Microsoft Patch Tuesday and patch management
- September 18, 2019
Security researchers tracked a very active threat group launching cryptomining attacks around the world against organizations in banking, IT services, healthcare and more.
- August 20, 2019
Borderless networks present new challenges for security pros. Andrew Froehlich explains how this trend makes patch management even more important.
- August 14, 2019
Microsoft disclosed four remote code execution flaws in Remote Desktop Services that are similar to BlueKeep, as well as other vulnerabilities in RDP.
- July 30, 2019
Researchers and developer Wind River disagree over how many devices and users are at risk from the URGENT/11 vulnerabilities in the VxWorks real-time operating system.
- July 23, 2019
After a description for building a remote BlueKeep exploit is posted on GitHub, experts warn that attacks in the wild are becoming more likely and users need to patch.
- July 17, 2019
Despite alerts from Microsoft and the U.S. government, more than 800,000 online systems have yet to patch the Windows RDP vulnerability two months after it was disclosed.
- July 03, 2019
U.S. Cybercom issued an alert about active exploitation of a 2-year-old Microsoft Outlook flaw, and experts say an Iranian threat group is behind the attacks.
- June 19, 2019
DHS issued the latest security advisory for BlueKeep, but it's unclear whether the repeated warnings are being heeded by organizations that have vulnerable systems on the internet.
- June 06, 2019
The NSA issued a rare warning for users to patch against the BlueKeep vulnerability on the same day a security researcher demoed an exploit leading to a full system takeover.
- June 04, 2019
Microsoft again urged users to patch against the BlueKeep vulnerability as more potential exploits surface and one researcher discovered almost 1 million vulnerable systems.
- May 23, 2019
Multiple researchers created proof-of-concept exploits, including remote code execution attacks, targeting the recently patched Windows Remote Desktop flaw called BlueKeep.
- May 15, 2019
Two years after the initial wave of WannaCry attacks, security researchers said the ransomware continues to spread to vulnerable devices even though it's not encrypting data.
- May 06, 2019
Cisco released a patch for a critical vulnerability in Nexus 9000 switches that could allow a remote attacker to gain root access because of the use of a default SSH key pair.
- May 01, 2019
A new DHS directive placed new deadlines on patching critical vulnerabilities for federal agencies and experts are divided on whether the timelines are reasonable and realistic.
- February 15, 2019
Google this week attributed security improvements in Google Play to both automated processes and human reviewers. The improvements include stopping bad apps from being published.