Patch Management – Page 2 – WindowsTechs.com

Multiple ransomware gangs pounce on ‘PrintNightmare’ vulnerability

Posted on August 13, 2021 by Sean Lyngaas

The so-called PrintNightmare vulnerability in Microsoft software is turning into a dream for ransomware gangs. For the second time this week, security researchers have warned that extortionists exploited the critical flaw in an attempt to lock files and shake down victims. It shows how, more than a month after Microsoft disclosed the bug and urged users to update their software, a new round of exploitation is under way against vulnerable organizations. A ransomware group dubbed Vice Society recently seized on the PrintNightmare bug to move through an unnamed victim’s network and attempt to steal sensitive data, Talos, Cisco’s threat intelligence unit, said Thursday. A day earlier, cybersecurity firm CrowdStrike said that hackers using another type of ransomware had tried to use PrintNightmare to infect victims in South Korea. Neither Talos nor CrowdStrike named the targeted organizations. The PrintNightmare vulnerability affects how Windows’ Print Spooler manages interactions between computers and printers. […]

The post Multiple ransomware gangs pounce on ‘PrintNightmare’ vulnerability appeared first on CyberScoop.

Continue reading Multiple ransomware gangs pounce on ‘PrintNightmare’ vulnerability→

How the Best Defense Gets Better

Posted on June 28, 2021 by Matt Alderman

Security starts before detection and response, but many organizations focus there first. Mature security teams understand the importance of identification and protection. Establishing good cyber hygiene and taking proactive measures to secure themsel… Continue reading How the Best Defense Gets Better→

State-linked hackers hit American, European organizations with Pulse Secure exploits

Posted on April 20, 2021 by Sean Lyngaas

Two hacking groups, including one with ties to China, have in recent months exploited popular enterprise software to break into defense, financial and public sector organizations in the U.S. and Europe, security firm FireEye warned Tuesday. Attackers are exploiting old vulnerabilities — and one new one — in virtual private networking software made by Pulse Secure. Corporations and governments alike use the technology to manage data on their networks, though it has proven a popular foothold for spies over the years. One of the hacking groups in question uses techniques similar to a Chinese state-backed espionage group, according to FireEye incident response unit Mandiant. “We have also uncovered limited evidence to suggest that [the hacking group] operates on behalf of the Chinese government,” Mandiant said in a blog post. The company did not say, specifically, what evidence it uncovered tying the incident to China. More broadly, Mandiant Senior Vice President and […]

The post State-linked hackers hit American, European organizations with Pulse Secure exploits appeared first on CyberScoop.

Continue reading State-linked hackers hit American, European organizations with Pulse Secure exploits→

3 Vulnerabilities to Plug to Secure Your Customers’ Remote Workforce

Posted on April 7, 2021 by Matt Solomon

The migration to a remote workforce hit fast forward in the past year as businesses around the world asked employeesRead More
The post 3 Vulnerabilities to Plug to Secure Your Customers’ Remote Workforce appeared first on Kaseya.
The post 3 Vulnerabil… Continue reading 3 Vulnerabilities to Plug to Secure Your Customers’ Remote Workforce→

Patch Management in the Post-SolarWinds Era

Posted on March 18, 2021 by Nathan Eddy

The SolarWinds breach, in which hackers inserted malware into software updates sent to thousands of customers and created a backdoor to their IT systems, suggests organizations need to seriously rethink patch management. Until recently, installing pat… Continue reading Patch Management in the Post-SolarWinds Era→

CISA orders US agencies to address Microsoft flaws exploited by suspected Chinese hackers

Posted on March 3, 2021 by Sean Lyngaas

The Department of Homeland Security’s cybersecurity division on Wednesday ordered federal civilian agencies to address flaws in a popular email software program at the center of a suspected Chinese spying campaign. The “emergency directive” from DHS’s Cybersecurity and Infrastructure Security Agency requires agencies to either apply security fixes for the vulnerabilities in the Microsoft Exchange Server software, or, if a compromise is found, to disconnect the program until it can be securely reconfigured. The CISA order comes a day after Microsoft revealed that China-based hackers were using the previously unknown software bugs to steal data from select targets. The hacking group, called Hafnium, has previously tried to breach U.S.-based infectious disease researchers, defense contractors and educational institutions, Microsoft said. The suspected Chinese hackers used one of the vulnerabilities to “steal the full contents of several user mailboxes,” according to Volexity, a cybersecurity firm that investigated the breaches. Exchange Server is used in […]

The post CISA orders US agencies to address Microsoft flaws exploited by suspected Chinese hackers appeared first on CyberScoop.

Continue reading CISA orders US agencies to address Microsoft flaws exploited by suspected Chinese hackers→

How to Defend Linux from Attacks

Posted on February 25, 2021 by Matt Alderman

Although Linux is still a fraction of the market share of Microsoft Windows and Mac OS X, its growth continues to accelerate. Linux will continue to grow at compounded annual growth rate (CAGR) of 19.2% through 2027. Some of the primary factors for … Continue reading How to Defend Linux from Attacks→

Third-Party Patching: Everything You Need to Know

Posted on February 18, 2021 by John Emmitt

Timely deployment of patches is critical for maintaining the security of your IT systems. Through efficient patch management, you canRead More
The post Third-Party Patching: Everything You Need to Know appeared first on Kaseya.
The post Third-Party Pa… Continue reading Third-Party Patching: Everything You Need to Know→

Reading the Application Security Tea Leaves – How to Interpret the Analyst Reports

Posted on February 16, 2021 by Matt Alderman

There are a number of industry analyst reports on application security. Each analyst firm and report takes its own slice of the market to analyze and report on vendors within that market. For example, the Forrester Wave focuses on Static Application… Continue reading Reading the Application Security Tea Leaves – How to Interpret the Analyst Reports→

Why Every Company Needs a Software Update Schedule

Posted on February 12, 2021 by Sue Poremba

Software without the most recent patch is like an unlocked door for threat actors. They know the openings are there and can just walk in. But patching and a software update schedule can make sure that door stays locked. Applying patches isn’t difficult. Click a few buttons, reboot and you are good to go. Even […]

The post Why Every Company Needs a Software Update Schedule appeared first on Security Intelligence.

Continue reading Why Every Company Needs a Software Update Schedule→