Spectre Still Haunts Microsoft and Intel

Living in the Shadow of Spectre After fumbling their first attempt at patching the Spectre vulnerability, Microsoft has released Security Update 4078407. According to their security advisory, “applying this update will enable the Spectre Variant 2 mitigation CVE-2017-5715 – “Branch target injection vulnerability.” Microsoft has released several stages of updates in an attempt to deal…

Third-Party Patch Update: April 2018

Cisco Patches Vulnerability in WebEx Cisco has just released a CVSS 9 rated update for its WebEx software. In their own words, the unpatched vulnerability “could allow an authenticated, remote attacker to execute arbitrary code on a targeted system.” The malicious party would share a Flash file via WebEx’s sharing capabilities to gain control of…

Ocean’s IoT: Casino Hacked Through Fish Tank

Casino Infiltrated through Internet-Connected Fish Tank Thermometer Picture this: Jazzy music underscores George Clooney’s Danny Ocean pulling off another daring heist. He’s gathered his crew and it’s go time. Their entry point? A fish tank in the lobby. Okay, maybe that’s not the best physical access point, but it is how hackers stole data from…

Whitepaper: Avoiding Patch Doomsday

Creating the Ultimate Patch Strategy Unpatched applications and systems not only expose security risks, they also open the door to data loss, corruption, and performance issues. Even with an understanding of best practices, it is still difficult to create a trustworthy process. To avoid Patch Doomsday, it is critical for every organization to implement a…

Could Your IoT Devices be Hacked with a Google Search?

Most Companies Are Unprepared for the IoT Researchers at Ben-Gurion University warn that hackers have an unexpected resource in exploiting your environment: a Google search. IoT device manufactures set a default password for their devices, sometimes even sharing passwords between brands. “It only took 30 minutes to find passwords for most of the devices [used…

April Patch Tuesday: Don’t Get Burned Twice

Manage Your Vulnerabilities As we explored in our Total Meltdown article, some updates actually made Windows 7 less secure in the last round of Microsoft Patch Tuesday. Even worse, some caused significant performance issues on older hardware models. Many industry experts are recommending you disable Windows updates, or delay any other form of patch management…

WSUS Forces Upgrades

Strike Three for WSUS

Microsoft Ignores Deferral Settings, Forces Win10 Updates For the third time in the last few months, Microsoft pushed updates to Win10 machines that had deferral preferences set. Windows 10 versions 1507, 1511, 1607, and 1703 have been affected and pushed to 1709, whether a user wanted it or not. Microsoft’s response to this invasive error?…

Syxsense Achieves High Marks from Users

Users Love Ease of Use, Powerful Features and Reliable Support G2 Crowd recently released their Spring 2018 Reports. Syxsense was included in four unique lists, highlighting ease of product use and customer satisfaction: Grid® Report for Enterprise IT Management Suites, Usability Index for Enterprise IT Management Suites, Implementation Index for Enterprise IT Management Suites, and…

Meltdown Patch Burns Windows 7 Users

Total Meltdown Sometimes software updates cause more issues than they fix. Microsoft have made a major error in protecting Windows from Meltdown. Thanks to researcher Ulf Frisk, we are now aware that the January Patch Tuesday update has created new issues. The patches that were supposed to protect from Meltdown instead opened up a vulnerability…

[Infographic] IoT Report: March 2018

It’s Time to Prepare for the IoT The Internet of Things (IoT) is growing at a breathtaking pace. It is comprised of billions of devices—from tiny chips to mammoth machines—that use wireless technology to speak to each other (and to us) Most IoT smart devices aren’t in your home or phone—they are in businesses. With…