Patch/Configuration Management

Wegmans reports misconfigurations on two cloud databases

Steve ZurierJune 18, 2021

Another company was caught in a cloud misconfiguration issue as Wegmans Food Markets notified its customers that two of its cloud databases were left open to potential outside access.

Microsoft prepares for a news conference t in Los Angeles, California. (Photo by Kevork Djansezian/Getty Images)

Patch/Configuration Management

Microsoft fixes 50 vulnerabilities for June, but patch first the six exploited in the wild

Steve ZurierJune 9, 2021

Allan Liska of Recorded Future’s computer security incident response team, lists out the reasons why security teams should take the six exploited vulnerabilities seriously.

A website for the M1racles M1 Apple chip flaw.

Patch/Configuration Management

‘OMG it’s a bug!’ Beware the bells and whistles around vulnerability disclosures

Derek B. JohnsonMay 28, 2021

A vulnerability disclosure shows how splashy websites, catchy names and a healthy dose of FUD can make any vulnerability sound scary.

Inside New York City’s Cyber Command. A new feature from malware scanning site VirusTotal is designed to help Security Operations triage security alerts for false positives. (Credit: New York University)

Patch/Configuration Management

Publishing exploits early doesn’t encourage patching or help defense, data shows

Joe UchillMay 13, 2021

Despite debate in the threat intel community, a new study finds that publishing exploits before patches are available does more harm than good.

Microsoft released a ‘lite’ slate of updates for Patch Tuesday (Microsoft)

Patch/Configuration Management

Microsoft fixes four critical vulnerabilities that pose risk to both data and infrastructure

Steve ZurierMay 13, 2021

Products affected by the Microsoft vulnerabilities include Hyper-V, Internet Explorer, Windows Server, and Windows 10.

Visitors crowd a cloud computing presentation at the CeBIT technology trade fair in Hanover, Germany. Today’s columnist, Lior Yaari of Grip Security, explains the three elements of the Cloud Security Alliance’s best practices. (Sean Gallup/Getty Images)

Cloud Security

Report finds old misconfiguration woes continue to hammer corporate clouds

Derek B. JohnsonMay 12, 2021

Misconfigured storage buckets and leaky APIs remain two of the top causes behind cloud breaches.

Visitors arrive at the cloud pavilion of Amazon Web Services at the 2016 CeBIT digital technology trade fair in Hanover, Germany. Researchers found a flaw in Amazon Kindle devices that give an attacker root access, steal sensitive data and turn the device into a malicious bot for future attacks. (Photo by Sean Gallup/Getty Images)

Cloud Security

Issues with configuration of AWS service lead to exposure of 5 million records

Steve ZurierMay 11, 2021

Amazon Web Services System Manager misconfigurations led to the potential exposure of more than 5 million documents with personally identifiable information and credit card transactions on more than 3,000 SSM documents.

Security Architecture

Dell patches vulnerable driver in a decade of IT products, computers and laptops

Joe UchillMay 4, 2021

The five bugs, collectively cataloged as CVE-2021-21551, create privilege escalation and denial of service issues stemming from memory corruption, lack of authentication, and code logic flaws.

Patch/Configuration Management

Page 47. Back to first page.

Related Videos

A couple simple steps companies can take to protect their systems from ransomware

Wegmans reports misconfigurations on two cloud databases

Microsoft fixes 50 vulnerabilities for June, but patch first the six exploited in the wild

‘OMG it’s a bug!’ Beware the bells and whistles around vulnerability disclosures

Publishing exploits early doesn’t encourage patching or help defense, data shows

Microsoft fixes four critical vulnerabilities that pose risk to both data and infrastructure

Report finds old misconfiguration woes continue to hammer corporate clouds

Issues with configuration of AWS service lead to exposure of 5 million records

Dell patches vulnerable driver in a decade of IT products, computers and laptops