Vulnerability scanning, threat management, risk analysis, patching, and configuration management are some of the major activities usually associated with vulnerability management, and none of these are new…so why are we failing so badly at many of them?
This month’s Patch Tuesday is massive, to say the least, with a total of 13 bulletins, affecting many products and all versions of Windows. Earlier this month, Microsoft announced that the upcoming Windows 10 will not follow the typical Patch Tuesday cycle and updates will be provided when they become available.
On Demand Webinar: Our latest webinar featured Dr. Mansur Hasib, CISSP, PMP, CPHIMS, in a discussion on electronic health records and the modern cyber criminal. Electronic health records are far more valuable to the modern cyber criminal. For the hacker, they fetch more value over a much longer period of time. For the victim – many who are still children — the repercussions could last decades!
Death, Taxes and Malware: BeyondInsight 5.5 Adds Malware Analysis. BeyondTrust combats advanced persistent threats with new capabilities in BeyondInsight IT Risk Management Console. BeyondInsight Clarity threat analytics capability incorporates malware analysis to identify APTs and other hidden threats.
Microsoft gave everyone a breather in this month’s Patch Tuesday, serving up fixes for a surprisingly modest 26 vulnerabilities. The fixes address various flaws including remote code execution, information disclosure, security feature bypass and cross-site scripting to name a few. Let’s dive right in: MS15-032 – Cumulative Security Update for Internet Explorer (3038314) IE makes…
On Demand Webinar: Dave Shackleford recounts some of his personal experiences in patch management failure, and breaks down the most critical issues holding many teams back from patching more effectively.
Live webinar | March 26, 2015 | 10am PT/1pm ET | Dave Shackleford, SANS Instructor | Why You Still Suck at Patching…and How to Turn Your Life Around
Premera Blue Cross, a major health care services provider, recently disclosed information regarding a data breach that could impact 11 million of its customers. According to Premera’s cyberattack website created to disseminate information about the breach, hackers gained access to their systems and may have accessed customer information including names, addresses, email addresses, telephone numbers,…
Microsoft patched 44 CVEs across 14 bulletins this month, with vulnerabilities in Internet Explorer and Adobe Font Driver necessitating the bulk of those fixes. With so many bulletins, it was only natural that a wide variety of security flaws were found: remote code execution, elevation of privilege, denial of service, information disclosure, cross-site scripting, spoofing and security feature bypass were all present and accounted…
Join BeyondTrust Research and Development team for an in-depth live webinar that will explore the attack vectors used in the Carbanak Bank Breach and share successful mitigation techniques needed to prevent this type of attack.