Industry News Roundup
Industry News - Aug 2025
The Humble Printer Highlights Overlooked Security Flaws
According to Steve Inch, global senior print security strategist at HP Inc. "Printers are no longer just harmless office fixtures they re smart, connected devices storing sensitive data. The wrong choice can leave organizations blind to firmware attacks, tampering or intrusions, effectively laying out the welcome mat for attackers to access the wider network." according to a recent survey conducted by HP too many organizations are exposing themselves to malicious actors through their printers. Despite devoting nearly four hours per month to printer management, just over third of respondents said their organizations install firmware updates promptly. An effective IT asset management solution can help improve cyber security by identifying obsolete, unpatched and unauthorized printers.
Flaws Expose 100 Dell Laptop Models to Implants, Windows Login Bypass
Cisco Talos recently reported five vulnerabilities in the ControlVault3 firmware and the associated Windows APIs. These flaws expose millions of Dell laptops to persistent implants and Windows login bypasses via physical access. The issues, tracked as CVE-2025-24311, CVE-2025-25215, CVE-2025-24922, CVE-2025-25050, and CVE-2025-24919, were initially disclosed in June. Dell has announced that patches for them were rolled out for over 100 Dell Pro, Latitude, and Precision models. The affected component is a hardware-based system meant to securely store passwords, biometric information, and security codes. Dell s June advisory lists all the affected models and vulnerable firmware versions, as well as the release dates of the patches. IT professionals can utilize the information from their IT asset management tools to identify affected systems.
How To Upgrade An Unsupported Computer To Windows 11
Even though Windows 11 has a higher system requirement, by creating a custom installation media to bypass those requirements, IT professionals may be able to perform an in-place upgrade or clean installation on an unsupported computer running Windows 10. However, running the latest version of the operating system on incompatible hardware should be a "last-ditch-effort." Microsoft does not support devices that do not meet the minimum specifications. Moreover, while updates may still be accessible, full functionality is not guaranteed. In addition, running the OS without essential security features can expose the system to security risks. This third party how-to guide, explains how to upgrade a device that does not meet Windows11 minimum system requirements. System administrators can identify non-compliant devices using the information from their IT asset management solutions.
Over 29,000 Exchange Servers Unpatched Against High-Severity Flaw
Over 29,000 Exchange servers exposed online are currently unpatched against a high-severity vulnerability. The vulnerability can allow attackers move laterally in Microsoft cloud environments, which could result incomplete domain compromise. The security flaw (CVE-2025-53786) enables hackers who gain administrative access to on-premises Exchange servers to raise privileges within the connected cloud environment. Once inside the network the threat actor can, without leaving easily detectable traces, manipulate trusted tokens or API calls. CVE-2025-53786 impacts Exchange Server 2016, Exchange Server 2019, and Microsoft Exchange Server Subscription Edition. Vulnerable devices can be identified using information generated by an IT asset management system.
Adobe Patches Over 60 Vulnerabilities Across 13 Products
Adobe recently published 13 new advisories that address vulnerabilities in Substance 3D products including Viewer, Modeler, Painter, Sampler, and Stager. The company patched one or more critical code execution vulnerability in each of them. Multiple medium severity memory leaks were also addressed. Adobe stated that it is not aware of malicious attacks exploiting any of these vulnerabilities. In addition, all of the flaws have a priority rating of 2 or 3, indicating that Adobe does not expect to see in-the-wild exploitation. IT professionals can identify unpatched systems using the information from their IT asset management solutions.
Microsoft Patches Over 100 Vulnerabilities
None of the vulnerabilities patched inn this release appear to have been exploited in the wild. However, a Windows privilege escalation tracked as CVE-2025-53779, has been identified as publicly disclosed. A dozen vulnerabilities have a critical severity rating. Based on their CVSS score, most of the patched vulnerabilities are high severity , except for CVE-2025-53766. Trend Micro s Zero Day Initiative (ZDI), which has summarized the patches. IT professionals can identify vulnerable systems using reports generated by their IT asset management solutions.
Fortinet, Ivanti Release August 2025 Security Patches
Fortinet recently published 14 new vulnerability advisories. The most important one is a FortiSIEM. This flaw allows an unauthenticated, remote attacker to execute arbitrary code or commands through specially crafted CLI requests. Fortinet warned that a practical exploit for this vulnerability has been found in the wild. However, the company suggests that the vulnerability has not been exploited for malicious purposes, although a PoC exploit is public. Ivanti s August 2025 Patch Tuesday updates cover two high-severity authenticated remote code execution vulnerabilities in Ivanti Avalanche.
FBI Warns of Russian Cyber Hackers Targeting Critical US Infrastructure
The energy, water, waste, telecommunication, industrial, aviation, and government sectors are exposed to these attacks as they work to replace or secure end-of-life equipment in their extensive frameworks. IT professionals can identify dangerously unsupported devices using information from their IT asset management tools.
Bring Your Own AI: Turning Shadow Tools into Strategic Win
Corporate employees are currently using AI tools, many not authorized by the IT department. They are exploring creative ways to increase productivity. However, this unsanctioned innovation often becomes shadow IT, and can create serious risks in areas of security, compliance, and legal exposure. Too many organizations don't discover the problem until it's too late. This webinar combines the thoughts of IT and legal experts to show how to transform informal AI usage into structured innovation. Participants will learn strategies for assessing risk versus value, building policies that enable rather than restrain, and transform shadow AI into company-wide advantage.
Why Addressing Legacy IT is an Urgent Strategic Priority for CISOs
The consequences of failing to upgrade can be dire. The UK s National Cyber Security Centre (NCSC) reported that many Microsoft users kept using the legacy Windows XP system after it reached its end-of-life date. This practice enabled attackers to exploiti vulnerabilities in XP systems and launch the global WannaCry ransomware attack. NCSC has warned that organizations are reluctant to upgrade Windows 10 will be firms at high risk of compromise. Security concerns about the use of To speed remediation, professionals can utilize their IT asset management solution to identify legacy and out-of-date systems
Companies Spending Too Much on SaaS Could Cost Them More Than Just Money
Most organizations do not have handle on what they're spending on SaaS. If managers were asked "Who owns SaaS spend in your company?" answers could range from "Finance handles it" to" "That's IT's job," or "Honestly, it depends." Therein lies the problem. Companies are spending amounts from $9,000 to $17,000 per employee annually on software, but most organizations have little knowledge of what they're actually buying. The expansion of software tools in the organization, which has become exacerbated by AI, has created a gap between what companies think they're managing and what they're actually managing. And that gap is getting more costly by the month. An It asset management tools that can identify and map SaaS licenses can help control software costs.
Industry News - Jun 2025
Software Vulnerabilities Pile Up at Government Agencies, Research Finds
According to a recent Veracode report U.S. government agencies are operating with massive amounts of unresolved vulnerabilities which make them vulnerable to hackers and cybercriminals. The report found that approximately 80% of government agencies have software vulnerabilities that remain unaddressed for at least a year, and over half have long-standing software flaws that place them at even greater risk. According to Veracode, government agencies are falling short of the investments and procedures required to address vulnerable and unpatched software. Chris Wysopal, chief security evangelist at Veracode noted that, Organizations don t have a process that includes enough engineering capacity to fix security issues found vs building more features and functionality. Their fixing process is not efficient enough to keep up with new flaws found when new code is written. In addition, Tom Kennedy, vice president of federal systems at Axonius observed that Legacy government IT often lacks comprehensive visibility and integration capabilities, hindering timely identification and remediation of vulnerabilities. These older systems frequently rely on outdated software, unpatched vulnerabilities, and insecure configurations directly impacting overall security. An investment in a robust IT asset management system would facilitate the identification of vulnerable systems, speeding the patching and remediation process for any agency.
Cloud Assets Have 115 Vulnerabilities on Average Some Several Years Old
Companies are finding it difficult to keep their cloud infrastructure secure. After recently analyzing billions of production assets on AWS, Azure, Google Cloud, Oracle Cloud and Alibaba Cloud, researchers from Orca Security observed that cloud assets have on average 115 vulnerabilities. Moreover, over half have at least one such vulnerability that s over 20 years old. Consequently, attackers, including state-backed cyberespionage groups, have recently increasingly targeted cloud infrastructure. A third of analyzed cloud assets are in the neglected-asset category resources that use unsupported operating systems and/or which haven t been patched in over 180 days. The firm found that almost all companies have at least one neglected asset, typically virtual machines. These observations underscore the need for organizations to be able to quickly identify vulnerable or obsolete systems. A robust IT asset management solution is a critical too in achieving that end.
Fortinet, Ivanti Patch High-Severity Vulnerabilities
Fortinet and Ivanti recently announced patches for over a dozen vulnerabilities across their product portfolios, including fixes for several high-severity flaws. Ivanti released a Workspace Control (IWC) update to address three high-severity bugs (tracked as CVE-2025-5353, CVE-2025-22463, and CVE-2025-22455) that could result in credential leaks. The company noted that, We are not aware of any customers being exploited by these vulnerabilities prior to public disclosure. These vulnerabilities were disclosed through our responsible disclosure program. Fortinet released 14 patches in the same timeframe to address one high severity (tracked as CVE-2025-31104) and several medium-severity, security defects.
Microsoft Patch Tuesday Covers WebDAV Flaw Marked as Already Exploited
Microsoft recently released patches for over 60 security defects across the Windows ecosystem. It called urgent attention to a WebDAV remote code execution bug (marked as important with a CVSS score of 8.8/10) which has been exploited in the wild. The vulnerability allows browser-based drive-by downloads if a target clicks on a rigged website. Check Point Software, which is credited with reporting the bug, issued a separate advisory explaining that successful exploitation could enable an attacker to execute arbitrary code on the affected system. IT professionals can utilize their IT asset management solutions to identify vulnerable or unpatched systems.
A Practical Approach to Integrating Vulnerability Management into Enterprise Risk Management
Adopting a comprehensive approach to risk management is critical to protect an organization from cybercriminals and data breaches. The integration of a robust vulnerability management lifecycle is central to maintaining effective cybersecurity and should be a key aspect of an organization's risk management. However, too many organizations still struggle to implement comprehensive vulnerability management strategies due to financial or technological constraints. Organizations can build a strong vulnerability management lifecycle without expensive tools by leveraging existing resources (such as IT asset management tools), optimizing internal processes and fostering a security-aware culture. Vulnerabilities can be discovered through various methods, including asset scanning and discovery tools, penetration testing, configuration reviews or manual assessments.
WhatsApp Banned on US House of Representatives Devices, Memo Shows
According to a recent memo the WhatsApp messaging service has been banned from all U.S. House of Representatives devices. The memo stated the "Office of Cybersecurity has deemed WhatsApp a high risk to users due to the lack of transparency in how it protects user data, absence of stored data encryption, and potential security risks involved with its use." House members were advised to use other messaging apps, including Microsoft Corp's Teams platform, Amazon.com's Wickr, Signal, and Apple's iMessage and FaceTime. In the past, The House has banned other apps from staff devices including the TikTok app due to security issues. CIOs need to be aware of potential threats, and can use their IT asset management tools to identify devices with unwanted or unsanctified software.
Industry News - May 2025
Microsoft May 2025 Patch Tuesday Fixes 5 Exploited Zero-Days, 72 Flaws
The May 2025 Microsoft Patch Tuesday includes security updates for over 70 flaws, including five actively exploited and two publicly disclosed zero-day vulnerabilities. This release also fixes six "Critical" vulnerabilities, five of which are remote code execution vulnerabilities with another being an information disclosure bug. The specific vulnerabilities addressed are: elevation of privilege vulnerabilities (17), security feature bypass vulnerabilities (2), remote code execution vulnerabilities (28), information disclosure vulnerabilities (15), denial of service vulnerabilities (7) and spoofing vulnerabilities (2). IT professionals are urged to update their systems with the new patches. A robust IT asset management tool can help identify unpatched and vulnerable systems.
Universities Are Struggling with Document Security And Hackers Are Taking Advantage
Many universities operate with obsolete or nearly obsolete IT systems. The Higher Education Policy Institute noted in a recent report that universities need an army of IT staff to keep systems from crumbling under their own weight. Maintaining legacy systems is a burden on staff and increases cyber risk. Another growing problem for universities is shadow AI. When employees struggle with outdated systems, they look for any tool that increases efficiency, even if it is unsanctioned or unsafe. Implementation of a robust IT asset management solution would provide the information for any university to plan and manage needed upgrades to its IT infrastructure.
Ivanti Patches Two EPMM Flaws Exploited In The Wild
After becoming aware of in-the-wild attacks exploiting two previously unknown vulnerabilities, Ivanti recently released emergency patches for its enterprise mobile device management (MDM) solution. The two flaws, that are tracked as CVE-2025-4427 and CVE-2025-4428, have moderate and high severity. However, when they are combined in an exploit chain, they enable unauthenticated remote code execution on Ivanti Endpoint Manager Mobile (EPMM). Ivanti released EPMM versions 11.12.0.5, 12.3.0.2, 12.4.0.2, and 12.5.0.1, which include fixes for the two vulnerabilities.
Adobe Patches Big Batch of Critical-Severity Software Flaws
This month s Adobe Patch Tuesday releases include a major Adobe ColdFusion update that addresses a number of code execution and privilege escalation attacks. The Adobe bulletin documents 7 distinct vulnerabilities marked as critical. Adobe warned that these vulnerabilities, which carry a CVSS severity score of 9.1/10, could result in arbitrary file system read, arbitrary code execution and privilege escalation. The Adobe Photoshop software was also updated to fix three critical-severity bugs which had code execution risks. Adobe also identified a critical bug in Adobe Illustrator that should be patched with urgency. Code execution software defects in Adobe Lightroom, Adobe Dreamweaver, Adobe Connect and Adobe InDesign were also addressed. IT professionals can utilize the information generated by their IT asset management solution to identify unpatched or affected systems.
Is AI Use in the Workplace Out of Control?
Recent research indicates that the average enterprise is using 254 distinct AI-enabled apps. Of those 254 AI apps in use, nearly ten percent have been developed by Chinese. While usage is surging, security and governance are being left behind. For example, DeepSeek clearly got a lot of headlines in January to the extent that the Pentagon and government lawmakers scrambled to block the app on government systems. after it found staff using it. DeepSeek has even been deemed a national security risk by a US House Panel. IT professionals should be concerned about the ability of apps to launch seemingly from nowhere and gain massive amounts of users very quickly. Employees often don t care about the consequences of their use of shadow-AI. Fishbowl found that nearly 70% of users hide ChatGPT from their bosses. Nearly half would refuse to stop using it if it were to be banned. Quite simply, AI tools are just too appealing for employees not to use. Too many will go to extreme lengths to get their hands on them, even without approved licenses. A robust IT asset management tool can identify unauthorized or unlicensed software across the enterprise, enhancing governance.
The Days of Bringing Your Own Device To Work Could Be Coming to An End
According to Kinly, a key motivator behind the proposed bans is the rise of Shadow AV , which is causing serious security concerns. Shadow AV includes the use of unauthorized audio-visual equipment and personal technology in the workplace. Similar to the problem of Shadow AI - the use of unauthorized AI tools in the workplace - security professionals have grown concerned about the prospect of personal tech slipping into the workplace unnoticed. An It asset management tool can assist in identifying non-corporate devices and software residing on the company s infrastructure.
Industry News - Apr 2025
The Rise of Shadow AI and Regaining Control Of Software Spend
The pattern is not new: a useful software tool emerges, spreads through an organization, and is shortly considered indispensable. Unfortunately, all this happens without IT s approval process. It s known as shadow IT and it s a constant battle. Artificial Intelligence (AI) has become the newest invader. AI is here, it s being widely adopted, often doing so under the radar and surprising licensing and budget personnel at renewal. The rate of AI adoption is forcing organizations to re-evaluate their software budgets. To efficiently integrate these new AI applications, a complete review and optimization of existing software spend is critical. Doing this manually is inefficient, risky, and will likely yield inaccurate results. A better way involves leveraging an IT asset management tool to inventory software, reconcile license spend and evaluate the hardware system infrastructure.
CISA Urges Urgent Patching for Exploited CentreStack, Windows Zero-Days
CISA, he US cybersecurity agency recently advised organizations to urgently patch two exploited zero-day vulnerabilities in Gladinet CentreStack and Microsoft Windows. The CentreStack bug (tracked as CVE-2025-30406 with a CVSS score of 9) was disclosed in April when Gladient announced patches for it. Gladient patched the vulnerability in CentreStack 16.4.10315.56368 and urged organizations to update immediately. The Windows flaw, which is tracked as CVE 2025-29824, is described as a use-after-free issue in the platform s Common Log File System (CLFS) driver. Microsoft addressed the security defect on April 2025 Patch Tuesday. The company warned users that it has observed a threat actor exploiting it against organizations in the US, Venezuela, Spain, and Saudi Arabia. IT managers can utilize their IT asset management tools to identify vulnerable systems.
Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day
Microsoft recently released urgent updates for at least 120 Windows vulnerabilities, which included a zero-day in the Windows Common Log File System (CLFS) which is described as actively exploited. The CLFS zero-day vulnerability enables an attacker to gain SYSTEM privileges by exploiting a use-after-free bug. The flaw has a CVSS severity score of 7.8/10 and needs only low-level privileges with no user interaction. The April Patch Tuesday rollout also includes fixes for a use-after-free memory corruption flaw in Windows Hyper-V and documented a pair of critical remote code execution flaws impacting its Windows Remote Desktop Services. The Microsoft Excel spreadsheet product also received a security makeover to address at least three vulnerabilities that introduced remote code execution risks. The company also addressed critical issues with remote code execution paths in the Microsoft Office productivity suite. IT managers can utilize their IT asset management tools to identify unpatched systems.
Exploited Vulnerability Puts 5,000 Ivanti VPN Appliances at Risk
According to The Shadowserver Foundation, there are over 5,000 internet-accessible Ivanti Connect Secure appliances that are susceptible to attacks a recently disclosed vulnerability. The issue, which is tracked as CVE-2025-22457 and has a CVSS score of 9, is described as a stack-based buffer overflow. It could be exploited by remote, unauthenticated attackers to execute arbitrary code on a vulnerable appliance. Ivanti addressed the vulnerability in February but recently stated that it misdiagnosed it as a production bug and that in-the-wild exploitation was ongoing. The vulnerability impacts Ivanti Connect Secure version 22.7R2.5 and earlier, Pulse Connect Secure 9.x, Ivanti Policy Secure version 22.7R1.3 and prior, and ZTA Gateways version 22.8R2 and earlier. Ivanti noted that only Connect Secure and Pulse Connect Secure appliances have been targeted in attacks, urging users to update their devices as soon as possible.
Why CIOs Should Prioritize IT Modernization
Companies often push off infrastructure modernization, thinking the utilizing existing IT infrastructure is a financially sound decision. However, too often enterprises try to run 21st-century operations on last-century technology, only to watch agile competitors take market share or to encounter serious vulnerabilities. The consequences of delaying It upgrades are evident across industries. Organizations that continue operating on outdated or obsolete infrastructure find themselves unable to meet market demands, customer needs or security requirements. That s why companies are finally recognizing they can t keep kicking the can down the road , and are reprioritizing modernization from a discretionary initiative to a required investment. A robust IT asset management solution can provide invaluable information to make the modernization effort more efficient and cost effective.
Shadow AI: The Growing Threat Companies Can No Longer Ignore
As AI tools find their way into every corner of the workplace, a new threat has emerged. Shadow AI, the use of unsanctioned AI tools, is proving difficult to track and even harder to control. Shadow AI is not not just another version of shadow IT. It is a much stealthier threat. Unlike traditional unauthorized software that is easier to identify AI capabilities are often hidden inside familiar, trusted software. IT professionals may believe their digital environment is secure, but sensitive data could already be flowing out of the enterprise through invisible AI channels. The numbers tell a startling story. Nearly forty percent of employees admit to using AI tools not fully approved or managed by IT. Even worse, every untracked AI interaction becomes a potential point of risk. Use of a robust IT asset management tool can identify non-standard software, or software out-of-rev with corporate standards.
Industry News - Mar 2025
CISA Tags Windows, Cisco Vulnerabilities As Actively Exploited
CISA has advised US federal agencies to secure their systems against attacks exploiting vulnerabilities in Cisco and Windows systems. The first flaw (CVE-2023-20118) enables attackers to execute arbitrary commands on RV016, RV042, RV042G, RV082, RV320, and RV325 VPN routers. Cisco says that its Product Security Incident Response Team (PSIRT) is aware of CVE-2023-20025 publicly available proof-of-concept exploit code. The second security bug (CVE-2018-8639) is a Win32k elevation of privilege flaw that enables local attackers logged into the target system to to run run arbitrary code in kernel mode. According to Microsoft this vulnerability impacts client (Windows 7 or later) and server (Windows Server 2008 and up) platforms. CISA noted that "These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise." Microsoft and Cisco have not yet updated their security advisories after CISA tagged the two vulnerabilities as actively exploited in attacks. These flaws make the need to identify vulnerable systems paramount. A robust IT asset management solution can aid in the effort.
Microsoft Flags Six Active Zero-Days, Patches 57 Flaws: Patch Tuesday
Microsoft s most recent Patch Tuesday updates included warnings that a half-dozen Windows security defects have already been exploited in the wild. The company labeled six of the 57 security vulnerabilities patched this month as exploitation detected. It encouraged Windows administrators to prioritize another large batch of code execution flaws. The latest exploited zero-days affected the Microsoft Management Console, Windows NTFS, the Fast FAT File System Driver, and the Win32 Kernel Subsystem. According to Microsoft, the exploited bugs allow security features bypass, remote code execution, privilege escalate via memory corruption issues. IT managers can utilize their IT asset management tools to identify unpatched systems.
CISA Warns of Ivanti EPM Vulnerability Exploitation
CISA recently warned of three critical-severity vulnerabilities in Ivanti Endpoint Manager (EPM) that are being exploited in the wild. The vulnerabilities are tracked as CVE-2024-13159, CVE-2024-13160, and CVE-2024-13161 and are described as absolute path traversal flaws affecting EMP versions 2024 and 2022 SU6 with the November 2024 security update installed. Ivanti issued patches for the security defects in January. The vulnerabilities reside in functions that attempt to read the files in specific directories to calculate their hashes, and which accept user input. IT managers can use then information generated by their IT asset management tools to identify vulnerable systems.
Critical Fortinet Vulnerability Draws Fresh Attention
Fortinet customers who yet to patch a critical authentication bypass vulnerability that was disclosed by company in February should act quickly. The vulnerability, labeled CVE-2025-24472, allows remote attackers to get super-admin privileges on affected systems. They exploit a weakness in how Fortinet's FortiOS and FortiProxy technologies handle Client Server Framework proxy requests. Systems with exposed FortiGate firewall management interfaces are at the most risk. FortiGate disclosed the flaw on February 11, along with a patch. CISA and others have in the past repeatedly pointed to products that fall into the category of edge device as technologies that attackers love to target because of the access they provide to victim environments. Stefan Hostetler, senior threat intelligence researcher member at Arctic Wolf noted that "As we predicted in the tail end of 2024, we expect that edge devices will continue to be exploited by cybercriminals in 2025 and beyond. Threat actors are likely to continue capitalizing on misconfiguration and outdated firmware as long as there s more money to be made." This observation underscores the need to use IT asset management tools to identify vulnerable and misconfigured systems.
CISA Warns of RESURGE Malware Exploiting Ivanti Flaw
CISA (U.S. Cybersecurity and Infrastructure Security Agency) recently published a Malware Analysis Report (MAR) on a RESURGE, a new malware call. RESURGE has been used in attacks targeting the flaw CVE-2025-0282 in Ivanti Connect Secure appliances. The malware creates web shells, bypasses integrity checks, and modifies files. It enables credential harvesting, account creation, and privilege escalation. CISA added the Ivanti Connect Secure Vulnerability CVE-2025-0282 to its Known Exploited Vulnerabilities (KEV) catalog in January. The agency noted that Ivanti has released an update that addresses one critical and one high vulnerability in Ivanti Connect Secure, Policy Secure and ZTA Gateways. Successful exploitation of CVE-2025-0282 could lead to unauthenticated remote code execution. CVE-2025-0283 could allow a local authenticated attacker to escalate privileges. IT managers are urged to use their IT asset management tools to identify unpatched systems.
Industry News - Feb 2025
How Will NIS2 Impact ITAM Teams?
In January 2023 the European Union enacted a revised version of the 2016 Network and Information systems Directive (NIS). This directive is a legislative framework intended to bolster cybersecurity across EU infrastructure. The directive requires EU member states to incorporate enhanced cybersecurity measures into law. The new rules came into effect 18 October 2024. The directive has two main pillars: Duty of Care and Duty to Report. ITAM practices can improve an organization s cybersecurity capabilities. ITAM s role in developing a comprehensive asset inventory plays a key role in identifying potential software vulnerabilities. The NIS2 directive highlights the critical nature of robust asset management practices. By maintaining a comprehensive, up-to-date IT asset inventory, vulnerability management, and collaboration with cybersecurity teams, ITAM can play a vital role in complying with the NIS2 requirements.
Microsoft Patches Wormable Windows Flaw and File-Deleting Zero-Day
Microsoft s security response team patched over 55 documented software defects in Windows OS and applications. It also identified a privilege escalation bug in Windows Storage and a code execution issue in the Windows Ancillary Function Driver for WinSock. These are flagged for for immediate attention due to active exploitation. The Windows Storage Elevation of Privilege bug enables attackers to delete targeted files on a system. Microsoft also urged Windows administrators to prioritize CVE-2025-21418 as a matter of urgency. It warned that the Windows Ancillary Function Driver for WinSock contains a serious law that provides SYSTEM privileges to a successful attacker. IT managers can utilize the information from their IT asset management solutions to identify p[atched and vulnerable systems.
Ghost Ransomware Has Hit Firms In Over 70 Countries, FBI And CISA Warn
A recent security advisory published by the US Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) stated the groups are primarily targeting critical infrastructure organizations, as well as healthcare, government, technology and manufacturing. The three agencies said in the reported that "Beginning early 2021, Ghost actors began attacking victims whose internet-facing services ran outdated versions of software and firmware. This indiscriminate targeting of networks containing vulnerabilities has led to the compromise of organizations across more than 70 countries, including organizations in China." This fact underscores the need for organizations to patch or replace vulnerable systems. Unpatched or obsolete equipment can be identified using an IT asset management tool.
Industry News - Jan 2025
Patch Alert: Remotely Exploitable LDAP Flaws in Windows
"A remote unauthenticated attacker who successfully exploited this vulnerability would gain the ability to execute arbitrary code within the context of the LDAP service. It managers can use their IT asset management solutions to scan for and identify any unpatched systems.
New Critical Microsoft Windows Warning As 3 Zero-Day Attacks Underway
In the latest Patch Tuesday security patches Microsoft has released fixes for nearly 160 vulnerabilities, 12 which are critical with eight zero-days; three of which are currently known to be under active exploitation. according to Microsoft. Tyler Reguly, associate director of security research and development at Fortra noted that This is definitely one of those months where admins need to step back, take a deep breath, and determine their plan of attack. The three zero days vulnerabilities bring exploited are classified as CVE-2025-21335, CVE-2025-21333 and CVE-2025-21334. They impact Hyper-V which is described by one researcher as being heavily embedded in modern Windows 11 operating systems and used for a range of security tasks including device guard and credential guard, which are listed as elevation of privileges issues. Consequently, patching these vulnerabilities should be at the top of the list for patching this month. IT professionals can utilize their IT asset management tools to identify vulnerable or unpatched systems.
CISA: Hackers Still Exploiting Older Ivanti Bugs to Breach Networks
The vulnerabilities involved in these attacks include an admin authentication bypass patched in September, and a remote code execution bug also patched tin September). Two other bugs, an SQL injection and a remote code execution vulnerability were both remediated in October. All four bugs have been tagged as exploited in zero-day attacks. CISA added them to its Known Exploited Vulnerabilities Catalog and ordered Federal Civilian Executive Branch (FCEB) agencies to secure their appliances. In order to t thwart any attacks targeting users systems, the federal agencies "strongly encourage" all network administrators to upgrade their appliances to the latest supported Ivanti CSA version.
Ivanti Patches Critical Vulnerabilities in Endpoint Manager
The January 2025 security updates also resolve 12 high-severity defects that could lead to remote code execution (RCE), denial-of-service (DoS), and escalation of privilege, some of which could be exploited remotely without authentication. Ivanti also issued patches for a high-severity race condition issue in Application Control Engine that could allow attackers to bypass the application blocking functionality. The company Irecommends that all customers update their Application Control instances to versions 2024.3 HF1, 2024.1 HF4, and 2023.3 HF3. Ivanti also noted that fixes will not be released for Application Control Module for Security Controls. It recommends that customers migrate to Application Control or Neurons for App Control.
Poor Patching Regime Is Opening Businesses To Serious Problems
As security teams are faced with an increasing number of identified vulnerabilities, vulnerability remediation is slowing at many organizations. According to an analysis by S&P Global Ratings, nearly 75% of organizations are either occasionally or infrequently remediating the vulnerabilities that affect their systems. Paul Alvarez, lead cyber risk expert at S&P Global Ratings said that Our analysis suggests that some organizations that we rate may be slow to remediate highly targeted cyber vulnerabilities, increasing the risk that computer systems could be compromised. The analysis, found that 30% of organizations remediated these vulnerabilities occasionally. CIO s concerned with identifying existing unpatched vulnerabilities can utilize the data from their IT asset management solution to pinpoint at risk devices.
4 Reasons Your SaaS Attack Surface Can No Longer be Ignored
Identity risks, data security risks and third-party risks are all made exacerbated by SaaS sprawl. Each new SaaS account adds a new identity that should be secured and represents a new source of third-party risk. This growing attack surface, much of which is unmanaged in most organizations, becomes an attack surface and becomes an attractive target for cyber-criminals. Data from Nudge Security indicates that the average employee creates a new SaaS account about every two weeks. That constitutes 200 new SaaS accounts per month for an organization with 100 employees. Each one of these SaaS identities expands the organization's attack surface and creates a new avenue for sensitive data to be stolen. Only a solution that can deliver continuous SaaS discovery along with just-in-time prompts can help CIOs to take appropriate steps to secure their accounts and combat this new form of shadow IT.
Industry News - Jul 2024
Driving Efficient Software Spend: How Smart Organizations Beat Sprawl and Maximize SaaS Value
The Software as a service (SaaS) market is evolving and offers new opportunities for tech professionals to optimize operations and efficiency. Organizations are working to streamline IT investments by consolidating applications and focusing on integrated solutions. Despite their efforts challenges in managing SaaS sprawl are ongoing. This webinar will help participants to gain practical strategies, expert insights, and tools needed effectively lead a team in the dynamic SaaS landscape. During the webinar the speakers will examine changing SaaS usage trends and their impact on efficiency, share ideas to effectively manage the evolving tech stack and cover how to prepare for upcoming shifts in SaaS spending.
Legacy Tech Upgrades Cost the Average Business Nearly $3M Last Year
Businesses face significant obstacles when modernizing legacy technology systems, despite efforts and plans to modernize and streamline IT operations. According to Jeremiah Stone, CTO of SnapLogic, challenges are inherent in major technology upgrades, especially regarding legacy systems. Over 75% of IT decision-makers report that their teams spend up to 25 hours a week updating and patching legacy systems. Maintaining and updating Legacy tech can negatively impact productivity and the bottom line. IT managers can use their IRT asset management tools to identify key legacy systems and those which can be phased out or replaced.
Aging Devices, Not AI PCs, Drive PC Shipment Uptick
Businesses want to replace laptops and desktops before support runs out but we think that that surge is going to happen toward the end of this year and the beginning of next year. As a result PC shipments began to recover back this year. Kitagawa also noted that Enterprises are replacing PCs due to age, not AI. Managers can identify devices that need to be replaced using the reporting capabilities of their IT asset management software.
Kaspersky Lab Shuts Down US Operations in Wake Of National Security Ban
According to the edict issued by the , US Department of Commerce s Bureau of Industry and Security (BIS), US companies have until September 239th to stop using Kaspersky s antivirus software and services. US CISO s must act quickly to comply. Tim Crawford, founder of research and advisory firm Avoa, noted that You have to move quickly, don t wait or take a chance to get close to that October deadline, because those non-updated systems will become fully vulnerable, and hackers are lying in wait for you. Kaspersky software will no longer be supported and IT professionals can utilize their IT asset management toolsets to identify impacted systems and networks.
Ivanti Issues Hotfix for High-Severity Endpoint Manager Vulnerability
tracked as CVE-2024-37381 and impacts the Core server of Endpoint Manager 2024. The company also released patches for four vulnerabilities impacting all versions of its Endpoint Manager for Mobile product. Tracked as CVE-2024-36130, CVE-2024-36131 and CVE-2024-36132, these flaws are high-severity bugs. IT managers can identify unpatched systems using their IT asset management toolsets.
Microsoft Patch Tuesday, July 2024 Edition
The other zero-day is tracked as CVE-2024-38112, and is is a weakness in MSHTML, the engine of Microsoft s Internet Explorer web browser. Kevin Breen, senior director of threat research at Immersive Labs, said exploitation of this vulnerability requires the use of an attack chain of exploits or programmatic changes on the target host. Unpatched devices can easily be identified using a robust IT asset management toolset.