The first step in ensuring effective and reliable application of updates is to develop a solid patch management policy that spells out all the processes involved, along with all the participants and their responsibilities.
This article lays out the essential components for an effective policy and provides examples of how they should be written.
As usual, we review the most serious vulnerabilities in popular Windows software for which patches were released in September, including those from Patch Tuesday.
If your company’s patch management process has been halted, where do you start to resolve the problem? How do you get the software upgrade process back to an optimal level after years of issues? Here is a detailed plan.
As usual, we review the most serious vulnerabilities in popular Windows software for which patches were released during the past month, including those from Patch Tuesday.
Organizations need a multi-staged approach to streamline their server patch management process. Here is a six-step patching policy template
Each month, we review the most serious vulnerabilities in popular Windows software for which patches were released during the past month, including those from Patch Tuesday.
In this issue, you will learn about patches for vulnerabilities from Microsoft, Microsoft Edge, Google Chrome, Mozilla Firefox, Foxit PDF Reader, Java, Adobe, VMware.
This digest explores the most serious vulnerabilities in popular Windows software for which patches have been provided in July’s Patch Tuesday.
On the 1st of July 1 CISA has added...
As the business world grows ever more reliant on data and technology, the risk profile for many organizations continues to expand. Cybersecurity is by far the most disconcerting and widespread concern of the many different types of security risks to organizations. The Allianz Risk Barometer ranks cyber incidents (cyberattacks, IT outages, data breaches, etc.) as the number one business risk in 2022. For perspective, cyber threats are up there with business interruptions, natural catastrophes, pandemic outbreaks, and climate change.
Action1 arms internal IT departments and MSPs with advanced scripting capabilities to mitigate Follina vulnerability, a newly discovered Windows zero-day.
Malware infections are a dangerous form of cyberattack. The problem is that malware comes in different shapes and sizes, making it hard to pin them down, learn their malice, and prevent infections. This article looks and the different types of malware—what they are and how they work. We’ll also cover tips for protecting digital assets from malicious software.
RMM vs. PSA, which is better? Well, this is a bit more complicated than a “versus” situation. RMM and PSA software applications are not technically interchangeable—each serves a different purpose from the other. Choosing between the two comes down to what your business needs. Many MSPs actually deploy and run both RMM and PSA tools simultaneously.
A zero-day vulnerability can cause serious problems for businesses, as well as for software users. If these vulnerabilities are hacked or exploited, unauthorized individuals or automated devices can gain access to restricted system areas or software data stores. This is why a thorough approach to software patches — both from the software developer’s side and from the end user’s side — is crucial in cybersecurity and data protection.
The cybersecurity landscape is evolving quickly, and business owners need to work hard to remain protected and agile in the face of this rapid development. With this in mind, let’s take a look at some of the current cybersecurity trends impacting businesses in 2022.
Microsoft squashed a total of 48 security bugs, including one zero-day vulnerability, with February’s Microsoft security updates Patch Tuesday. This figure does not include the 22 Microsoft Edge (chromium) fixes rolled out with today’s Patch release, 19 of which were actually fixed earlier this month. This brings the total number of patches released in February (so far) to 70.
Windows Server Update Service (WSUS) is a tool designed to automate the Windows patching process so that businesses wouldn’t need to go through the struggle of manually updating their servers. While this tool can be useful, there are limitations to keep in mind when choosing whether you want WSUS for your company.
The first Windows security Patch Tuesday of 2022 is here, and it opens the year with a bit of a bang. Microsoft fixed a total of 96 new CVEs in today’s patch release. In comparison, that number was 67 in the last Patch Tuesday. In fact, this is an unusually large patch release volume for January. January has had the lowest number of CVEs patched in a batch release for the last couple of years — typically about half as many as those fixed today. Plus, this is a long way from the relatively small Patch Tuesday releases we saw throughout 2021.
Cybersecurity is paramount in this digital age, but it’s not always on the minds of busy business owners. Sever patching should be performed routinely to keep businesses and accounts safe. However, patching isn’t always done when it should be. One instance of this occurred in early 2021 when over 60,000 vulnerable Microsoft Exchange servers were found unpatched for many weeks. Although patching servers is more work than updating something like a single computer, it’s essential that it gets done. By learning some server patching best practices and automating the process, you can quickly and easily keep your business secure.
Having a comprehensive onboarding checklist can be a huge help for MSPs because it streamlines the entire process and helps make sure nothing important or otherwise is overlooked. Remember that the onboarding process begins before you even submit a proposal, and we hope this guide will help your new client onboarding go a lot smoother every time.
Vulnerability management leverages a set of workflows and products designed to sustain the IT infrastructure, testing it for security flaws and fixing the vulnerabilities detected. This is an ongoing routine denying the notorious approach of not fixing things that are not broken. The latter approach just fails to meet modern protection demands. Unless reviewed and enhanced, the digital assets are easy to compromise. So what is vulnerability management and why does it make a difference? Let’s get to the bottom of this.