SEARCH
Archive
Microsoft’s RDP Patch Isn’t a Complete Fix
Microsoft's February security update fixes the vulnerability that can result in reverse RDP attacks in the built-in Windows RDP client, but third-party RDP clients are still vulnerable, Check Point said.
CISA Urges Resetting Active Directory After Patching VPN
Vulnerabilities need to be patched, but security doesn’t stop with updates since the attackers may already be inside the network. Additional steps may be necessary, such as resetting passwords and looking for evidence of other types of infection or compromise.
Managing Vulnerabilities by Crowd-Sourcing Threat Details
Thousands of software vulnerabilities are made public each year, leaving IT and security teams to sift out irrelevant issues from the bugs that need to be fixed. Rapid7's Attacker Knowledge Base brings crowd-sourced feedback to enterprise defenders to help them figure out which flaws to pay attention to.
Keeping Up With Chrome, Firefox Browser Updates
Google and Mozilla have released multiple versions of their web browsers over the past few days to roll back certain features and to fix high-severity vulnerabilities.
Too Many Exchange Servers Remain Unpatched
A security vulnerability in Microsoft Exchange that was fixed in February is still unpatched on hundreds of thousands of Exchange servers.