Patch Tuesday: Microsoft Warns of Exploited Windows Zero-Days
Microsoft s issued software updates to fix at least 76 vulnerabilities in Windows and OS components. The software giant is warning that some of the bugs have already been exploited in the wild. Microsoft posted critical-severity ratings on seven of the 76 bulletins. It warned users that these issues could result in remote code execution attacks targeting Microsoft Word, Visual Studio and the Windows iSCSI Discovery Service. The company also distributed important-severity updates for Microsoft Defender, Microsoft Exchange Server, Microsoft Dynamics, 3D Builder, Sharepoint and Microsoft SQL Server. IT managers can utilize the information from their IT asset management tools to identify vulnerable and unpatched systems.
Click here to read moreWindows 7 Extended Security Updates, Windows 8.1 Reach End of Support
On January 10, 2023, Microsioft ended support for Windows 7 Extended Security Updates (ESU) and Windows 8.1. Windows 7 reached end of life on January 14, 2020. However, Microsoft provided customers the option to continue receiving important security updates through its ESU program. ESUs will no longer be available for purchase after January 10, 2023. Windows 8.1 support also ended January 10, 2023,. Computers with this version of Windows will continue to function, but will no longer receive technical support, software updates and, importantly, security updates or patches. Microsoft will not be offering an ESU program for Windows 8.1. Microsoft warned users that Continuing to use Windows 8.1 after January 10, 2023 may increase an organization s exposure to security risks or impact its ability to meet compliance obligations. System administrators can utilize the information from their IT asset management tools to identify systems running obsolete software.
Click here to read moreHow To Mitigate Against Inflation s Impact on Your IT Budget
With inflation hitting a 40-year high and a global recession looming, there s no avoiding the fact that IT costs will likely increase. Consequently, IT leaders are being tasked with evaluating, justifying and reducing IT spend. Two areas of focus are cloud and software-as-a-service (SaaS) expenses. Cloud and SaaS spend currently constitute over ten percent of total spend, making it one of the most significant costs behind salaries. However, these areas of spending that will be almost immediately impacted by inflation. An IT asset management tool that can track SaaS and cloud applications and contracts can become a valuable tool in managing these costs.
Click here to read moreCompanies Lose Surprising Number Of Devices When Employees Leave
According to the research firm YouGov, fifty percent of companies polled YouGov indicated that they lost technology assets, including phones, laptops, and field devices, when people leave. Loss of these devices creates an unnecessary security risk. The report stated that, Organizations have a lot more work to do in accurately and completely deprovisioning departing employees. Former workers that have access to a single system can lead to operational, data privacy, and security issues. In addition, with the growth of software-as-a-service (SaaS) tools, former employees can have unauthorized access to corporate platforms, creating further risks. The report notes that The effort associated with offboarding has been compounded due to the ever-increasing, diverse and dynamic technology footprint of each user. An It asset management solution that inventories and tracks devices by user can provide needed information to control the loss of devices when employees leave.
Click here to read moreMicrosoft Releases Out-of-Band Update After Security Patch Causes Kerberos Issues
The Microsoft software updates released on November 8 addressed a privilege escalation vulnerability affecting Windows Server CVE-2022-37966). This high-severity flaw can enable an attack which can collect information about the targeted system to gain admin privileges. However, soon after the patch was released, users noticed issues related to Kerberos authentication. On November 17, Microsoft released an out-of-band update that addresses the issue. Microsoft told users that Customers who have not already installed the security updates released on November 8, 2022 should install the out-of-band updates instead. Customers who have already installed the November 8, 2022 Windows security updates and who are experiencing issues should install the out-of-band updates. IT professionals with a full-featured IT asset management tool can use it to identify properly patched and unpatched devices.
Click here to read moreDHS Tells Federal Agencies to Improve Asset Visibility, Vulnerability Detection
The Cybersecurity and Infrastructure Security Agency (CISA) recently published Binding Operational Directive 23-01 (BOD 23-01). This directive requires federal agencies to take the necessary steps to improve their asset visibility and vulnerability detection capabilities. Agencies have six months to comply. Federal agencies must identify network addressable IP-assets in their environments, the associated IP addresses (hosts), aND to discover and report suspected vulnerabilities on those assets. They must also identify including misconfigurations, outdated software, and missing patches. The directive notes that Discovery of assets and vulnerabilities can be achieved through a variety of means, including active scanning, passive flow monitoring, querying logs, or in the case of software defined infrastructure, API query A robust IT asset management would enable agency CIOs to discover the entire network quickly and accurately.
Click here to read moreRansomware: This Is How Half of Attacks Begin, And This Is How You Can Stop Them
The majority ransomware attacks originate with hackers exploiting vulnerabilities in remote and internet-facing systems, taking advantage of unpatched cybersecurity vulnerabilities. These internet-facing applications are often standard across enterprise environments making them a target for cybercriminals. The applications and services are required to enable employees to work remotely. In addition, organizations might not be aware that they are exposed to the internet. Some exploited of vulnerabilities include vulnerabilities in Microsoft Exchange Server and Fortinet VPNs, and more. All have official fixes available from vendors. But even when security patches have been made available, many companies remain vulnerable to the exploits because the update doesn't get applied. A robust IT asset management solution can identify unpatched software across the network, providing IT managers with critical information need to harden their IT infrastructure.
Click here to read moreFortinet Admits Many Devices Still Unprotected Against Exploited Vulnerability
Fortinet was aware of the vulnerability tracked as CVE-2022-40684 was exploited. The security hole is being increasingly targeted after technical details and proof-of-concept (PoC) exploits were made public. Fortinet noted that After multiple notifications from Fortinet over the past week, there are still a significant number of devices that require mitigation, and following the publication by an outside party of POC code, there is active exploitation of this vulnerability. The company has released patches and workarounds for the vulnerability, It has also published indicators of compromise (IoCs) that IT professionals can to detect signs of an attack. Threat actors have been scanning the internet for affected devices and installing malicious admin accounts. AN IT asset management solution can pinpoint vulnerable devices, assisting the deployment of critical patches.
Click here to read moreTop Three Mistakes IT Security Teams Still Make
According to the Allianz Risk Barometer Data breaches, ransomware attacks, and IT outages overshadow corporate concerns regarding supply chain disruption, COVID, and natural disasters. Although corporate security teams work to protect corporate networks, many common errors continue to be committed. One of those common errors is piecemeal patch management. Patch management is essential, and security teams must be strategic about it. Distributing the best software for employees and customers is essential, but without the procedures to ensure hackers don t compromise the installed software could be disastrous. IT security teams must determine if the applications and operating systems in use are up to date and if updates and patches been rolled out. An effective IT asset management tool can quickly and affordably provide this information on an ongoing basis.
Click here to read moreApple Patches Over 100 Vulnerabilities with Release of macOS Ventura 13
Apple recently launched of macOS Ventura 13. MacOS Ventura 13 brings includes patches for over100 vulnerabilities in addition to several new features. Over 100 CVE identifiers are listed in Apple s security advisory for macOS Ventura 13. They include issues that are specific to the operating system along with flaws impacting third-party components. If exploited these vulnerabilities can result in arbitrary code execution, theft of information, denial-of-service (DoS) attacks, modifications to file system modifications, security bypasses, and privilege escalation. Exploitation requires deploying malicious applications on the targeted system or require physical access to the device or processing malicious files. An IT asset management toolkit can identify systems that are not up-to-date.
Click here to read moreTop 5 Attack Surface Challenges Related to Security Operations
According to a recently published ESG research report, over half of all organizations indicated that security operations have become more difficult over the last two years. Respondents cited an evolving and dangerous threat landscape, a growing and changing attack surface, and 34% blamed growing use of public cloud computing services as causes of the problem. Two challenges were mentioned as ways to mitigate security vulnerabilities: re-evaluating of current tools and processes and increases the number of vulnerabilities and patching cycles. A majority of respondents noted that their company suffered a cyber-incident due to an unknown, unmanaged, or mismanaged attack surface asset. A robust IT asset management solution can provide detailed information about a fir s IT infrastructure and attack surface, enabling management to better defend against potential cyber-attacks.
Click here to read moreEvery Department Wants to Partner With IT, But Challenges Await
As companies navigate continuous hybrid, remote and back-to-office policies, their business units see benefits in collaborating with IT and the technical and security support it provides. However, an increase in collaboration does can present new challenges. Nearly seventy five percent of IT decision makers indicated that their organization has successfully decentralized its IT structure. But nearly all said they expect their organization to encounter challenges related to decentralization. The problems IT departments will confront as they become integrated into other departments will be maintaining security levels, quality levels and the reliability of ongoing support. An IT asset management solution can provide key information on all systems on the corporate network, regardless of which business is using them.
Click here to read moreAssessing the Risk of Poorly Configured, Internet-Exposed Protocols
In the Cybersecurity and Infrastructure Security Agency's (CISA) "Shields Up" notice the agency recommended that organizations go back to cybersecurity basics. It recommended by the use of secure passwords, patching vulnerabilities, and properly securing internet-exposed protocols to avoid exposing data. In a related report, cybersecurity company ExtraHop focused on internet-exposed protocols. Its report and examined the risks of unsecured ports and protocols and provided advice for mitigating risk. The company found that many institutions were using older, unsupported protocol versions, which increased risks to the network. A robust IT asset management solution can be used identify obsolete or unsupported software in use on the network.
Click here to read moreCloud Cost Management Is Still an Enterprise Problem
Today companies are spending too much on cloud. according to Flexera s 2022 State of the Cloud report over 80% of companies surveyed regard spend management as a top cloud-related challenge. Brian Adler, senior director of cloud market strategy at Flexera, noted that The cloud makes it ridiculously easy to spend money. This problem is a cloud version of shadow IT. If firms don t have a handle on what they are using, and what they are paying for, they will inevitably spend on cloud services they don t need. Adler also observed that It s Day One for everybody in the cloud at some point, he said. Without visibility into cloud services spending can grow to a point where t on-premises seems like the cost-effective action. An IT asset management solution that can track and report cloud services and usage can be an invaluable tool in controlling cloud-related costs.
Click here to read moreApple Finally Patches Exploited Vulnerabilities in macOS Big Sur, Catalina
Apple patched CVE-2022-22675 with the release of macOS Big Sur 11.6.6, watchOS 8.6, and tvOS 15.5, and CVE-2022-22674 with Security Update 2022-004 for Catalina. Other vulnerabilities were also resolved with the latest Big Sur and Catalina updates. The company also released software updates for macOS Monterey, iOS, and iPadOS. Security updates were also released for Xcode and Safari. IT Professionals can utilize their IT asset ,management tools to identify vulnerable ot unpatched systems.
Click here to read moreFive Key Considerations for Improving IT Supply Chain Security
Many organizations do not maintain a comprehensive and current inventory of products, capabilities and services obtained from third-party IT providers. With the prevalence of cloud services, open-source software and multitiered service providers, organizations can easily lose track of what equipment, software and services have been acquired from various vendors. It is critical for an organization to be able toto identify the applications, services, solutions, infrastructure and data they rely on for day-to-day operations. A configuration management database (CMDB) is often the ideal repository for the storage of technical details of all third-party IT products and capabilities operating within the organization. IT personnel can then use the CMDB to identify if and where an organization is vulnerable to an exposure if third-party vulnerabilities are made evident. The CMDB should also include dependency data on the business processes with which the products and services interact. This information will enable the organization to make any risk-based decisions regarding protective and remedial actions needed to mitigate the risk posed by identified vulnerabilities.
Click here to read moreOrganizations Warned of Attacks Exploiting Recently Patched Windows Vulnerability
The US Cybersecurity and Infrastructure Security Agency (CISA) reported that a newly patched Windows Print Spooler vulnerability has been exploited in attacks. The vulnerability, which is tracked as CVE-2022-22718, was addressed by Microsoft with its February 2022 Patch Tuesday update. However, according to Microsoft, CVE-2022-22718 can be exploited by a local attacker to escalate privileges without t any user interaction. CISA noted that the vulnerability to its Known Exploited Vulnerabilities Catalog, which includes almost 650 exploited flaws. CISA advises all organizations to prioritize the patching of the vulnerabilities included in this catalog. Many IT professionals consider CISA s catalog to be a Must Patch list. An IT asset management solution can provide IT management with detailed information on the patch status of each device in the network.
Click here to read moreMicrosoft Patches 128 Windows Flaws, New Zero-Day Reported by NSA
According to tracking data from Zero Day Initiative (ZDI), Microsoft patched 128 new Windows vulnerabilities in April of this year. The April patches cover serious vulnerabilities in Microsoft Defender, Microsoft Dynamics, Exchange Server, Microsoft Office, SharePoint Server, Windows Hyper-V, DNS Server, Windows App Store, and Windows Print Spooler Components. ZDI researchers are urging Windows administrators to prioritize the zero-day update along with a handful of critical bugs that could result in worm attacks. These include CVE-2022-26809 (CVSS 9.8), a vulnerability that can enable an attacker to execute code at high privileges on an affected system. An IT asset management solution can provide IT management with detailed information on unpatched or vulnerable systems.
Click here to read moreShadow IT Is Evolving as Businesses Sanction More Apps
According to Gartner, with the growth of Software-as-a service (SaaS), shadow IT in the traditional sense, is on the decline. This trend has because IT has either sanctioned a group of useful SaaS tools that it does not provide directly, or business units are requesting IT's clearance to use a new service. Lane Severson, senior research director at Gartner, noted that "It's clear that we are moving away from shadow IT in the classic sense and moving into the era of business-led IT where workers are making decisions about what apps they want to use to get their job done. But they are working with IT to make sure those apps are sanctioned. They aren't just buying random cloud applications and expensing them as much as they were pre-COVID[-19]." Rob Zahn, CIO at AAA of Ohio concurred, stating that The idea of business-led IT has some validity to it. During the pandemic, everyone was asking for IT's help. Because of that, the incidents of people using unsanctioned apps actually went down in his organization
Click here to read moreCIOs Tout Guardrails as Prevention For Shadow IT Woes
Business unit technology acquisition frees CIOs from technology minutiae, creating more time to focus on strategy. However, compliance gaps and security and vulnerability concerns persist. Sheila Jordan, chief digital technology officer at Honeywell, noted that every SaaS software application the business unit acquires can have implications for the business if no one oversees the data flow. One approach is to place guardrails around the use of technology, prioritizing the key priorities credo while protecting the company's assets. Successful shadow IT deployments operate in an environment with centralized governance. Business unit technology acquisitions are inevitable, but technology leaders can use governance to reduce risk. On effective governance tool is a fully functional IT asset management tool, which can identify unauthorized ort on-standard software acquisitions.
Click here to read more7 Old Attack Vectors Cybercriminals Still Use
Targeting old, identified vulnerabilities is a common practice used by attackers. Known vulnerabilities can be exploited for years if they are not patched, Forrester analyst Allie Mellen noted that, A classic example of this is the exploit EternalBlue. Despite patches being released for the vulnerability in March of 2017, the exploit was used in May of 2017 by the WannaCry ransomware, then again in June of 2017 in the NotPetya cyberattack. This is why patching systems quickly and effectively is so important. Ryan Linder, risk and vulnerability engineer at Censys said that the exploit affects the Server Message Block (SMB) protocol. Today there remain over 200,000 systems exposed to the internet which support SMBv1 (created in 1983). Too many companies fail to keep their software up to date, leaving them vulnerable to critical exploits. and even when exploits are disclosed publicly, many still fail to patch their systems. An IT asset management solution is an effective tool to identify unpatched and vulnerable systems.
Click here to read moreApple Patch Day: Gaping Security Holes in iOS, macOS, iPadOS
Apple also released software updates to address security vulnerabilities in macOS (Catalina, Big Sur, Monterey), tvOS, WatchOS, iTunes and Xcode. At least five of the iOS/iPad vulnerabilities could lead to remote code execution attacks. An iPhone user would need to open a malicious PDF file or view malicious web content to enable the attack. According to Apple, the newest iOS 15.4 and iPadOS 15.4 address multiple memory safety issues in several OS components. IT p[professionals can utilize their IT asset management tools to identify unpatched systems.
Click here to read moreShort-Term Defense Strategies Against Russian Cyberaggression
To companies that haven t prioritized cybersecurity, one wonders whether frequent alerts from the government may go unnoticed. But what if the overall level of cyberaggression does spike so such that businesses must address the issue pay? When the intrusion alarms go off, advice about running cybersecurity drills, installing new security tools and encrypting data will be no help. A panel experts made a list of cybersecurity preventative actions a business could reasonably complete in about five business days. Matt Gyde, chairman and CEO of Foresite noted that Patching is the single most important security process an organization can do to drastically improve their security posture. Threat actors are lazy, so they go for the easiest approach. If a threat actor knows that your front door is unlocked [you have a clear vulnerability]. Gyde continued to say that Besides aggressively patching all systems in the environment, the best thing to do is to have robust monitoring of the environment. You cannot defend what you cannot see, and every organization has black holes of rogue IT within them. Every asset must be monitored. A robust IT asset management solution can easily identify unpatched systems and inventory every device and software application on the network
Click here to read moreShadow IT Is Evolving as Businesses Sanction More Apps
IT departments were unprepared to support thousands of remote employees after Covid-19 forced workers out of the office. However, with nearly everyone working from home (WFH) the tools employees relied on were not as effective when accessed from outside the corporate network. Consequently, WFH employees sourced the needed software themselves. However, according to Gartner, shadow IT, in the traditional sense, is on the decline. In many cases IT has either sanctioned a wide array of useful SaaS tools for individual or departmental use, or the business units are asking IT's permission to use a new service. Lane Severson, senior research director at Gartner noted that "It's clear that we are moving away from shadow IT in the classic sense and moving into the era of business-led IT where workers are making decisions about what apps they want to use to get their job done. But they are working with IT to make sure those apps are sanctioned. They aren't just buying random cloud applications and expensing them as much as they were pre-COVID-19." IT asset management tools are an effective way for IT to monitor exactly what is running on the network, both for on-premises and remote workers.
Click here to read moreUnpatched Vulnerabilities Remain Primary Ransomware Attack Vector
A recent report by Ivanti ,working with Cyware and Cyber Security Works, determined that cyber-criminals continually leverage unpatched vulnerabilities as their main ransomware attack vector,. Researchers discovered 65 new vulnerabilities associated with ransomware in 2021. This number was nearly a 30% growth compared to 2020. More than a third of those new vulnerabilities were being actively searched for on the internet. This fact further empasizes the need to prioritize patching. The report noted that Unpatched vulnerabilities are the main attack vectors that ransomware groups exploit to gain entry into vulnerable networks. However, our research also identified ransomware groups expanding their focus to not just single unpatched instances but to combinations of vulnerabilities, vulnerable third-party applications, technology protocols, and even insider recruiting as a means to take that first step in launching an attack. IT asset management solutions are a first line of defense in identifying vulnerable systems and software.
Click here to read moreBLS: More Than One-Third of Employers Embraced Telework Due To The Pandemic
According to a recent U.S. Bureau of Labor Statistics (BLS) report, since the start of the pandemic more than 30% of private-sector employers increased telework for some or all employees. The study included data from over 80,000 private-sector employers between July of2 021, and September of 2021. In addition, 25% of private-sector employers offered flexible or work hours. Over the past 2 years, many reports indicated that remote and hybrid work would be become a more permanent model for many employees. The BLS confirms that observation. The BLS survey showed that employers that increased telework, 60% and they expect it to be a permanent change. The move to remote work further underscores the need for IT asset management tools that can identify devices and software in corporate and distributed networks.
Click here to read moreNearly One-Third of SaaS Spend Goes to Waste, Survey Says
According to Flexera's State of ITAM 2022 report, almost thirty percent of SaaS software spend is underutilized or wasted. The survey included 465 global IT professionals at companies with 1,000 or more employees. Companies also have difficulty managing desktop software. The report noted that employees estimated that over thirty percent of the company s spend in this category is either underutilized or wasted. Only one-third of surveyed IT asset management teams said that they currently SaaS usage, and almost half of respondents plan to start tracking SaaS usage. Most respondents noted that their main priority is responding to audits. Clearly, an IT asset management solution that can help manage cloud services, especially SaaS, will yield real benefits to the IT organization.
Click here to read moreVMware Plugs Security Holes in Workstation, Fusion and ESXi
Tracked as CVE-2021-22045, the vulnerability exists in the CD-ROM device emulation function of Workstation, Fusion and ESXi. Disabling or disconnecting the CD-ROM/DVD devices on all running virtual machines should prevent any potential exploitation. CVE-2021-22045 affects ESXi 6.5, 6.7, and 7 versions, Workstation 16.x, and Fusion 12.x. VMware Cloud Foundation (ESXi) 4.x and 3.x are affected as well. IT managers can use their IT asset management tools to identify vulnerable and/or unpatched systems.
Click here to read moreRecognizing the Customer s Responsibility in a Shared Responsibility Model
Every industry, regardless of its size, is working to realize the benefits of the cloud. However, it is crucial to align the cloud strategy with the business goals and desired outcomes. From a security standpoint, it s also important to be aware of the regulatory and compliance requirements and how they can be achieved using cloud platforms. It is naive to believe that the cloud provider is entirely responsible for its customers security. Too many enterprises are failing to address how their employees use external applications, leaving them free to share huge amounts of proprietary information. A cloud providers Software as a Service (SaaS) model does not mean IT does not need a holistic program that covers people, processes, and technology. A fully functional IT asset management solution that helps manage cloud applications and vendors provides a good platform to fgain control over cloud assets.
Click here to read moreCritical, Wormable Microsoft Vulnerability Could Lead to Cyberattacks
One vulnerability, labeled CVE-2022-21907, is a remote code execution (RCE) flaw in the HTTP Protocol Stack. This vulnerability can be enabled in Windows server 2022, 20H2 core, along with Windows 10 and Windows 11 versions. The vulnerability is wormable, as it does not require human interaction to spread its attack surface. Microsoft recommends that organizations prioritize patching this vulnerability immediately. IT managers can utilize their IT asset management software to identify unpatched or vulnerable servers.
Click here to read more