Cybersecurity Awareness Month 2023: Reflecting on 20 years of Patch Tuesday
Discover how Patch Tuesady has evolved over the past 20 years in the article by Mike Walters, President and co-founder of Action1.
Hacktivism in the war between Hamas and Israel, with a possibility of escalation. Healthcare cybersecurity. Looting FTX. CISA releases resources to counter ransomware.
OCT 13, 2023
Join Mike Walters, co-founder of the cybersecurity firm Action1, and Dave Bittner, co-founder of CyberWire, in their conversation about the 20th anniversary of Patch Tuesday.
Microsoft Patch Tuesday Haunted by Zero-Days, Wormable Bug
OCT 10, 2023
“To exploit this vulnerability, an attacker must first gain access to the system,” explained Mike Walters, president and co-founder of Action1, in October Patch Tuesday commentary.
Navigating 20 years of cybersecurity: The evolution of patch management
SEP 24, 2023
Discover how patch management has evolved over the past 20 years in the article by Mike Walters, President and co-founder of Action1.
CISA Aims For More Robust Open Source Software Security for Government and Critical Infrastructure
“While government agencies have made progress in addressing open source security, it is evident that further action is needed to enhance the protection of critical infrastructure and corporate assets,” said Mike Walters, vice president of vulnerability and threat research and co-founder of patch management software company Action1.
Microsoft Patch Tuesday Includes Word, Streaming Service Zero-Days
Action1 vice president of vulnerability and threat research Mike Walters noted in a blog post that while CVE-2023-38148 seems particularly threatening due to its low attack complexity and since it requires no privileges or user interaction, it can only target systems in the same network segment as the attacker.
Google Fixes 26 Bugs Amid Fake Update Warning
Mike Walters, VP of vulnerability and threat research and co-founder of Action1, highlighted CVE-2023-2312 as one of the most critical vulnerabilities.
Action1 platform update bridges the gap between vulnerability discovery and remediation
The updated Action1 patch management platform brings together vulnerability discovery and remediation, helping enterprises fortify their defenses against threats such as ransomware infections and security breaches.
Urgent New Windows Security Update: 6 Critical Vulnerabilities Patched
“It’s important to note that all versions of Microsoft Office since 2013 are affected by this vulnerability,” Walters said. Microsoft points out that a fix for users of Office 2019 and Office LTSC 2021 for Mac, “are not immediately available.”
Sysadmins are being left out of AI implementation
JUL 28, 2023
According to a study by patch management platform vendor Action1, 82 percent of sysadmins said their employers did not require AI implementation in their roles, while 73 percent lacked understanding of strategic AI implementation in their area of expertise.
CISA gives US civilian agencies until August 1 to resolve four Microsoft vulnerabilities
Mike Walters, co-founder of cybersecurity firm Action1, said CVE-2023-32046 on its own was concerning because of how it will be used by hackers.
Microsoft Scorches 132 Flaws in July's Security Patch
Despite the flaw only being rated “important” by Microsoft, this patch should have IT’s full attention, according to Mike Walters, VP of Vulnerability and Threat Research at security firm Action1.
Action1 raises $20M to implement zero-knowledge architecture into its platform
Risk-based patch management startup Action1 Corp. has today announced that it has raised $20 million in new funding for research and development, focusing specifically on implementing zero-knowledge architecture into its platform.
Microsoft Patch Tuesday, June 2023 Edition
Security firm Action1 says all three bugs (CVE-2023-32015, CVE-2023-32014, and CVE-2023-29363) can be exploited over the network without requiring any privileges or user interaction, and affected systems include all versions of Windows Server 2008 and later, as well as Windows 10 and later.
New Emergency Google Chrome Security Update—0Day Exploit Confirmed
CVE-2023-3079 is the third zero-day of 2023 for Google Chrome. It poses a significant risk, according to Mike Walters, VP of vulnerability and threat research at risk-based patch management specialists Action1.
Secure Boot vulnerability causes Patch Tuesday headache for admins
“In an email attack scenario, an attacker could exploit the vulnerability by sending a specially crafted email message to the victim,” said Action1 co-founder and vice-president of vulnerability and threat research Mike Walters.
Microsoft Patches Three Zero-Day Bugs This Month
“It has a local attack vector, meaning the attacker needs access to the targeted system. The attack complexity is low, requiring minimal privileges and no user interaction,” explained Mike Walters, VP of vulnerability and threat research at Action1.
Patch manager Action1 to add vulnerability discovery, prioritization
Cloud-native, patch-management application provider Action1 is set to add vulnerability discovery and prioritization capabilities to its namesake flagship platform to help businesses stay ahead of software exploits.
Windows CLFS Vulnerability Used for Ransomware Attacks
Action1 VP of vulnerability and threat research Mike Walters highlighted two additional RCE flaws from the current updates. The first, CVE-2023-28311, is a remote code execution vulnerability in Microsoft Word with a CVE score of 7.8.
LastPass Breach Reveals Important Lessons
APRIL 12, 2023
Read the article by Mike Walters, President and Co-founder of Action1, to learn from LastPass mistakes and improve your cybersecurity strategy.
Microsoft Fixes Zero-Day Bug This Patch Tuesday
No proof of concept has been discovered for the exploit as yet, so Microsoft customers should patch immediately, advised Mike Walters, VP of vulnerability and threat research at Action1.
Check your Chrome browser now! Google releases vital update all users need to download
Mike Walters, VP of Vulnerability and Threat Research at Action1 noted that all of the vulnerabilities that were patched today were of “high severity”
Microsoft Patch Tuesday, March 2023 Edition
MARCH 15, 2023
Patch management vendor Action1 notes that the exploit for this bug is low in complexity and requires no special privileges. But it does require some user interaction, and can’t be used to gain access to private information or privileges.
Why You Should Stop Using LastPass After New Hack Method Update
“These incidents demonstrate the critical importance of privileged access management, as the attackers specifically targeted employees (in this case, DevOps personnel) with privileged access to sensitive systems and data,” Mike Walters, vice president of vulnerability and threat research at Action1, said.
CISA Warns Against Malicious Use of Legitimate RMM Software
“The tricky part is that malicious activity of this type is not always obvious to a vendor,” commented Mike Walters, VP of vulnerability and threat research at Action1.”
GoTo breach compromised encrypted backups
The GoTo breach signifies the risks of maintaining encryption keys within the same or interconnected environment as backups, according to Action1’s Mike Walters.
Microsoft Kicks off 2023 with a 98 Flaw Security Patch
Microsoft has already seen this hole [CVE-2023-21674] being exploited in the wild. However, the nature of the flaw has yet to be publicly disclosed. Despite that, IT should still make it a top priority, as exploiting it should be relatively simple, according to Mike Walters, Co-founder of Action1.
LastPass hacker got customer information and their encrypted vault data
DECEMBER 24, 2022
“Users should beware of sophisticated phishing attacks aimed at stealing their master password,” said Mike Walters, vice-president of vulnerability and threat research at Action1, a provider of patch management solutions.
Action1 platform upgrades enable organizations to mitigate security and non-compliance risks
DECEMBER 19, 2022
Action1 released the new version of its solution, helping organizations intelligently automate patching and remediation of security vulnerabilities across their endpoints and monitor patching results in real-time.
Microsoft Patches Zero-Day Magniber Ransomware Hackers Used
Mike Walters, vice president of vulnerability and threat research at Action1, says the high-impact bug could have repercussions for Windows operating systems, starting with Windows 7 and Windows Server 2008 R2, PowerShell 7.2 and 7.3.
Microsoft Squashes Zero-Day, Actively Exploited Bugs in Dec. Update
DECEMBER 13, 2022
Mike Walters, vice president of vulnerability and threat research at Action1 Corp., also pointed to a Windows Print Spooler elevation of privilege vulnerability (CVE-2022-44678), as another issue to watch.
CISA adds Google zero-day to exploited vulnerabilities list
DECEMBER 6, 2022
Mike Walters, vice president of vulnerability and threat research at Action1, added that the vulnerability affects all versions of the browser on all platforms.
Action1 launches threat actor filtering to block remote management platform abuse
The cloud-native patch management, remote access, and remote monitoring and management (RMM) firm stated its platform has been upgraded to spot abnormal user behavior and automatically block threat actors to prevent attackers exploiting its tool to carry out malicious activity.
Action1 Review Free Cloud-Native Patch Management for Windows
DECEMBER 5, 2022
It is easy to get started with Action1. In as little as 5 minutes, you can have your first endpoints deployed with data already pulled into a dashboard.
Security Expert Warns ‘Update Google Chrome Now’ As CISA 0Day Deadline Revealed
DECEMBER 6, 2022
“It is very likely that this vulnerability allows remote code execution,” Mike Walters, vice-president of vulnerability and threat research at Action1, says.
LastPass Suffers Second Major Data Breach in Four Months
“Since the company claims that the current hack is based on data compromised in the previous hack, this raises the question: Why did they not learn from the earlier hack and correct the root cause?” Mike Walters, VP of vulnerability and threat research at Action1, told Spiceworks.
ProxyNotShell Finally Gets Patched by Microsoft
NOVEMBER 10, 2022
“It took Microsoft more than two months to provide the patch, even though the company admitted that ProxyNotShell actively exploited the vulnerabilities in targeted attacks against at least 10 large organizations,” Mike Walters of Action1 said.
Google Pays Chrome Hackers $45,000, Releases High-Severity Security Update
NOVEMBER 9, 2022
All of the vulnerabilities, Mike Walters, VP of Vulnerability and Threat Research at Action1 explains, “can be exploited only if a user visits a website with malicious payloads, such as by clicking on a link in a phishing email or through careless browsing.”
Cloud-based patch management with Action1
In my opinion, the value and capabilities offered by Action1 keep improving with each new quarterly release. The platform’s comprehensive feature set provides IT admins with all capabilities they need to maintain visibility and control over endpoint patching.
Microsoft Quashes Bevy of Actively Exploited Zero-Days for November Patch Tuesday
NOVEMBER 8, 2022
Microsoft still searching for zero-day fixes following Patch Tuesday
OCTOBER 12, 2022
“CVE-2022-37968, [a] connect elevation of privilege vulnerability, has a rare CVSS score of 10, said Mike Walters, VP of vulnerability and threat research at Action1.
Microsoft patches Windows flaw exploited in the wild (CVE-2022-41033)
“The Windows COM+ Event System Service is launched by default with the operating system and is responsible for providing notifications about logons and logoffs,” says Mike Walters.
Microsoft Fixes Actively Exploited Zero-Day, 63 Other Bugs
SPETEMBER 14, 2022
Mike Walters tells Information Security Media Group that the vulnerability affects IKEv1 and IKEv2. All Windows servers are affected, because they accept packets from both versions.
Microsoft Releases Updates to Fix 62 Software Vulnerabilities
SEPTEMBER 14, 2022
As Mike Walters, cybersecurity executive and co-founder of Action1, told us, this is the smallest number of vulnerabilities being resolved as part of the monthly Patch Tuesday cycle this year.
Microsoft patches 64 vulnerabilities on September Patch Tuesday
SEPTEMBER 14, 2022
Mike Walters, co-founder of Action1, warned security teams to pay attention to CVE-2022-34724, a denial of service vulnerability in Windows DNS Server, which he said was likely to be exploited.
Microsoft Fixes Two Zero-Days This Patch Tuesday
“An unauthenticated attacker could send a specially crafted IP packet to a target machine that is running Windows and has IPSec enabled, which could enable remote code execution,” warned Action1 co-founder, Mike Walters.
Microsoft September Patch Bundle Addresses 64 Vulnerabilities
SEPTEMBER 13, 2022
CVE-2022-37969’s low complexity makes it a concern, according to Mike Walters, the cybersecurity executive and cofounder of Action1.
Microsoft Quashes Actively Exploited Zero-Day, Wormable Critical Bugs
SEPTEMBER 13, 2022
“Since the vulnerability has low complexity and requires no user interaction, an exploit will likely soon be in the arsenal of both white hats and black hats,” Mike Walters, co-founder of Action1, wrote in an analysis provided to Dark Reading.
August Patch Tuesday: Microsoft Fixes Two Zero-Day and 17 Critical Vulnerabilities
Mike Walters, co-founder of Action1, told Spiceworks, “This is the latest in a set of NFS vulnerabilities that Microsoft has been fixing monthly. It began in May when NFSv2 was fixed.”
Surge in CVEs as Microsoft Fixes Exploited Zero Day Bugs
AUGUST 10, 2022
“These vulnerabilities enable a network attack that does not require any action from the user,” explained Action1 co-founder, Mike Walters.
New 0Day Hack Attack Alert Issued For All Windows Users
JULY 15, 2022
“Windows CSRSS Elevation of Privilege, tracked as CVE-2022-22047, is critical because it is actively exploited in the wild,” says Mike Walters, co-founder of Action1.
July Patch Tuesday brings more than 80 fixes, one zero-day
JULY 12, 2022
Mike Walters, co-founder of Action1, added: “Vulnerabilities of this type are great for taking control over a workstation or server when they are paired with phishing attacks that use Office documents with macros.”
New infosec products of the week: July 8, 2022
JULY 8, 2022
Action1 released a new version of the platform, empowering MSPs and IT departments to mitigate and remediate security vulnerabilities on their managed endpoints more efficiently.
Action1 Updates Target Automation, Patch Management
JULY 7, 2022
‘The benefit of having a platform with a strong vulnerability management system is important for clients, and that is a focus of Action1,’ says Action1 President Mike Walters.
Why Browser Vulnerabilities Are a Serious Threat — and How to Minimize Your Risk
JULY 5, 2022
Why is it important to automate patching not only for OS, but also for 3rd-party software such as web browsers? Read on to find out in a column by Mike Walters, President and Co-Founder of Action1.
Critical New Security Update For Millions Of Windows 10, 11 & Server Users
JUNE 18, 2022
According to Mike Walters, cybersecurity executive and co-founder of Action1, it is believed “an exploit for this vulnerability has been developed, although this information has not been confirmed.”
ICYMI: Our Channel News Roundup for the Week of June 6th
JUNE 10, 2022
Action1 will provide free automated scripting to mitigate a newly-discovered Windows zero-day exploit nicknamed Follina. Free for your first 100 endpoints.
Winners of The IT Europa Channel Awards 2022 revealed
MAY 20, 2022
Action1 became the highly commend for Best Remote Management Solution and for MssP Solution of the Year at the IT Europa Channel Awards.
Meet the 2022 ChannelPro Vendors on the Vanguard
MAY 18, 2022
Action1 was recognized among the 2022 ChannelPro’s selection of cool new names to know in cloud computing, IT management, and security.
Three Tips To Mitigate Security Risks Of Hybrid Work As Data Breaches Hit Record Numbers
MAY 11, 2022
Mike Walters, President and Co-founder of Action, shared his advice on how to improve endpoint security in a hybrid work environment.
Council Post: 14 Tips For Developing An Effective System For Managing Remote Tech Equipment
APRIL 5, 2022
Mike Walters, President and Co-foundeer of Action1, shared his advice on how to effectively manage remote tech equipment and improve security.
3 Cybersecurity Trends MSPs Can Turn Into Business Opportunities
APRIL 4, 2022
Read on the article by Branden Boag, Director of Sales & Alliances at Action1, to learn some practical strategies for leveraging cybersecurity trends to better serve MSPs’ customers.
Four Practical Steps To Eliminate Shadow IT Permanently
FEBRUARY 25, 2022
Read on a new post by Mike Walters on Forbes Technology Council and learn top tips on how to combat Shadow IT, improve security and become more competitive.
Devastating breaches apparently still not enough for organizations to prioritize endpoint security
FEBRUARY 25, 2022
Action1 released a report based on feedback from 491 IT professionals worldwide. The study explores the extent to which organizations plan to prioritize endpoint security and management practices.
ICYMI: Our Channel News Roundup for the Week of January 17th
JANUARY 24, 2022
Action1 now offers it’s RMM cloud tool free (link is external) for organizations and MSPs with up to 100 endpoints. Free as in forever, not a trial.
Action1 partners with Brigantia to deliver its RMM platform in the UK and Ireland
JANUARY 11, 2022
The new partnership will enable managed service providers to efficiently manage and secure hybrid workforce environments by ensuring prompt patching of vulnerabilities.
Action1 empowers MSPs
Watch the talk between MIke Walters, co-founder of Action1, and Julian Lee, publisher of eChannelNews, about the rmm industry and the recent Action1 release.
Patching in the Modern Organization: Why a Key Security Control Is Still Overlooked
Read on the article by Mike Walters, co-founder of Action1, about the challenges that prevent organizations from establishing a robust patch management program.
Five cybersecurity lessons learned in 2021
DECEMBER 17, 2021
Read on the article from Alex Vovk, CEO & Co-founder of Action1, on how organizations can become more resilient by learning from the challenges of 2021.
Review of Action1
Whenever I write a review for the site, I like to conclude the review by giving the product a star rating ranging from 0 to 5 stars, with a five-star rating being the highest possible score. All things considered, I decided to give Action1 a score of 4.6 stars, which is a gold star review.
ICYMI: Our Channel News Roundup for the Week of December 6th
Action1 released a new version of its cloud RMM platform, giving MSPs and IT departments visibility and control over corporate endpoints with real-time visibility into vulnerabilities and IT assets.
Report: Remote Work Makes Patch Management Much Harder
NOVEMBER 30, 2021
Patching remote endpoints takes 2.5 times longer, and resolving IT support requests takes twice as long for remote employees, survey finds.
Patching takes 2.5 times longer when endpoints are remote
NOVEMBER 30, 2021
The Action1 study explores how organizations patch and manage their remote and office-based endpoints and provide employees with remote IT support.
WFH security: How to protect your remote endpoints from vulnerabilities
NOVEMBER 29, 2021
Many organizations lack an effective patch management program, especially when it comes to patching remote systems, says Action1.
Action1: Remote monitoring and management in a single platform
OCTOBER 28, 2021
Read on the Action1 review by Brandon Lee, a blogger and senior network engineer with 15+ years of experience in IT.
How to Address the Top 5 Cybersecurity Challenges in Hybrid Work
SEPTEMBER 30, 2021
As most organizations plan to combine in-office and remote work in 2022, managing remote endpoints becomes one of the top challenges for IT teams. Read the article by Mike Walters, co-founder of Action1, to learn more.
5 Channel Partner Program And MSP News Updates: 30 July 2021
JULY 30, 2021
Remote monitoring and management (RMM) software provider Action1 says Q2 revenue increased more than 1,800 percent amid growth across North America and Europe.
Understanding and Mitigating Insider Threats in Today's Remote-Work World
JULY 23, 2021
Product Showcase: Action1
JULY 21, 2021
The article describes Action1 in great detail. Read on to learn how to overcome the limitations of traditional approaches to remote IT management with a comprehensive cloud-native Action1 platform.
5 Free Open Source Patch Management Tools Your Enterprise Needs
JUNE 3, 2021
Action1 was mentioned in the selection of free enterprise patch management tools. The author appreciated Action1’s capability to quickly scan workstations across the organization’s IT environment and define their vulnerabilities.
Updated Action1 Further Enhances Remote Workforce Security and Business Continuity
JUNE 2, 2021
The updated Action1 enables IT teams to minimize the risk of cyberattacks exploiting unauthorized applications or unpatched vulnerabilities on remote endpoints.
Action1: Provider of a Cloud-Based RMM Platform that Enables Organizations to Manage Their Remote Endpoints Securely
MAY 27, 2021
An interview with Action1 co-founders Alex Vovk and Mike Walters.
Updated Action1 Enhances Remote Workforce Security and Business Continuity
MAY 27, 2021
The updated Action1 enables IT teams to minimize the risk of cyberattacks exploiting unauthorized applications or unpatched vulnerabilities in drivers on remote endpoints.
Action1: Cloud-based Remote Management and Endpoint Security Platform
APRIL 26, 2021
We had a conversation with the two founders Alex Vovk (CEO) and Mike Walters (President), the co-founders of Action1, to learn more about the company.
Interview With Alex Vovk and Mike Walters — Action1
APRIL 17, 2021
In their interview, founders of Action1 Alex Vovk (CEO) and Mike Walters (President) share the story of creating Action1 solution and talk about the worst cyberthreats organizations face today.
Review of Action1 Enterprise Cybersecurity Solution for IT Administrators
APRIL 16, 2021
Just before COVID-19 hit, we spotted a solution for remote monitoring and management (RMM) — which turned out to be especially valuable as we switched to remote work.
Action1 System Allows MSPs and IT Departments to Take Control of Remote Workforces
MARCH 25, 2021
Action1 announced the release of its new RMM system. Newly added features include role-based access control (RBAC), easy-to-use workflows, and more.
TechRadar Pro — Action1 review
JANUARY 29, 2021
A comprehensive cloud-based endpoint manager with a stack of powerful features, any one of which could justify installing the service all on its own. If you’re responsible for a bunch of remote PCs, go check it out immediately.
How Organizations Can Do Their Part and Be CyberSmart Beyond National Cyber Security Awareness Month
OCTOBER 28, 2020
With Action1, organizations can maintain the same standards of security patching for remote employees working from home, as for office-based employees.
Overcoming Traditional IT Security Technology Limitations with Remote Workforce
OCTOBER 27, 2020
In his article, Branden Lee, Endpoint Security Expert at Action1, offers strategies to overcome the limitations of on-premise IT security technologies in the remote-first world by using cloud-native tools.
Ignoring Patch Updates While Working Remote? This Could Be a Costly Mistake, Warns Action1
OCTOBER 13, 2020
IDG, in one of its cybersecurity based reports, revealed that 60% of breaches involved vulnerabilities for which a patch was available but not applied.
Action1 Adds Remote Access Features to Cloud-based Endpoint Management
SEPTEMBER 28, 2020
System administrators and IT technicians can now use the software to access computers from afar, without the need for additional agents or VPN.
Action1 Releases Cloud-based Remote Access and Support
SEPTEMBER 28, 2020
Action1 provides a cloud-based endpoint security platform that enables patch management, remote access, software deployment, IT asset inventory, reporting, and more.
Install Windows Updates Remotely from the Cloud with Action1
MAY 20, 2020
I really like the Action1 solution. It provides IT admins with powerful tools to manage the environment wherever the various server or client resources exist, both on-premises or elsewhere.
Product Review: Action1: Manage Endpoints From the Cloud
FEBRUARY 18, 2020
It was really easy to get set up with the cloud dashboard and get a connector machine up and running. The features added recently, such as the software inventory, are great new capabilities in the Action1 offering.
Action1, New Cybersecurity Startup Founded by Netwrix Veterans
FEBRUARY 18, 2020
The two co-founders of Netwrix, Alex Vovk and Mike Fimin, established Action1 with the vision of extending into the growing cloud-based cybersecurity market.
Product Review: Action1: Advanced Endpoint Protection in Plain English
FEBRUARY 18, 2020
Action1 is a wonderful tool to gain additional insight into your most vulnerable clients. If you have not done so, I would recommend setting up the free version of Action1.
Action1 Endpoint Security and Patch Management — Free Edition
NOVEMBER 15, 2018
One of the main advantages of Action1 is the ability to pull data from all of your endpoints in real-time, without relying on any previously collected stale data.