In a recent interview at Piper Sandler’s Cybersecurity CEO Summit in San Francisco, Kevin Mandia highlights the importance of patching as a primary solution to mitigate cyberattacks, citing exploitation as a major reason for their success.
Blog
Patch Management and Smart Cities
Apr 20, 2023 | Blog
Timely patching of applications and systems is a critical requirement for smart cities along with MFA, zero trust, and other cybersecurity best practices.
Action1 Not Compromised: Response to Bleeping Computer Article
Apr 18, 2023 | Blog
In the past few days, our users have asked us numerous questions regarding the potential hack of the Action1 platform. This concern has arisen due to a recent article in Bleeping Computer. We would like to reassure our users that Action1 has not been compromised, and their accounts remain safe from potential threats.
The IRS Audited: Software 15 Versions Behind Current! (Unpatched)
Apr 14, 2023 | Blog
A recent US Government Accountability Office (GAO) audit report reveals a significant number of outdated software systems and technologies within the Internal Revenue Service (IRS).
Patch Tuesday April 2023
Apr 11, 2023 | Blog, Patch Tuesday
In this issue: April 2023 Patch Tuesday updates, fixes for Microsoft Snipping Tool, Google Chrome, Firefox, Android, Bing, IEEE 802.11 Wi-Fi protocol, and Apple.
Millions of Internet-Exposed Devices Unpatched. What Shall We Do?
Apr 7, 2023 | Blog, Research and Guides
Make patching of actively exploited vulnerabilities in Internet-exposed devices your #1 priority to reduce your chances of being breached by 99%.
Action1 Emerges as Momentum Leader in 2023 Spring G2 Reports
Apr 7, 2023 | Blog
Action1, a leading risk-based patch management platform for distributed networks, is proud to announce that it has received an impressive 63 badges in the 2023 Spring G2 reports in various categories, including Patch Management, RMM, Endpoint Management, Remote Desktop, and Remote Support.
3CX Falls Victim to Supply Chain Attack: Action1 Solution
Apr 7, 2023 | Blog
3CX has fallen victim to a supply chain attack affecting multiple versions of its desktop app. Action1 helps mitigate the risks with a script terminating all running 3CXDesktop processes and prevents their auto-launch at the next system reboot.
Azure AD Multi-Tenant Vulnerability and “BingBang”
Mar 30, 2023 | Blog
Discover if your Azure AD instance has any misconfigured applications allowing unauthorized access to external users
Patch Now: Major Exploited Vulnerabilities in IBM Aspera Faspex, IE, Samba, etc
Mar 30, 2023 | Blog, Research and Guides
Highlights of some recently exploited vulnerabilities that need to be patched or remediated ASAP.
Microsoft’s Own CISO Says Patching Remains Top Activity
Mar 28, 2023 | Blog
Microsoft’s Bret Arsenault says patch management is a part of his day-to-day burden despite evolving AI capabilities
Microsoft Outlook Zero-Day Threat: Action1 solution
Mar 24, 2023 | Blog
Microsoft has identified and patched a zero-day vulnerability in its popular email client Outlook. However, if you use a Click-To-Run version of Microsoft Office, you may not receive this update via Microsoft Update.
Top 7 Exploited Vulnerabilities in the Wild
Mar 23, 2023 | Blog
Experts say that only a small percentage of vulnerabilities present the biggest risk, here are some of most the important vulnerabilities that need to be patched as they are being actively exploited.
Open Source Software Repository Under Attack
Mar 22, 2023 | Blog
Rogue NuGet packages infect developer machines with malware raise concerns over public open source repository security in general.
New CPG Report by CISA Includes Patching Among Top Recommendations
Mar 21, 2023 | Blog
America’s cyber defense agency issues the updated cybersecurity performance goals (CPG) highlighting risk-based vulnerability assessment and patch management as core goals.
LockBit Ransomware Group Uses Unpatched Vulnerabilities
Mar 21, 2023 | Blog
LockBit ransomware group executed a ransomware attack on SpaceX’s contractor. One of the methods generally used by this group is exploitation of unpatched vulnerabilities.
Three-Year-Old Unpatched Vulnerability: U.S. Government Breach
Mar 16, 2023 | Blog
Threat actors successful in remote code execution due to CVSS score 9.8 vuln that had a patch for over 3 years; CISA recommends implementing a patch management solution as mitigation.
TSA Requires Airlines and Airports to Implement Patch Management
Mar 16, 2023 | Blog
TSA recently announced new requirements for the air travel industry that includes patching of systems as a major component.
The History of Microsoft Patch Tuesday
Mar 15, 2023 | Blog
Brief history of how Microsoft Patch Tuesday initiative started back in 2003, how it evolved over over years, and its continued relevance in the modern times.
Patch Tuesday March 2023
Mar 14, 2023 | Blog, Patch Tuesday
In this issue: March 2023 Patch Tuesday updates, Microsoft Office and Intel Processors in Windows OS fixes, and vulnerabilities patched by other vendors, including TPM 2.0, Google Chrome, Jenkins, Veeam and Android.