April 2022 Patch Tuesday forecast: Spring is in the air (and vulnerable)
March Patch Tuesday releases followed in the footsteps of February with low numbers of CVEs reported and resolved, and all updates rated as important except one critical …
How to empower IT Sec and Ops teams to anticipate and resolve IT problems
Every IT system administrator knows the misery of facing a problem for which the root cause requires hours (and sometimes days) to unearth, all the while part of the IT …
Jetico BCWipe Privacy Guard empowers users to disable Microsoft’s default tracking features
Jetico released BCWipe Privacy Guard, bringing together all Windows privacy settings and empowers users to disable Microsoft’s default tracking features with one click, …
February 2022 Patch Tuesday forecast: A rough start for 2022
January 2022 Patch Tuesday was a rough one for Microsoft — and us. In the week following Patch Tuesday, Microsoft was forced to pull and subsequently re-issue several updates …
Delivering vulnerable signed kernel drivers remains popular among attackers
ESET researchers took an in-depth look into the abuse of vulnerable kernel drivers. Vulnerabilities in signed drivers are mostly utilized by game cheat developers to …
A new multi-platform backdoor is leveraged by an advanced threat actor
A novel multi-platform backdoor dubbed SysJoker has been successfully evading security solutions since mid-2021. “In the Linux and macOS versions, it masquerades as a …
Microsoft patches spoofing vulnerability exploited by Emotet (CVE-2021-43890)
It’s the final Patch Tuesday of 2021 and Microsoft has delivered fixes for 67 vulnerabilities, including a spoofing vulnerability (CVE-2021-43890) actively exploited to …
Microsoft vulnerabilities have grave implications for organizations of all sizes
Microsoft software products are a connective tissue of many organizations, from online documents (creating, sharing, storing), to email and calendaring, to the operating …
After failed fix, researcher releases exploit for Windows EoP flaw (CVE-2021-41379)
A local elevation of privilege vulnerability (CVE-2021-41379) in the Windows Installer that Microsoft supposedly fixed on November 2021 Patch Tuesday is, according to its …
Avoiding the costly ESU cycle: Lessons learned from Windows 7 end-of-life
In June 2021, Microsoft announced the end-of-life date for Windows 10: 14 October 2025. From that point on, there will be no new updates or security fixes for the Home or Pro …
Popular npm package hijacked, modified to deliver cryptominers
Several versions of the npm package for UA-parser.js, a widely used JavaScript library, have been modified to include malicious code and have been made available for download. …
Dell announces solutions to move workloads across multiple cloud and edge environments
Dell Technologies announces edge innovations across its infrastructure and PC portfolio to help organizations simplify deployments and capture more value from data generated …