patching – Page 4 – WindowsTechs.com

How to reason about CVEs packaged in other open source software

Posted on August 11, 2023 by Tomas

I am reasoning about how to form a policy on CVEs found in software components that do not come from the software itself, but comes in a built-in dependency of that software.
Take the example of a software component built on Java maintaine… Continue reading How to reason about CVEs packaged in other open source software→

Android n-day bugs pose zero-day threat

Posted on August 1, 2023 by Helga Labus

In the Android ecosystem, n-day vulnerabilities are almost as dangerous as zero-days, according to Google’s review of zero-days exploited in the wild in 2022. N-days functioning as zero-days Zero-days are software bugs that are unknown to the ven… Continue reading Android n-day bugs pose zero-day threat→

A step-by-step guide for patching software vulnerabilities

Posted on July 27, 2023 by Help Net Security

Coalition’s recent Cyber Threat Index 2023 predicts the average Common Vulnerabilities and Exposures (CVEs) rate will rise by 13% over 2022 to more than 1,900 per month in 2023. As thousands of patches and updates are released each month, organizations… Continue reading A step-by-step guide for patching software vulnerabilities→

Is Open-Source Security a Ticking Cyber Time Bomb?

Posted on June 29, 2023 by Sue Poremba

Software depends on layers of code, and much of that code comes from open-source libraries. According to an Octoverse 2022 report, open-source code is used in 97% of applications. Not only do developers embrace open source, but so do nine in 10 companies. “Open-source software is the foundation of 99% of the world’s software,” Martin […]

The post Is Open-Source Security a Ticking Cyber Time Bomb? appeared first on Security Intelligence.

Continue reading Is Open-Source Security a Ticking Cyber Time Bomb?→

Micropatches: What they are and how they work

Posted on June 29, 2023 by Help Net Security

In this Help Net Security video, Mitja Kolsek, CEO at Acros Security, discusses micropatches, a solution to a huge security problem. With micropatches, there are no reboots or downtime when patching and no fear that an official update will break produc… Continue reading Micropatches: What they are and how they work→

Best solution for enterprise endpoint patch management [migrated]

Posted on June 28, 2023 by Simon Erasmus

The environment: A landscape of 4500+ endpoints connected to a corporate network, of which most but not all devices are Windows Desktop devices. The devices are managed by a local / on-prem AD NOT Azure. The devices are not managed by Offi… Continue reading Best solution for enterprise endpoint patch management [migrated]→

Hypervisors and Ransomware: Defending Attractive Targets

Posted on May 23, 2023 by George Platsis

With every step towards better cyber defense, malicious attackers counter with new tactics, techniques and procedures. It’s not like the attackers are going to say, “All right, you made it too tough for us this time; we’re checking out.” That is not happening. Increased use of virtualization comes with both operational efficiencies and abilities to […]

The post Hypervisors and Ransomware: Defending Attractive Targets appeared first on Security Intelligence.

Continue reading Hypervisors and Ransomware: Defending Attractive Targets→

Is Patching the Holy Grail of Cybersecurity?

Posted on May 18, 2023 by Michelle Greenlee

A proactive approach to cybersecurity includes ensuring all software is up-to-date across assets. This also includes applying patches to close up vulnerabilities. This practice minimizes risk, as it eliminates outdated software versions in the process. Does this make patching a catch-all cybersecurity solution? While patching is an important component of cybersecurity, other security solutions and […]

The post Is Patching the Holy Grail of Cybersecurity? appeared first on Security Intelligence.

Continue reading Is Patching the Holy Grail of Cybersecurity?→

How Morris Worm Command and Control Changed Cybersecurity

Posted on May 1, 2023 by Jonathan Reed

A successful cyberattack requires more than just gaining entry into a victim’s network. To truly reap the rewards, attackers must maintain a persistent presence within the system. After establishing communication with other compromised network devices, actors can stealthily extract valuable data. The key to all this is a well-developed Command and Control (C2 or C&C) […]

The post How Morris Worm Command and Control Changed Cybersecurity appeared first on Security Intelligence.

Continue reading How Morris Worm Command and Control Changed Cybersecurity→

April 2023 Patch Tuesday forecast: The vulnerability discovery race

Posted on April 7, 2023 by Help Net Security

The answer to the question “Why does software continue to have so many vulnerabilities?” is complex, because the software itself is so complex. There’ve been many articles written that cover the lack of tools to test for vulnerabilities, the security k… Continue reading April 2023 Patch Tuesday forecast: The vulnerability discovery race→