Industry News
Ed Cartier's monthly roundup of industry news
Articles relating to asset management, technology, security and cloud computing

Industry News - Oct 2022

DHS Tells Federal Agencies to Improve Asset Visibility, Vulnerability Detection

The Cybersecurity and Infrastructure Security Agency (CISA) recently published Binding Operational Directive 23-01 (BOD 23-01). This directive requires federal agencies to take the necessary steps to improve their asset visibility and vulnerability detection capabilities. Agencies have six months to comply. Federal agencies must identify network addressable IP-assets in their environments, the associated IP addresses (hosts), aND to discover and report suspected vulnerabilities on those assets. They must also identify including misconfigurations, outdated software, and missing patches. The directive notes that Discovery of assets and vulnerabilities can be achieved through a variety of means, including active scanning, passive flow monitoring, querying logs, or in the case of software defined infrastructure, API query A robust IT asset management would enable agency CIOs to discover the entire network quickly and accurately.
Click here to read more

Ransomware: This Is How Half of Attacks Begin, And This Is How You Can Stop Them

The majority ransomware attacks originate with hackers exploiting vulnerabilities in remote and internet-facing systems, taking advantage of unpatched cybersecurity vulnerabilities. These internet-facing applications are often standard across enterprise environments making them a target for cybercriminals. The applications and services are required to enable employees to work remotely. In addition, organizations might not be aware that they are exposed to the internet. Some exploited of vulnerabilities include vulnerabilities in Microsoft Exchange Server and Fortinet VPNs, and more. All have official fixes available from vendors. But even when security patches have been made available, many companies remain vulnerable to the exploits because the update doesn't get applied. A robust IT asset management solution can identify unpatched software across the network, providing IT managers with critical information need to harden their IT infrastructure.
Click here to read more

Microsoft Warns Of New Zero-Day; No Fix Yet For Exploited Exchange Server Flaws

Microsoft recently released software fixes to address more than 90 security defects affecting products in the Windows ecosystem. The company warned that one of the vulnerabilities (CVE-2022-41033) was already being exploited as zero-day in the wild. The exploited vulnerability impacts the Windows COM+ event system service. It has been exploited in elevation of privilege attacks, and it was likely used as part of an exploit chain detected in the wild. The new warning comes less than a month after Microsoft worked to issue mitigations for a pair of Exchange Server flaws targeted by a nation state-level threat actor. IT asset management tools critical information needed to identify and potentially isolate unpatched devices or systems.
Click here to read more

Fortinet Admits Many Devices Still Unprotected Against Exploited Vulnerability

Fortinet was aware of the vulnerability tracked as CVE-2022-40684 was exploited. The security hole is being increasingly targeted after technical details and proof-of-concept (PoC) exploits were made public. Fortinet noted that After multiple notifications from Fortinet over the past week, there are still a significant number of devices that require mitigation, and following the publication by an outside party of POC code, there is active exploitation of this vulnerability. The company has released patches and workarounds for the vulnerability, It has also published indicators of compromise (IoCs) that IT professionals can to detect signs of an attack. Threat actors have been scanning the internet for affected devices and installing malicious admin accounts. AN IT asset management solution can pinpoint vulnerable devices, assisting the deployment of critical patches.
Click here to read more

Top Three Mistakes IT Security Teams Still Make

According to the Allianz Risk Barometer Data breaches, ransomware attacks, and IT outages overshadow corporate concerns regarding supply chain disruption, COVID, and natural disasters. Although corporate security teams work to protect corporate networks, many common errors continue to be committed. One of those common errors is piecemeal patch management. Patch management is essential, and security teams must be strategic about it. Distributing the best software for employees and customers is essential, but without the procedures to ensure hackers don t compromise the installed software could be disastrous. IT security teams must determine if the applications and operating systems in use are up to date and if updates and patches been rolled out. An effective IT asset management tool can quickly and affordably provide this information on an ongoing basis.
Click here to read more

Apple Patches Over 100 Vulnerabilities with Release of macOS Ventura 13

Apple recently launched of macOS Ventura 13. MacOS Ventura 13 brings includes patches for over100 vulnerabilities in addition to several new features. Over 100 CVE identifiers are listed in Apple s security advisory for macOS Ventura 13. They include issues that are specific to the operating system along with flaws impacting third-party components. If exploited these vulnerabilities can result in arbitrary code execution, theft of information, denial-of-service (DoS) attacks, modifications to file system modifications, security bypasses, and privilege escalation. Exploitation requires deploying malicious applications on the targeted system or require physical access to the device or processing malicious files. An IT asset management toolkit can identify systems that are not up-to-date.
Click here to read more

Industry News - Sep 2022

SaaS Sprawl Amps Up Security Challenges Amid Heightened Risk

In an average company 500 to 2,000 users are uploading, creating, sharing or storing data in 138 different apps. The fact that some enterprise end-users turn to their personal devices for company business further complicates then risk factors. The data reflects continued enterprise reliance on SaaS applications. Seventy five percent of respondents indicated that more than fifty percent of their applications are currently SaaS-based and over sixty percent said their organization is spending more on SaaS applications year over year. An IT asset management tool that can manage cloud applications and identify all devices on the network can be an invaluable tool in managing cloud security and costs.
Click here to read more

With SaaS Prices Set To Rise, Contract Negotiation May Become Vital

CIOs must request a detailed explanation of the uplift to understand how the vendor s business is being impacted by the current economic climate to ensure they are not presenting exaggerated truths. With detailed documentation in hand CIOs can have the advantage during pricing negotiations. Decker advises CIOs to push back with data from economic indexes or the vendor s own earnings statements. According to the Gartner report, if negotiations fail, CIOs might need to step down to a lower level of support or reducing licensing. An IT asset management solution that tracks cloud usage and contracts can be a valuable tool when negotiating with cloud vendors.
Click here to read more

Microsoft Raises Alert for Under-Attack Windows Flaw

included a fix for CVE-2022-37969in the September batch of Patch Tuesday updates. Microsoft warned that attackers are currently exploiting the flaw to gain SYSTEM privileges on fully patched Windows machines. In its bulletin acknowledging the bug exists in Windows Common Log File System (CLFS) the company notes that An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. An attacker must already have access and the ability to run code on the target system. This technique does not allow for remote code execution in cases where the attacker does not already have that ability on the target system. A robust IT asset management can be a valuable tool in identifying unpatched systems on the network or within the IT infrastructure.
Click here to read more

Apple Warns of macOS Kernel Zero-Day Exploitation

Apple has issued patches for security defects in a wide range of products which included patches for two of critical macOS kernel vulnerabilities which are currently being exploited in the wild. The two vulnerabilities (tracked as CVE-2022-32894 and CVE-2022-32917) impacts macOS Big Sur. The macOS Big Sur 11.7 update addresses eight additional security flaws, some of which expose Apple customers to code execution attacks and privacy bypasses. The comp[any also released iOS 16 with patches for several documented security vulnerabilities. Interestingly, the CVE-2022-32917 kernel flaw is listed among the iOS fixes but Apple did not indicate that this as being exploited in the wild. IT managers can use their IT asset management solutions to identify vulnerable systems that connect to the network.
Click here to read more

Top 5 Attack Surface Challenges Related to Security Operations

According to a recently published ESG research report, over half of all organizations indicated that security operations have become more difficult over the last two years. Respondents cited an evolving and dangerous threat landscape, a growing and changing attack surface, and 34% blamed growing use of public cloud computing services as causes of the problem. Two challenges were mentioned as ways to mitigate security vulnerabilities: re-evaluating of current tools and processes and increases the number of vulnerabilities and patching cycles. A majority of respondents noted that their company suffered a cyber-incident due to an unknown, unmanaged, or mismanaged attack surface asset. A robust IT asset management solution can provide detailed information about a fir s IT infrastructure and attack surface, enabling management to better defend against potential cyber-attacks.
Click here to read more

Microsoft Issues Out-of-Band Patch for Flaw Allowing Lateral Movement, Ransomware Attacks

Microsoft this week released an out-of-band security update for its Endpoint Configuration Manager solution to patch a vulnerability that could enable malicious actors to move around in a targeted organization s network. Microsoft Endpoint Configuration Manager (MECM was previously called SCCM. It is the of an on-premises management solution for desktops, servers and laptops, which allows IT professionals to deploy updates, apps, and operating systems. Client push installation is one method for deploying the needed client application to endpoints. It enables administrators to push clients easily and automatically to new devices. The vulnerability is tracked as CVE-2022-37972. It has been described by Microsoft as a medium severity spoofing issue. The vulnerability is tracked as CVE-2022-37972 and it has been described by Microsoft as a medium-severity spoofing issue. A robust IT asset management tool can supplement the Endpoint Configuration Manager and provide IT professionals will a better view of their IT asset infrastructure.
Click here to read more

Every Department Wants to Partner With IT, But Challenges Await

As companies navigate continuous hybrid, remote and back-to-office policies, their business units see benefits in collaborating with IT and the technical and security support it provides. However, an increase in collaboration does can present new challenges. Nearly seventy five percent of IT decision makers indicated that their organization has successfully decentralized its IT structure. But nearly all said they expect their organization to encounter challenges related to decentralization. The problems IT departments will confront as they become integrated into other departments will be maintaining security levels, quality levels and the reliability of ongoing support. An IT asset management solution can provide key information on all systems on the corporate network, regardless of which business is using them.
Click here to read more

Industry News - Aug 2022

Already Exploited Zero-Day Headlines Microsoft Patch Tuesday

The vulnerability (CVE-2022-34713) affects the Microsoft Windows Support Diagnostic Tool (MSDT). It has been used to trick users into opening or interacting with specially crafted files. Microsoft has encountered security problems in the diagnostics tool over the past year. This vulnerability is part of a massive Microsoft Patch Tuesday that addresses overt 120 documented flaws in Windows and operating system components. Seventeen of the 121 new vulnerabilities patched in this monthly batch rated 'critical.' Over 100 are classified as 'important'. IT professionals can utilize their IT asset management tools to identify unpatched systems and take any needed action.
Click here to read more

Assessing the Risk of Poorly Configured, Internet-Exposed Protocols

In the Cybersecurity and Infrastructure Security Agency's (CISA) "Shields Up" notice the agency recommended that organizations go back to cybersecurity basics. It recommended by the use of secure passwords, patching vulnerabilities, and properly securing internet-exposed protocols to avoid exposing data. In a related report, cybersecurity company ExtraHop focused on internet-exposed protocols. Its report and examined the risks of unsecured ports and protocols and provided advice for mitigating risk. The company found that many institutions were using older, unsupported protocol versions, which increased risks to the network. A robust IT asset management solution can be used identify obsolete or unsupported software in use on the network.
Click here to read more

HC3 Calls Attention to Cloud Security Concerns, Mitigation Tactics

"Shadow IT is the use of information technology services, software, or devices that aren't approved by an IT department for use. Shadow IT has risen over the years through the use of public cloud services and as employees saw the short-term benefit versus the long-term security impacts. If a department is unaware of an application, then they won't have the ability to secure it properly." Companies can utilize their IT asset ,management software to identify and manage instances of shadow IT.
Click here to read more

Apple Issues Urgent Cybersecurity Updates to Fix Zero-Day Vulnerabilities

The Cybersecurity and Infrastructure Security Agency (CISA) reported that Apple recently issued security updates to protect against two zero-day vulnerabilities discovered in macOS Monterey, iOS and iPadOS, and Safari. CISA noted that an attacker could exploit one of these vulnerabilities and take control of an unpatched device. If successful the attacker could gain remote code execution and kernel-level privileges. CISA has repeatedly urged IT professionals to keep all devices up to date with regard to software patches. A robust IT asset management tool is kly to identifying unpatched assets.
Click here to read more

Industry News - Jun 2022

Microsoft Office Zero Day Leaves Researchers Scrambling Over the Holiday Weekend

The Cybersecurity and Infrastructure Security Agency (CISAQ) urged administrators and users to review Microsoft s guidance on a workaround to the Follina vulnerability. The malware affects the Microsoft Support Diagnostic Tool in Windows. Follina enables a remote, unauthenticated user to take control of a system by exploiting downloaded Microsoft Office documents. It impacts all versions of Office 365 files when using an .RTF file. At this writing a patch has not been issued. In the interim, IT professionals should investigate rogue child processes created under Microsoft Office products, including msdt.exe and sdiagnhost.exe. Microsoft also suggested disabling MSDT URL protocol as a workaround. This action will prevent troubleshooters from launching as links. In addition, users with Microsoft Defender Antivirus should turn on cloud-delivered protection and automatic-sample submission. IT managers can also identify vulnerable systems using their IT asset management tools.
Click here to read more

How to Navigate the IT Tension of Hybrid Work

Self-acquired tools create a potential for more shadow IT and less visibility into operations. As employees go back to working into central hubs, it becomes harder for IT teams to maintain diverse systems while trying to manage a greater number of tools and applications. Before the pandemic, IT department toolkits included collaboration software, productivity tools and other enterprise applications. Now they must also manage a new suite of employee acquired software tools. Using an IT asset management system, IT managers can create a complete inventory of each software that is on the network.
Click here to read more

Cloud Cost Management Is Still an Enterprise Problem

Today companies are spending too much on cloud. according to Flexera s 2022 State of the Cloud report over 80% of companies surveyed regard spend management as a top cloud-related challenge. Brian Adler, senior director of cloud market strategy at Flexera, noted that The cloud makes it ridiculously easy to spend money. This problem is a cloud version of shadow IT. If firms don t have a handle on what they are using, and what they are paying for, they will inevitably spend on cloud services they don t need. Adler also observed that It s Day One for everybody in the cloud at some point, he said. Without visibility into cloud services spending can grow to a point where t on-premises seems like the cost-effective action. An IT asset management solution that can track and report cloud services and usage can be an invaluable tool in controlling cloud-related costs.
Click here to read more

So Long, Internet Explorer. The Browser Retires Today

Microsoft recently announced that it will no longer support Internet Explorer. the once-dominant browser that legions of web surfers loved to hate and a few still claim to adore. IE s demise was announced in 2021 when Microsoft said that it was putting an end to Internet Explorer on June 15, 2022. Users were pushed to its Edge browser, which was released in 2015. Users often complained that IE was slow, prone to crashing and vulnerable to hacks. To mitigate the security dangers presented by unsupported software, IT managers can identify systems running IE by using their IT asset management solutions to perform a software inventory. Systems running IE can then be selectively upgraded.
Click here to read more

Windows Updates Patch Actively Exploited 'Follina' Vulnerability

With its June 2022 Patch Tuesday updates, Microsoft has fixed approximately 50 vulnerabilities. Among them is the actively exploited flaw known as Follina and CVE-2022-30190. The Follina vulnerability has been exploited for remote code execution using specially crafted documents. Although Microsoft has been known the cause of the vulnerability for several years, the company seems to have ignored the issue until a researcher discovered and published that is was being actively exploited. The first attacks leveraging Follina were launched in April of this year, and exploitation attempts have increased in recent months. While a patch has now been released, Microsoft did make available workarounds and mitigations shortly after the disclosure. IT managers can identify vulnerable systems using their IT asset management toolkit.
Click here to read more

Industry News - May 2022

Adobe Warns of 'Critical' Security Flaws in Enterprise Products

Adobe recently shipped patches to deal with 18 serious security defects in multiple enterprise-facing products. The company warned users hat unpatched systems are vulnerable to remote code execution attacks. Critical vulnerabilities were discovered and faddressedin the FrameMaker document processor, the InCopy and InDesign suites, the Character Animator motion capture tool and the Adobe ColdFusion platform. According to Adobe, 10 of the 18 vulnerabilities were addressed in Adobe FrameMaker. the document processor used by large organizations to write and edit large or complex documents. Adobe warned users that "This update addresses an important and multiple?critical vulnerabilities. Successful exploitation could lead to arbitrary code execution and memory leak." The company said it was not aware of any in-the-wild exploits. IT managers can identify unpatched systems using their IT asset management solutions.
Click here to read more

12 Steps to Building A Top-Notch Vulnerability Management Program

Alex Holden, CISO with Hold Security added that. "It all has to be taken into account, so when something new comes up, you'll know if it's something you have to fix." A comprehensive IT asset management solution can automate the creation and maintenance of a current, accurate and comprehensive inventory.
Click here to read more

Apple Finally Patches Exploited Vulnerabilities in macOS Big Sur, Catalina

Apple patched CVE-2022-22675 with the release of macOS Big Sur 11.6.6, watchOS 8.6, and tvOS 15.5, and CVE-2022-22674 with Security Update 2022-004 for Catalina. Other vulnerabilities were also resolved with the latest Big Sur and Catalina updates. The company also released software updates for macOS Monterey, iOS, and iPadOS. Security updates were also released for Xcode and Safari. IT Professionals can utilize their IT asset ,management tools to identify vulnerable ot unpatched systems.
Click here to read more

Industry News - Apr 2022

Cost Management Woes Continue for Cloud Adopters: Report

According to Foundry s 2022 Cloud Computing Survey controlling costs is the top challenge for over 35 percent of cloud adopters, The survey found that companies plan to devote over 30 percent of IT budget toward cloud in the next 12 months. However, decentralized IT and multicloud strategies create cost challenges. Too often firms using decentralized IT and multicloud strategies struggle to determine how specific departments or developers utilize the cloud resources. A cloud oversight and governance structure is important a multicloud environment, as companie must be aware of the resources available to optimize costs. An IT asset management software application designed to discover and report on cloud assets can be a useful tool to control cloud costs and utilization.
Click here to read more

2 Years Later: Enterprise Hardware Shifts Are Here to Stay

In the time since the initial response to the pandemic, hardware purchasing trends at the enterprise level have changes. Companies needed to ensure that they did not neglect their hardware needs. Today many are moving purchasing away from fixed assets such as desktop PCs in favor of more mobile gadgets. adjusting their provider strategy to match their needs. Analysts expect that the changes will become permanent. In some cases, companies provided employees with stipends to purchase the equipment they needed for remote work they need on their own. This approach took the burden of buying, and shipping everything to their newly minted work-from-home workforce away from the IT department. An IT asset management tool that can discover and inventory a wide range of assets in a distributed environment can help the IT department into manage and support remote equipment and software.
Click here to read more

Five Key Considerations for Improving IT Supply Chain Security

Many organizations do not maintain a comprehensive and current inventory of products, capabilities and services obtained from third-party IT providers. With the prevalence of cloud services, open-source software and multitiered service providers, organizations can easily lose track of what equipment, software and services have been acquired from various vendors. It is critical for an organization to be able toto identify the applications, services, solutions, infrastructure and data they rely on for day-to-day operations. A configuration management database (CMDB) is often the ideal repository for the storage of technical details of all third-party IT products and capabilities operating within the organization. IT personnel can then use the CMDB to identify if and where an organization is vulnerable to an exposure if third-party vulnerabilities are made evident. The CMDB should also include dependency data on the business processes with which the products and services interact. This information will enable the organization to make any risk-based decisions regarding protective and remedial actions needed to mitigate the risk posed by identified vulnerabilities.
Click here to read more

NIST Highlights Enterprise Patch Management in Latest Guidance

The National Institute of Standards and Technology s (NIST) National Cybersecurity Center of Excellence (NCCoE) recently issued its final guidance regarding enterprise software patch management. The guidance is intended to assist organizations to prevent vulnerabilities and exploitation within their IT systems. The two publications (SP-800-40 - a guide to enterprise patch management planning and SP 1800-31 - cases and approaches for improving enterprise patching practices) focused on the need to prioritize patching and preventive maintenance as a means to prevent data breaches and disruptions within the IT infrastructure. The documents make it clear that unpatched devices and systems are easy network entry points for cybercriminals. Patching may become problematic as organizations may not know how many devices are on their networks at any given time. A fully functional IT asset management solution can provide detailed information on all installed devices, software and their patch status.
Click here to read more

Organizations Warned of Attacks Exploiting Recently Patched Windows Vulnerability

The US Cybersecurity and Infrastructure Security Agency (CISA) reported that a newly patched Windows Print Spooler vulnerability has been exploited in attacks. The vulnerability, which is tracked as CVE-2022-22718, was addressed by Microsoft with its February 2022 Patch Tuesday update. However, according to Microsoft, CVE-2022-22718 can be exploited by a local attacker to escalate privileges without t any user interaction. CISA noted that the vulnerability to its Known Exploited Vulnerabilities Catalog, which includes almost 650 exploited flaws. CISA advises all organizations to prioritize the patching of the vulnerabilities included in this catalog. Many IT professionals consider CISA s catalog to be a Must Patch list. An IT asset management solution can provide IT management with detailed information on the patch status of each device in the network.
Click here to read more

Microsoft Patches 128 Windows Flaws, New Zero-Day Reported by NSA

According to tracking data from Zero Day Initiative (ZDI), Microsoft patched 128 new Windows vulnerabilities in April of this year. The April patches cover serious vulnerabilities in Microsoft Defender, Microsoft Dynamics, Exchange Server, Microsoft Office, SharePoint Server, Windows Hyper-V, DNS Server, Windows App Store, and Windows Print Spooler Components. ZDI researchers are urging Windows administrators to prioritize the zero-day update along with a handful of critical bugs that could result in worm attacks. These include CVE-2022-26809 (CVSS 9.8), a vulnerability that can enable an attacker to execute code at high privileges on an affected system. An IT asset management solution can provide IT management with detailed information on unpatched or vulnerable systems.
Click here to read more

Industry News - Mar 2022

Shadow IT Is Evolving as Businesses Sanction More Apps

According to Gartner, with the growth of Software-as-a service (SaaS), shadow IT in the traditional sense, is on the decline. This trend has because IT has either sanctioned a group of useful SaaS tools that it does not provide directly, or business units are requesting IT's clearance to use a new service. Lane Severson, senior research director at Gartner, noted that "It's clear that we are moving away from shadow IT in the classic sense and moving into the era of business-led IT where workers are making decisions about what apps they want to use to get their job done. But they are working with IT to make sure those apps are sanctioned. They aren't just buying random cloud applications and expensing them as much as they were pre-COVID[-19]." Rob Zahn, CIO at AAA of Ohio concurred, stating that The idea of business-led IT has some validity to it. During the pandemic, everyone was asking for IT's help. Because of that, the incidents of people using unsanctioned apps actually went down in his organization
Click here to read more

CIOs Tout Guardrails as Prevention For Shadow IT Woes

Business unit technology acquisition frees CIOs from technology minutiae, creating more time to focus on strategy. However, compliance gaps and security and vulnerability concerns persist. Sheila Jordan, chief digital technology officer at Honeywell, noted that every SaaS software application the business unit acquires can have implications for the business if no one oversees the data flow. One approach is to place guardrails around the use of technology, prioritizing the key priorities credo while protecting the company's assets. Successful shadow IT deployments operate in an environment with centralized governance. Business unit technology acquisitions are inevitable, but technology leaders can use governance to reduce risk. On effective governance tool is a fully functional IT asset management tool, which can identify unauthorized ort on-standard software acquisitions.
Click here to read more

7 Old Attack Vectors Cybercriminals Still Use

Targeting old, identified vulnerabilities is a common practice used by attackers. Known vulnerabilities can be exploited for years if they are not patched, Forrester analyst Allie Mellen noted that, A classic example of this is the exploit EternalBlue. Despite patches being released for the vulnerability in March of 2017, the exploit was used in May of 2017 by the WannaCry ransomware, then again in June of 2017 in the NotPetya cyberattack. This is why patching systems quickly and effectively is so important. Ryan Linder, risk and vulnerability engineer at Censys said that the exploit affects the Server Message Block (SMB) protocol. Today there remain over 200,000 systems exposed to the internet which support SMBv1 (created in 1983). Too many companies fail to keep their software up to date, leaving them vulnerable to critical exploits. and even when exploits are disclosed publicly, many still fail to patch their systems. An IT asset management solution is an effective tool to identify unpatched and vulnerable systems.
Click here to read more

CISA Adds 14 Windows Vulnerabilities to 'Must-Patch' List

The US Cybersecurity and Infrastructure Security Agency (CISA) recently added 15 vulnerabilities to its Known Exploited Vulnerabilities Catalog. Since November 2021 over 500 security flaws have been added to the Must-Patch list. The recently added flaws are older issues, some of which have been patched for more than half a decade. One new addition affects SonicWall SonicOS and 14 are Microsoft Windows vulnerabilities. CISA is requesting that federal agencies to address the newly flagged security defects by April 5. CISA created the Known Exploited Vulnerabilities Catalog to assist federal agencies manage their vulnerabilities. All organizations are advised to review the list and address the identified flaws as soon as possible. A fully features IT asset management tool could help government agencies to identify unpatched or vulnerable systems.
Click here to read more

Apple Patch Day: Gaping Security Holes in iOS, macOS, iPadOS

Apple also released software updates to address security vulnerabilities in macOS (Catalina, Big Sur, Monterey), tvOS, WatchOS, iTunes and Xcode. At least five of the iOS/iPad vulnerabilities could lead to remote code execution attacks. An iPhone user would need to open a malicious PDF file or view malicious web content to enable the attack. According to Apple, the newest iOS 15.4 and iPadOS 15.4 address multiple memory safety issues in several OS components. IT p[professionals can utilize their IT asset management tools to identify unpatched systems.
Click here to read more

Adobe Patches 'Critical' Security Flaws in Illustrator, After Effects

Adobe recently shipped urgent security updates to fix code execution vulnerabilities in its Illustrator and After Effects products. The patches address several arbitrary code execution and memory leak vulnerabilities that could expose data to hacker attacks. Adobe rated the Illustrator flaw as critical with a CVSS base score of 7.8. The company described the bug as a buffer overflow affecting Illustrator 2022 version 26.0.3on both Windows and macOS machines. Adobe is strongly urging users to upgrade to Illustrator 2022 version 26.1.0. An IT asset management solution can assist IT professionals in identifying vulnerable and unpatched systems.
Click here to read more

Vulnerability Management: Addressing Your Weaknesses Before They Can Be Exploited

A robust IT asset management solution can assist in identifying vulnerabilities within the network.
Click here to read more

Western Digital App Bug Gives Elevated Privileges in Windows, MacOs

Western Digital's recently issued an advisory that its EdgeRover desktop app for Windows and Mac is vulnerable to local privilege escalation and sandboxing escape bugs. That vulnerability could allow access to and disclosure of sensitive information. EdgeRover is a centralized content management solution for Western Digital and SanDisk products. It us used to unify multiple digital storage devices under a single management interface. Considering the wide use opf of Western Digital s products, it is likely that there are likely a significant number of systems using EdgeRover. The vulnerability, tracked as CVE-2022-22998, and has has been given a CVSS v3 severity rating of 9.1; making it a critical flaw. Western Digital is advising its customers to update their EdgeRover desktop applications to version 1.5.1-594 or later. These versions were recently released last week to resolve the vulnerabilities. IT managers can use their IT asset management tools to identify vulnerable systems.
Click here to read more

Short-Term Defense Strategies Against Russian Cyberaggression

To companies that haven t prioritized cybersecurity, one wonders whether frequent alerts from the government may go unnoticed. But what if the overall level of cyberaggression does spike so such that businesses must address the issue pay? When the intrusion alarms go off, advice about running cybersecurity drills, installing new security tools and encrypting data will be no help. A panel experts made a list of cybersecurity preventative actions a business could reasonably complete in about five business days. Matt Gyde, chairman and CEO of Foresite noted that Patching is the single most important security process an organization can do to drastically improve their security posture. Threat actors are lazy, so they go for the easiest approach. If a threat actor knows that your front door is unlocked [you have a clear vulnerability]. Gyde continued to say that Besides aggressively patching all systems in the environment, the best thing to do is to have robust monitoring of the environment. You cannot defend what you cannot see, and every organization has black holes of rogue IT within them. Every asset must be monitored. A robust IT asset management solution can easily identify unpatched systems and inventory every device and software application on the network
Click here to read more

Industry News - Feb 2022

Culture, Technical Barriers Hinder IT Asset Management

IT asset management (ITAM) has been a challenge CIOs and CFOs for some time. With the technology available today, tracking IT assets should not be difficult. Device discovery, network monitoring and cybersecurity tools can report when a device connects or disconnects from a network. Software asset management can report the total number of licenses in use and the number if licenses that are paid for. Automated asset discovery tools can scan for equipment not owner by IT. All of these processes are made that much easier since every purchase should go through procurement or the accounting department. And, if a CIO lacks the in-house resources, most of these services can be obtained through a managed service provider. ITAM can become a valuable tool in managing the IT infrastructure and controlling overall IT costs.
Click here to read more

Interoperability A Long Way Off as Enterprises Target Multicloud

Multicloud computing environments are becoming the standard enterprise computing strategy. Over thirty percent of IT managers operate in a multicloud framework. That number is expected to exceed 60% within three years according to a Nutanix-sponsored Vanson Bourne survey. Multi-cloud deployment is even more widespread in large enterprises. Over fifty percent of large organizations use multicloud, and that is expected to grow to 80% within three years. The critical challenge facing companies is navigating a tech stack where interoperability is very difficult to achieve. Clouds remain segmented and businesses have few tools or strategies to effectively navigate the complexity. Firms can, however, adopt an IT asset management solution that can help manage various cloud solutions and identify potential waste and overlap in a multi-cloud environment.
Click here to read more

More Line of Business Leaders Drive Tech Buying

IT remains involved in the process for sign-off on cybersecurity, data privacy or regulatory issues. However, rogue IT is still a major issue. IT leaders can utilize their IT asset management software to identify independently acquired software that could be injurious to the network or cause compatibility problems.
Click here to read more

Shadow IT Is Evolving as Businesses Sanction More Apps

IT departments were unprepared to support thousands of remote employees after Covid-19 forced workers out of the office. However, with nearly everyone working from home (WFH) the tools employees relied on were not as effective when accessed from outside the corporate network. Consequently, WFH employees sourced the needed software themselves. However, according to Gartner, shadow IT, in the traditional sense, is on the decline. In many cases IT has either sanctioned a wide array of useful SaaS tools for individual or departmental use, or the business units are asking IT's permission to use a new service. Lane Severson, senior research director at Gartner noted that "It's clear that we are moving away from shadow IT in the classic sense and moving into the era of business-led IT where workers are making decisions about what apps they want to use to get their job done. But they are working with IT to make sure those apps are sanctioned. They aren't just buying random cloud applications and expensing them as much as they were pre-COVID-19." IT asset management tools are an effective way for IT to monitor exactly what is running on the network, both for on-premises and remote workers.
Click here to read more

CISA Warns About 15 Actively Exploited Vulnerabilities

The US Cybersecurity and Infrastructure Security Agency (CISA) has included 15 additional vulnerabilities to its catalog of flaws that are actively exploited by hackers in the wild. Some date back to 2014. However, but two are in Windows components from the past two years. The agency noted in its advisory that "These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pose significant risk to the federal enterprise." The CISA Known Exploited Vulnerabilities Catalog is updated regularly based on real world attacks. Each vulnerability receives a deadline by which federal agencies must patch it on their systems. CIOs can use the IT asset management solution to identify systems that continue to have unpatched vulnerabilities identified by CISA.
Click here to read more

Unpatched Vulnerabilities Remain Primary Ransomware Attack Vector

A recent report by Ivanti ,working with Cyware and Cyber Security Works, determined that cyber-criminals continually leverage unpatched vulnerabilities as their main ransomware attack vector,. Researchers discovered 65 new vulnerabilities associated with ransomware in 2021. This number was nearly a 30% growth compared to 2020. More than a third of those new vulnerabilities were being actively searched for on the internet. This fact further empasizes the need to prioritize patching. The report noted that Unpatched vulnerabilities are the main attack vectors that ransomware groups exploit to gain entry into vulnerable networks. However, our research also identified ransomware groups expanding their focus to not just single unpatched instances but to combinations of vulnerabilities, vulnerable third-party applications, technology protocols, and even insider recruiting as a means to take that first step in launching an attack. IT asset management solutions are a first line of defense in identifying vulnerable systems and software.
Click here to read more

Microsoft Patches for 51 Windows Security Defects

Microsoft also issued a patch an Office for Mac security vulnerability that enables exploitation via the Preview Pane to expose sensitive user data. IT managers can identify unpatched systems using their It asset management tools.
Click here to read more

Integrating New Vulnerability Management Capabilities Into A Comprehensive Cybersecurity Strategy

FCVM overlaps with other capabilities such as digital risk protection services (DRPS) and IT asset management (ITAM). FCVM includes software and processes, including cloud agents, active scanner capability and network analysis that are designed to automatically discover all infrastructure assets without the need for human intervention. On-premises assets, remote assets, cloud and mobile assets should be discoverable. FCM also includes virtual scanning technology to actively locate assets and vulnerabilities anywhere in the network environment. The system should also provide a cyber risk score to inform IT teams about the overall vulnerability of the network and prioritizes. An FCVM solution should also initiate a remediation processes and provide automatic follow-up enabling IT and security teams to know which critical vulnerability will be patched.
Click here to read more

BLS: More Than One-Third of Employers Embraced Telework Due To The Pandemic

According to a recent U.S. Bureau of Labor Statistics (BLS) report, since the start of the pandemic more than 30% of private-sector employers increased telework for some or all employees. The study included data from over 80,000 private-sector employers between July of2 021, and September of 2021. In addition, 25% of private-sector employers offered flexible or work hours. Over the past 2 years, many reports indicated that remote and hybrid work would be become a more permanent model for many employees. The BLS confirms that observation. The BLS survey showed that employers that increased telework, 60% and they expect it to be a permanent change. The move to remote work further underscores the need for IT asset management tools that can identify devices and software in corporate and distributed networks.
Click here to read more

Industry News - Jan 2022

5 Trends Shaping Enterprise SaaS Use In 2022

Software-as-a-Service (SaaS) impacts how companies operate, from back-office operations to automated manufacturing processes. according to a report from Spiceworks Ziff Davis in 2022 productivity tools taking up the largest share of the overall software budgets. Prioritizing productivity is a broader trend in IT this year. The top goal for 2022 is improving day-to-day operations, and to use the best technologies and strategies are used to accomplish the goal. As a result, SaaS buying will continue to decentralize in 2022, redefining which groups are doing the buying and how the tools are acquired. This article outlines five trends that will shape enterprise SaaS use in 2022:
Click here to read more

Nearly One-Third of SaaS Spend Goes to Waste, Survey Says

According to Flexera's State of ITAM 2022 report, almost thirty percent of SaaS software spend is underutilized or wasted. The survey included 465 global IT professionals at companies with 1,000 or more employees. Companies also have difficulty managing desktop software. The report noted that employees estimated that over thirty percent of the company s spend in this category is either underutilized or wasted. Only one-third of surveyed IT asset management teams said that they currently SaaS usage, and almost half of respondents plan to start tracking SaaS usage. Most respondents noted that their main priority is responding to audits. Clearly, an IT asset management solution that can help manage cloud services, especially SaaS, will yield real benefits to the IT organization.
Click here to read more

Log4j Threats Expected to Play Out Well Into 2022

Security researchers are warning the impacts of the Log4j vulnerability will continue to leave organizations open to potential threats during the first months of 2022. Microsoft said in an updated blogpost that "Exploitation attempts and scanning remained high during the last weeks of December." Attackers have added additional exploits to existing malware kits and tactics, ranging from coin miners to hands-on-keyboard attacks. The Apache Software Foundation recently released version 2.17.1 of Log4j. It is the latest in a series of updates since the vulnerability was disclosed in December. The newly released fix addresses the risk of remote code execution when an attacker with certain permissions can create a malicious configuration using a JDBC Appender. The Log4j attacks underscore the need to patch on an ongoing basis and to use an It asset management solution to identify vulnerable systems,
Click here to read more

VMware Plugs Security Holes in Workstation, Fusion and ESXi

Tracked as CVE-2021-22045, the vulnerability exists in the CD-ROM device emulation function of Workstation, Fusion and ESXi. Disabling or disconnecting the CD-ROM/DVD devices on all running virtual machines should prevent any potential exploitation. CVE-2021-22045 affects ESXi 6.5, 6.7, and 7 versions, Workstation 16.x, and Fusion 12.x. VMware Cloud Foundation (ESXi) 4.x and 3.x are affected as well. IT managers can use their IT asset management tools to identify vulnerable and/or unpatched systems.
Click here to read more

Recognizing the Customer s Responsibility in a Shared Responsibility Model

Every industry, regardless of its size, is working to realize the benefits of the cloud. However, it is crucial to align the cloud strategy with the business goals and desired outcomes. From a security standpoint, it s also important to be aware of the regulatory and compliance requirements and how they can be achieved using cloud platforms. It is naive to believe that the cloud provider is entirely responsible for its customers security. Too many enterprises are failing to address how their employees use external applications, leaving them free to share huge amounts of proprietary information. A cloud providers Software as a Service (SaaS) model does not mean IT does not need a holistic program that covers people, processes, and technology. A fully functional IT asset management solution that helps manage cloud applications and vendors provides a good platform to fgain control over cloud assets.
Click here to read more

Push to Explain What Software Contains Gains Steam After Log4j Flaw

In order to secure their technology against cyber-criminals, firms must know what is inside their software. This was highlighted in 2021to secure it against hackers and prevent the type of upheaval seen at the end of 2021 when widely used Log4j software was found to have a serious security flaw. The lack of visibility into the components of corporate software has given rise to an old idea; developers must provide a complete inventory of what software components are built into their software packages That would include open-source components used by programmers during development. Many open-source projects are maintained by only a handful of developers generally aren t vetted by security teams. This combination opens a software system to attack. The U.S. Cybersecurity and Infrastructure Security Agency has promoted such a listing known as a software bill of materials (SBOM) as a means to better respond to new vulnerabilities.
Click here to read more

Critical, Wormable Microsoft Vulnerability Could Lead to Cyberattacks

One vulnerability, labeled CVE-2022-21907, is a remote code execution (RCE) flaw in the HTTP Protocol Stack. This vulnerability can be enabled in Windows server 2022, 20H2 core, along with Windows 10 and Windows 11 versions. The vulnerability is wormable, as it does not require human interaction to spread its attack surface. Microsoft recommends that organizations prioritize patching this vulnerability immediately. IT managers can utilize their IT asset management software to identify unpatched or vulnerable servers.
Click here to read more

Apple Patches 'Actively Exploited' iOS Security Flaw

Apple recently released an urgent iOS update with fixes for 11 documented security flaws. The company noted that one of the vulnerabilities may have been actively exploited. The CVE-2022-22587 flaw is a memory corruption issue that enables a malicious application to execute arbitrary code with kernel privileges. In addition, the iOS 15.3 patch repairs code execution flaws in ColorSync, kernel, and the WebKit rendering engine. IT managers can identify unpatched systems using their IT asset management tools.
Click here to read more
© xAssets 2022 All rights reserved.