Patch Management - Security Intelligence

news

Zoom Vulnerability Could Let Third Parties Take Over Webcams

A zero-day Zoom vulnerability could allow third parties to snoop on videoconferencing calls, reactivate uninstalled apps and conduct other malicious activities.

July 10, 2019 | By Shane Schick

news

Woman using a laptop suffering an Astaroth attack

news

Astaroth Attack Infects Windows Machines Via Living-Off-the-Land Techniques

An Astaroth attack leveraged only living-off-the-land techniques to run the backdoor directly in memory on Windows machines.

July 10, 2019 | By David Bisson

news

A security professional writes code on a Linux machine: TCP SACK Panic

news

TCP SACK Panic Flaw Could Compromise Production Linux Machines

A kernel flaw dubbed TCP SACK Panic could allow remote attackers to compromise organizations running large fleets of production Linux computers, according to a series of security advisories.

June 19, 2019 | By Shane Schick

news

IT technician working in a data center: BlueKeep

article

How to Patch BlueKeep and Get to Know Your Company’s Critical Assets

In theory, dealing with BlueKeep should be no different from dealing with other vulnerabilities. Unfortunately, many organizations are lagging in their patch management efforts.

June 14, 2019 | By Koen Van Impe

article

Woman affected by a Windows 10 zero-day vulnerability.

news

Windows 10 Zero-Day Lets Threat Actors Bypass Patch and Escalate Role to Admin Level

Threat actors could use a recently discovered Windows 10 zero-day flaw to take over a computer and bypass local privilege escalation.

June 11, 2019 | By Shane Schick

news

A programmer analyzes computer code for vulnerabilities: blacksquid malware

news

BlackSquid Malware Capable of Abusing 8 Exploits to Install XMRig Monero Miner

The new BlackSquid malware is capable of abusing eight notorious exploits in its attempts to install the XMRig Monero miner.

June 5, 2019 | By David Bisson

news

Colleagues gather around a computer to learn about mitigating cyberattacks.

article

What Cartoons Can Teach Us About Cyberattacks

I will never watch "The Little Mermaid" again without thinking about ransomware and cyberattacks.

May 31, 2019 | By Sue Poremba

article

news

Hundreds of Thousands of Users Targeted Daily With Would-Be WannaCry Imitators

Two years since the WannaCry attacks wreaked havoc around the world, researchers say hundreds of thousands of people are being targeted with the EternalBlue exploit on which it was based.

May 21, 2019 | By Shane Schick

news

news

Updated Version of KPOT Stealer Available for Purchase on Underground Hacking Forums

Researchers observed cybercriminals selling an updated version of the KPOT stealer on some underground hacking forums.

May 14, 2019 | By David Bisson

news

Security researchers analyzing SAP vulnerabilities.

article

Published Exploits for Accessing SAP Systems Put Security Teams on Alert

Researchers published two pieces of exploit code that can allow anyone to interact with an organization's SAP enterprise resource planning platform and perform unauthorized transactions.

May 2, 2019 | By Abby Ross

article

SWEED Threat Actor Uses Typosquatting, UAC Bypasses to Distribute Agent Tesla

UK Government Urges Organizations to Defend Against DNS Hijacking

Telegram, WhatsApp Vulnerability Exposes Media Files to Tampering

Digital Attackers Now Using 16Shop Phishing Kit to Target Amazon Users

Voices of Security

X-Force Red in Action

A Secure Start

On the Front Line With IBM X-Force IRIS

CISO of Major UK Retailer Weighs in on Enterprise IoT Security

IoMT Security: A Comprehensive Approach to Mitigate Risk and Secure Connected Devices

High Stakes, Rising Risks: The Ripple Effects of Cybersecurity in the Healthcare Sector

Threat Intelligence Is the SOC’s Road Map to DNS Security

Taking Over the Overlay: Reconstructing a Brazilian Remote Access Trojan (RAT)

Taking Over the Overlay: What Triggers the AVLay Remote Access Trojan (RAT)?

Taking Over the Overlay: Reverse Engineering a Brazilian Remote Access Trojan (RAT)

Podcast: IT’s Eyes and Ears — The Evolving Security Operations Center (SOC)

Podcast: Reducing Third-Party Risk

Podcast: Development Agility and Open-Source Vulnerability Prioritization

Podcast: Lateral Movement: Combating High-Risk, Low-Noise Threats

Webinar: Protecting Office365 with IBM Cloud Identity and MaaS360

Webinar: Wandera & IBM Introduce the Next Level of Access Management

Webinar: How to Outmatch Data Security Challenges with Cost-Effective, Practical Strategies

Webinar: Total Recon: See You Online, Richter

Tag: Patch Management

Zoom Vulnerability Could Let Third Parties Take Over Webcams

Astaroth Attack Infects Windows Machines Via Living-Off-the-Land Techniques

TCP SACK Panic Flaw Could Compromise Production Linux Machines

How to Patch BlueKeep and Get to Know Your Company’s Critical Assets

Windows 10 Zero-Day Lets Threat Actors Bypass Patch and Escalate Role to Admin Level

BlackSquid Malware Capable of Abusing 8 Exploits to Install XMRig Monero Miner

What Cartoons Can Teach Us About Cyberattacks

Hundreds of Thousands of Users Targeted Daily With Would-Be WannaCry Imitators

Updated Version of KPOT Stealer Available for Purchase on Underground Hacking Forums

Published Exploits for Accessing SAP Systems Put Security Teams on Alert