Discover if your Azure AD instance has any misconfigured applications allowing unauthorized access to external users
Azure AD Multi-Tenant Vulnerability and “BingBang”
read more
Patch Now: Major Exploited Vulnerabilities in IBM Aspera Faspex, IE, Samba, etc
Highlights of some recently exploited vulnerabilities that need to be patched or remediated ASAP.
Microsoft’s Own CISO Says Patching Remains Top Activity
Microsoft’s Bret Arsenault says patch management is a part of his day-to-day burden despite evolving AI capabilities
Microsoft Outlook Zero-Day Threat: Action1 solution
Microsoft has identified and patched a zero-day vulnerability in its popular email client Outlook. However, if you use a Click-To-Run version of Microsoft Office, you may not receive this update via Microsoft Update.
Top 7 Exploited Vulnerabilities in the Wild
Experts say that only a small percentage of vulnerabilities present the biggest risk, here are some of most the important vulnerabilities that need to be patched as they are being actively exploited.
Open Source Software Repository Under Attack
Rogue NuGet packages infect developer machines with malware raise concerns over public open source repository security in general.
New CPG Report by CISA Includes Patching Among Top Recommendations
America’s cyber defense agency issues the updated cybersecurity performance goals (CPG) highlighting risk-based vulnerability assessment and patch management as core goals.
LockBit Ransomware Group Uses Unpatched Vulnerabilities
LockBit ransomware group executed a ransomware attack on SpaceX’s contractor. One of the methods generally used by this group is exploitation of unpatched vulnerabilities.
Three-Year-Old Unpatched Vulnerability: U.S. Government Breach
Threat actors successful in remote code execution due to CVSS score 9.8 vuln that had a patch for over 3 years; CISA recommends implementing a patch management solution as mitigation.
TSA Requires Airlines and Airports to Implement Patch Management
TSA recently announced new requirements for the air travel industry that includes patching of systems as a major component.
The History of Microsoft Patch Tuesday
Brief history of how Microsoft Patch Tuesday initiative started back in 2003, how it evolved over over years, and its continued relevance in the modern times.
Patch Tuesday March 2023
March 2023 Patch Tuesday updates, Microsoft Office and Intel Processors in Windows OS fixes, and third-party software vulnerabilities.
The Importance of Patch Management: Lessons from LastPass
The recent news about the LastPass hack is a stark reminder of the importance of patch management. The hack occurred because one of LastPass’ engineers failed to update Plex on their personal computer with a known vulnerability that had been identified in the software several months prior.
An Overview of Winget – The Windows Package Manager
What is Winget? Winget is a...
Action1: Category Leader for Remote Support and Endpoint Protection
Action1 has been named a Category Leader for both Remote Support and Endpoint Protection by leading software review platforms Getapp, Software Advice, and Capterra. In addition to these two awards, Action1 received three additional awards, bringing total to five.
Patch Tuesday February 2023
February 2023 Patch Tuesday updates and vulnerabilities patched by third-party vendors.
Top Cybersecurity Trends of 2023: What You Need to Know
2023 will become a record-breaking year in the volume of cybercrime. So, here are the top cybersecurity trends we recommend looking out for in 2023.
Security Implications of Per-user Application Installs
Many apps default to per-user installs. Here is why you should transition them all to machine-wide installs. Spoiler: patching, patching, patching!
The Air France-KLM data breach
According to Air France-KLM, details including customers’ names, email addresses, phone numbers, account numbers, and mileage balances might have been exposed.
Patch Tuesday January 2023
January 2023 Patch Tuesday updates and vulnerabilities patched by third-party vendors.