eSecurity Planet

MARCH 19, 2024

Microsoft, as usual, led the pack in quantity for Patch Tuesday this March with fixes for nearly 59 vulnerabilities including two critical flaws. Patching teams may be busy with this anticipated work, but be sure to also address the off-schedule critical vulnerabilities that affect Fortinet, QNAP, Kubernetes, and WordPress plug-ins.

Authentication 102

Authentication VPN Software DDOS 102

eSecurity Planet

AUGUST 26, 2021

They could lead to escalation of privileges and remote code execution if exploited, enabling hackers to execute arbitrary code on a vulnerable machine, according to a warning issued by the Cybersecurity and Infrastructure Security Agency (CISA). Further reading: Top Patch Management Tools. Microsoft Faces Criticism for Response.

Ransomware 117

Ransomware Cybersecurity Manufacturing Engineering 117

DoublePulsar

DECEMBER 3, 2023

This Fedcomp platform was not patched for CitrixBleed, as no Netscaler patches had been applied since May 2023: [link] A ransomware group gained entry to Trellance via Ongoing Operations. AlphV ransomware group also claimed them: Fidelity National Financial also patched CitrixBleed late. First, let’s do a bit of background.

Ransomware 100

Ransomware Cybersecurity Healthcare Government 100

Malwarebytes

MARCH 9, 2021

Only last week we posted a blog about multiple zero-day exploits being used to attack on-premises versions of Microsoft Exchange Server in limited and targeted attacks. Attackers are using the Exchange bugs to access vulnerable servers before establishing web shells to gain persistence and steal information. A timeline.

Small Business 112

Small Business Antivirus VPN Software 112

eSecurity Planet

FEBRUARY 9, 2022

At the same time, the federal government is now adding another Microsoft flaw to its list of known vulnerabilities , giving federal agencies until Feb. 18 to patch a bug in all unpatched versions of Windows 10 and urging private and commercial organizations to remediate all flaws listed in its Known Exploited Vulnerabilities Catalog.

Risk 114

Risk Internet Internet Cybersecurity 114

eSecurity Planet

SEPTEMBER 5, 2023

Remote code execution (RCE) vulnerabilities, such as those exploited by a pair of botnets, highlight the hazards of unpatched devices and the need for patch management. Collectively, these episodes highlight the need for comprehensive cybersecurity defenses and timely patch management for risk mitigation.

VPN 96

VPN Authentication Ransomware Antivirus 96

Centraleyes

DECEMBER 6, 2023

STRATEGY # 3 – PATCH MANAGEMENT As we mentioned before, bugs and vulnerabilities in software are inevitable. Patches” are mitigations released by the creators of the various software and hardware to fix various bugs discovered. Applying those patches in a timely manner is critical to securing your system.

Risk 52

Risk Cyber Risk Software Information Security 52