vulnerabilitiesCVE-2024-43451 and other reasons to update ASAP
Exploitation of vulnerability CVE-2024-43451 allows an attacker to steal an NTLMv2 hash with minimal interaction from the victim.
patches
15 articles
malwareAttack on cybersecurity researchers: pseudo-exploit for regreSSHion
Someone is targeting security experts using an archive that allegedly contains an exploit for the regreSSHion vulnerability.
regreSSHion vulnerability in OpenSSH
A new vulnerability allows remote attackers to gain root privileges on Linux servers. How easy is it for CVE-2024-6387 to be exploited – and how to prevent it
strategyThe top-10 mistakes made when configuring enterprise IT systems
Mistakes commonly found in almost every large organization. What should the inforsec team look out for, and what protective measures should they take?
What to patch first: prioritizing updates
Some thoughts on what PC software patches should be prioritized and why.
legacyHow to protect legacy IT systems
Legacy systems continue to toil away in embedded solutions, medical equipment, and precision instruments. How can the respective security risks be mitigated?
Nevermore: stop your company getting hacked again
After a hack, a company needs to improve security quickly and effectively. We outline the first steps to cyber-resilience.
Band-aid on a… corpse: Microsoft patches IE — again
July Microsoft Patch Tuesday: a collection of exploited vulnerabilities.
Massively exploited vulnerabilities in MS Exchange Server
Attackers exploit four dangerous vulnerabilities in Microsoft Exchange to get a foothold in the corporate network.
RSAC 2019: Seeking the perfect patching strategy
Researchers at RSAC 2019 reported on the current vulnerability landscape and built a model that helps with effective patching strategy.
android87% of Android smartphones are insecure and that’s no joke
Google’s Android OS is a vulnerable system. Developers make it worse by not providing critical patches in time.
Security Week 34: One cannot simply patch…
One can find a number of reasons why this very bug cannot be patched right now, or this quarter, or, like, ever. Yet, the problem has to be solved.
A Week in the News: Password Reuse Not All Bad?
Making a case for password reuse, Google hiring hackers to fix the Internet, Apple bolsters security across its services with strong Crypto, plus various fixes and more.
D-Link Patches Router Backdoor; Most Users Won’t Update
The networking giant D-Link has acknowledged and committed to fixing a very serious backdoor vulnerability in a number of its older routers. The vulnerability was uncovered by security researcher Craig
microsoftPatch Tuesday Closes Big Time Vulnerabilities, but Only if You Install Updates
Microsoft (and Adobe for that matter) released a slew of security updates in the May 2013 edition of their monthly patch Tuesday release. As always, if your machine isn’t set