Exchange admins still waiting for zero-day patch
Microsoft Patch Tuesday release for October 2022 documents 85 fixed vulnerabilities. Exchange users left waiting for zero-day patch.
top of page
Oct 10, 2022
Beyond phishing: targeting Microsoft public-facing services
Beyond phishing, how are hackers infiltrating networks? CISA offers some clues.
Oct 7, 2022
Password rotation: an obsolete practice
Mandatory password resets are still being observed in many organizations, even though the practice can now decrease security posture.
Oct 4, 2022
Managed Detection and Response (MDR) - a growing trend
The explosion of security related events is saturating the ability to analyze and respond. It is time to outsource.
Oct 3, 2022
Vmware and Microsoft Exchange: running on-prem is getting difficult
The emergence of a Microsoft Exchange flaw as well as Vmware malware shows how difficult it is becoming to run on-prem infrastructure.
Sep 30, 2022
Searching for unsigned DLLs as indicator of compromise
Once an attacker has gained initial access to a network (usually via phishing), it becomes crucial to have operational visibility.
Sep 29, 2022
PowerPoint again a popular malware delivery vector
A new malware campaign by Russia affiliated threat actor Fancy Bear, targeting defense and government sectors of EU and SEE nations.
Sep 28, 2022
Known exploited vulnerabilities catalog - a useful resource
When new vulnerabilities are published, admins need to prioritize. A single CVSS score is not enough and often misleading.
Sep 26, 2022
Phishing attacks at record highs
Credential theft is becoming the default for gaining initial access to attacked systems. That is actually good news.
bottom of page