patching
Security teams are under resourced, overwhelmed by attackers
A new report conducted by the Ponemon Institute uncovered security’s “patching paradox” – hiring more people does not equal better security. While security teams plan to hire …
How to close the security update gap
Security patching is hard and patch fatigue is real. So what can be done to make the process more simple, less disruptive, and more likely to be performed in a timely manner? …
Meltdown and Spectre will delay patching for most organizations
Complexity and challenges associated with the Spectre and Meltdown patches will result in companies delaying future patch rollouts, according to Barkly. 72% of organizations …
Abandoned by Microsoft, Equation Editor gets “security-adopted” by micropatch pros
Last week, Microsoft did away with Equation Editor, a tool that has been part of Microsoft Office for over 17 years. The reason behind the move? A remote code execution …
Meltdown and Spectre: To patch or to concentrate on attack detection?
Patching to protect machines against Meltdown and Spectre attacks is going slow, and the provided patches, in some instances, lead to more problems than just slowdowns. In …
Spectre updates will slow down Windows servers and PCs running older versions of the OS
While Intel continues to play down the slowing effect the patches for Meltdown and Spectre can have on machines using their CPUs, Microsoft has finally shared some – …
Infosec expert viewpoint: Vulnerability patching
Vulnerability patching is one of the most useful and cost-effective methods to mitigate a plethora of security threats. Here’s what infosec experts think about the …
Cisco plugs WPA2 holes, critical Cloud Services Platform flaw
Cisco has released updates to address vulnerabilities in a wide variety of its products. Among these are updates fixing the WPA2 vulnerabilities that can be exploited in the …
Patching discrepancy between supported Windows versions puts users at risk
Security improvements should be a welcome addition to all software, but if they are not also simultaneously backported into its older and still supported versions, they can …
Equifax breach happened because of a missed patch
The attackers who breached Equifax managed to do so by exploiting a vulnerability in its US website, the company has finally confirmed. The vulnerability – CVE-2017-5638 …
Equifax attackers got in through an Apache Struts flaw?
Have the attackers responsible for the Equifax data breach exploited a vulnerability in Apache Struts, a popular open source framework for developing web applications, to …
What will it take to improve the ICS patch process?
While regular patching is indisputably good advice for IT networks, one of the main takeaways from the Petya and WannaCry attacks is that a lot of companies don’t do it. And …