article thumbnail

VulnRecap 2/26/24 – VMWare, Apple, ScreenConnect Face Risks

eSecurity Planet

The fix: System administrators are encouraged to install the Exchange Server 2019 Cumulative Update 14 (CU14), which was issued in February 2024 and enabled NTLM credentials Relay Protection. Despite VMware’s three-year-old deprecation statement, unprotected systems remain at risk.

Risk 104
article thumbnail

Weekly Vulnerability Recap – August 28, 2023 – Windows, Ivanti, Adobe Hit By Flaws

eSecurity Planet

Some of these attacks are challenging to detect because they look like they could be the behavior of legitimate system administrators. The FBI’s recommended fix for this solution is not a patch but rather the removal of any Barracuda ESG appliances from your business’s security infrastructure.

VPN 79
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Weekly Vulnerability Recap – August 28, 2023 – Windows, Ivanti, Adobe Hit By Flaws

eSecurity Planet

Some of these attacks are challenging to detect because they look like they could be the behavior of legitimate system administrators. The FBI’s recommended fix for this solution is not a patch but rather the removal of any Barracuda ESG appliances from your business’s security infrastructure.

VPN 64
article thumbnail

More ‘actionable’ intel needed from HHS to support health IT security

SC Magazine

For example, amid the heightened COVID-19-related cyberattacks in the initial months of the pandemic, the HHS Office for Civil Rights released a list of privacy and security resources to help providers bolster security defenses and prevent violations of the the Health Insurance Portability and Accountability Act.

article thumbnail

CSPM vs CWPP vs CIEM vs CNAPP: What’s the Difference?

eSecurity Planet

CWPP (Cloud Workload Protection Platforms) Cloud Workload Protection Platforms are a great option for companies looking to secure specific workloads and applications in the cloud. CWPP provides strong defenses against a wide range of risks such as malware , ransomware , DDoS attacks , configuration errors , insider threats, and data breaches.

article thumbnail

Weekly Vulnerability Recap – Sept. 11, 2023 – Android Update Fixes 33 Vulnerabilities

eSecurity Planet

8, 2023 Cisco Warns of Actively Exploited Zero-Day VPN Vulnerability Type of attack: Brute-force attack via zero-day vulnerability on credentials without MFA configuration used by ransomware gangs. This vulnerability has been exploited by ransomware groups to gain initial access to corporate networks.

VPN 103
article thumbnail

What Is VLAN Tagging? Definition & Best Practices

eSecurity Planet

For an example of VLANs used for network security segmentation purposes, see Building a Ransomware Resilient Architecture. Network administrators can reap all sorts of benefits from this organizational management framework for VLANs so long as they’re willing and able to troubleshoot their tagging setups and methodologies consistently.