article thumbnail

VulnRecap 2/26/24 – VMWare, Apple, ScreenConnect Face Risks

eSecurity Planet

The fix: System administrators are encouraged to install the Exchange Server 2019 Cumulative Update 14 (CU14), which was issued in February 2024 and enabled NTLM credentials Relay Protection. Despite VMware’s three-year-old deprecation statement, unprotected systems remain at risk.

Risk 113
article thumbnail

Vulnerability Recap 9/16/24 – Critical Endpoint Flaws Emerged

eSecurity Planet

Users should immediately update to the most recent versions by going to System Configuration > System Administration > Update Software. It’s strongly advised that you follow the company’s security hardening requirements to protect your systems further.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Black Hat AI Tools Fuel Rise in Business Email Compromise (BEC) Attacks

eSecurity Planet

Such a never-ending hunt for exploits could leave system administrators with little to no time to fix vulnerabilities and keep their systems secure, leaving a wide range of systems vulnerable to exploitation, causing widespread and significant damage.

article thumbnail

Weekly Vulnerability Recap – August 28, 2023 – Windows, Ivanti, Adobe Hit By Flaws

eSecurity Planet

Some of these attacks are challenging to detect because they look like they could be the behavior of legitimate system administrators. The security bulletin was last updated August 25. Threat actors can use WFP to escalate their privileges on Windows.

VPN 97
article thumbnail

Vulnerability Recap 7/15/24 – Industry Patches vs Flaw Exploits

eSecurity Planet

System administrators should promptly update to the most recent version (4.98). While no active exploitation has been confirmed, more than 1.5 million Exim servers remain vulnerable worldwide, especially in the United States, Russia, and Canada. The fix: Exim developers issued a patch to solve CVE-2024-39929.

article thumbnail

Weekly Vulnerability Recap – August 28, 2023 – Windows, Ivanti, Adobe Hit By Flaws

eSecurity Planet

Some of these attacks are challenging to detect because they look like they could be the behavior of legitimate system administrators. The security bulletin was last updated August 25. Threat actors can use WFP to escalate their privileges on Windows.

VPN 84
article thumbnail

More ‘actionable’ intel needed from HHS to support health IT security

SC Magazine

For example, amid the heightened COVID-19-related cyberattacks in the initial months of the pandemic, the HHS Office for Civil Rights released a list of privacy and security resources to help providers bolster security defenses and prevent violations of the the Health Insurance Portability and Accountability Act.