Continue reading Microsoft Patch Tuesday, June 2023 Edition

The era of passive cybersecurity awareness training is over

Despite increased emphasis on cybersecurity from authorities and high-profile breaches, critical gaps in vulnerability management within organizations are being overlooked by executive leadership teams, according to Action1. These gaps leave organizati… Continue reading The era of passive cybersecurity awareness training is over

Action1 platform upgrades enable organizations to mitigate security and non-compliance risks

Action1 released the new version of its solution, helping internal IT departments and managed service providers (MSPs) intelligently automate patching and remediation of security vulnerabilities across their endpoints and monitor patching results in re… Continue reading Action1 platform upgrades enable organizations to mitigate security and non-compliance risks

Microsoft fixes exploited zero-day, revokes certificate used to sign malicious drivers (CVE-2022-44698)

It’s December 2022 Patch Tuesday, and Microsoft has delivered fixes for 50+ vulnerabilities, including a Windows SmartScreen bypass flaw (CVE-2022-44698) exploited by attackers to deliver a variety of malware. CVE-2022-44698 CVE-2022-44698 affect… Continue reading Microsoft fixes exploited zero-day, revokes certificate used to sign malicious drivers (CVE-2022-44698)

Microsoft patches Windows flaw exploited in the wild (CVE-2022-41033)

October 2022 Patch Tuesday is here, with fixes for 85 CVE-numbered vulnerabilities, including CVE-2022-41033, a vulnerability in Windows COM+ Event System Service that has been found being exploited in the wild. But, first and foremost, it should be no… Continue reading Microsoft patches Windows flaw exploited in the wild (CVE-2022-41033)

Infosec products of the month: July 2022

Here’s a look at the most interesting products from the past month, featuring releases from: Action1, Aqua Security, Cato Networks, CertiK, CoSoSys, CyberArk, Darktrace, Deloitte, EnGenius, Flashpoint, Fusion Risk Management, G-Core Labs, Kingston Digi… Continue reading Infosec products of the month: July 2022