#PatchManagement

Microsoft Patches Vulnerabilities in Windows Defender, Update CatalogĀ 

by

December 13, 2024 at 06:40AM Microsoft has patched two critical vulnerabilities: one in Windows Defender (CVE-2024-49071) related to information disclosure, and another in the Update Catalog (CVE-2024-49147) involving privilege escalation. These issues have been fully mitigated, requiring no action from users. Transparency remains a priority for Microsoft with CVE identifiers. **Meeting Takeaways: Microsoft Vulnerabilities Update** … Read more

Cleo patches critical zero-day exploited in data theft attacks

by

December 12, 2024 at 12:09PM Cleo has released urgent security patches for a zero-day vulnerability in its LexiCom, VLTransfer, and Harmony software, actively exploited in data theft attacks linked to the Termite ransomware gang. Customers are advised to upgrade to version 5.8.0.24 to enhance security and mitigate risks from these breaches. ### Meeting Takeaways 1. … Read more

Atlassian, Splunk Patch High-Severity Vulnerabilities

by

December 11, 2024 at 08:03AM Atlassian and Splunk issued patches for numerous vulnerabilities in their products. Atlassian fixed 10 high-severity flaws in various Data Center and Server applications, while Splunk addressed over 15 vulnerabilities, including a high-severity issue in its Secure Gateway app. Users are urged to update promptly; no exploits have been reported. **Meeting … Read more

Three more vulns spotted in Ivanti CSA, all critical, one 10/10

by

December 11, 2024 at 07:15AM Ivanti issued a security advisory for three critical vulnerabilities in its Cloud Services Application (CSA), including a perfect 10-rated authentication bypass flaw. These vulnerabilities could allow attackers to gain unauthorized access and execute malicious commands. Users are urged to upgrade to version 5.0.3 to mitigate risks. ### Meeting Takeaways: **Ivanti … Read more

Ivanti warns of maximum severity CSA auth bypass vulnerability

by

December 10, 2024 at 02:45PM Ivanti has alerted customers about a severe authentication bypass vulnerability (CVE-2024-11639) in its Cloud Services Appliance, allowing attackers to gain admin access remotely. Users should upgrade to CSA 5.0.3. The company also patched other vulnerabilities but found no evidence of exploitation prior to disclosure. **Meeting Takeaways: Ivanti Security Advisory Update** … Read more

Fully patched Cleo products under renewed ‘zero-day-ish’ mass attack

by

December 10, 2024 at 08:44AM Huntress reports widespread exploitation of a vulnerability in Cleo file management products, affecting patched systems. The bug, CVE-2024-50623, allows remote code execution, impacting over 1,700 servers. At least ten customers are compromised, prompting Huntress to recommend firewall protection and other mitigations while awaiting an updated patch from Cleo. ### Meeting … Read more

Google Launches Open-Source Patch Validation Tool

by

December 9, 2024 at 07:34PM Google’s Vanir tool enhances Android security patch validation by automating the identification of missing updates through static code analysis. Covering 95% of known vulnerabilities with a 97% accuracy rate, it significantly reduces patch fix time, offering efficiency improvements for manufacturers and potential adaptability for other platforms. **Meeting Takeaways:** 1. **Complexity … Read more

Large-Scale Incidents & the Art of Vulnerability Prioritization

by

December 9, 2024 at 10:04AM Cybersecurity defenders face increasing vulnerabilities due to a growing IT environment. Recent reports indicate that 14% of breaches exploit vulnerabilities, emphasizing the need for clear prioritization strategies. Learning from past incidents like MOVEit and Log4j can guide effective vulnerability evaluation and management, including the adoption of secure-by-design principles. ### Meeting … Read more

Critical Vulnerability Discovered in SailPoint IdentityIQ

by

December 6, 2024 at 12:55AM SailPoint warned of a critical vulnerability (CVE-2024-10905) in its IdentityIQ IAM platform that allows unauthorized access to files due to improper access control. Affected versions have a CVSS score of 10/10. E-fixes are available, and users are urged to update promptly to prevent potential data compromise. **Meeting Takeaways: SailPoint IdentityIQ … Read more

Explore strategies for effective endpoint control

by

December 5, 2024 at 01:49PM Join a webinar on December 9th at 9am PT/12PM ET/6pm GMT with Tim Phillips and Harman Kaur from Tanium, focusing on automating endpoint management in complex IT environments. Learn how automation enhances security, improves response times, and reduces operational overhead for IT leaders. Register now for valuable insights. ### Meeting … Read more