July 25, 2024 at 03:33AM Summary: Patching remains a challenging and laborious task for IT professionals, with low success rates and growing complexities from an increasing number of software applications and vulnerabilities. While automation tools and improved visibility in endpoint management products offer potential solutions, lack of ownership and reluctance to adopt new approaches are … Read more
February 13, 2024 at 11:36AM Ivanti’s VPN appliances have experienced widespread vulnerabilities, with slow incident response and delayed patch releases. This has led to criticism from cybersecurity experts and a federal mandate to disconnect Ivanti products from government systems. Ivanti’s reputation and customer trust are at stake, with uncertain prospects for recovery and continued caution … Read more
January 22, 2024 at 05:12PM A critical VMware vulnerability, CVE-2023-34048, was exploited by a Chinese APT, UNC3886, since late 2021 as a zero-day. The group utilized this to gain remote code-execution capabilities and compromise ESXi hosts. Organizations must ensure patching was effective, as many may still be vulnerable due to various challenges in deploying patches. … Read more