Security Defenses and System Administration

VulnRecap 2/26/24 – VMWare, Apple, ScreenConnect Face Risks

eSecurity Planet

FEBRUARY 26, 2024

The fix: System administrators are encouraged to install the Exchange Server 2019 Cumulative Update 14 (CU14), which was issued in February 2024 and enabled NTLM credentials Relay Protection. Despite VMware’s three-year-old deprecation statement, unprotected systems remain at risk.

Risk

Risk Authentication System Administration Ransomware

Vulnerability Recap 9/16/24 – Critical Endpoint Flaws Emerged

eSecurity Planet

SEPTEMBER 16, 2024

Users should immediately update to the most recent versions by going to System Configuration > System Administration > Update Software. It’s strongly advised that you follow the company’s security hardening requirements to protect your systems further.

Software

Software Malware System Administration Encryption

Black Hat AI Tools Fuel Rise in Business Email Compromise (BEC) Attacks

eSecurity Planet

JULY 13, 2023

Such a never-ending hunt for exploits could leave system administrators with little to no time to fix vulnerabilities and keep their systems secure, leaving a wide range of systems vulnerable to exploitation, causing widespread and significant damage.

Cybercrime

Cybercrime Phishing Marketing System Administration

Weekly Vulnerability Recap – August 28, 2023 – Windows, Ivanti, Adobe Hit By Flaws

eSecurity Planet

AUGUST 28, 2023

Some of these attacks are challenging to detect because they look like they could be the behavior of legitimate system administrators. The security bulletin was last updated August 25. Threat actors can use WFP to escalate their privileges on Windows.

VPN

VPN Authentication Mobile Firewall

Weekly Vulnerability Recap – August 28, 2023 – Windows, Ivanti, Adobe Hit By Flaws

eSecurity Planet

AUGUST 28, 2023

Some of these attacks are challenging to detect because they look like they could be the behavior of legitimate system administrators. The security bulletin was last updated August 25. Threat actors can use WFP to escalate their privileges on Windows.

VPN

VPN Authentication Mobile Firewall

Weekly Vulnerability Recap – Sept. 11, 2023 – Android Update Fixes 33 Vulnerabilities

eSecurity Planet

SEPTEMBER 11, 2023

System administrators are advised to implement Dynamic Access Policies (DAP) to halt VPN tunnels with DefaultADMINGroup or DefaultL2LGroup, deny access with Default Group Policy, and ensure all VPN session profiles point to a custom policy. The fix: Cisco has provided interim measures to mitigate the vulnerability.

VPN

VPN Authentication Firmware Phishing

Vulnerability Recap 5/27/24 – Google, Microsoft & GitLab Fixes

eSecurity Planet

MAY 27, 2024

This vulnerability, which affected servers with and without the English (United States) language pack, impeded the successful installation of crucial security patches. This affected system administrators worldwide.

Backups

Backups Authentication DDOS Engineering

What Are Firewall Rules? Ultimate Guide & Best Practices

eSecurity Planet

JANUARY 24, 2024

Deny and alert: Notify systems administrator of potentially malicious traffic. Read our guide to network security next, which covers network layers, major network security challenges, and launching a career in network security. Deny and log: Record all remaining traffic to be analyzed later.

Firewall

Firewall Network Security Financial Services Internet

More ‘actionable’ intel needed from HHS to support health IT security

SC Magazine

JUNE 29, 2021

For example, amid the heightened COVID-19-related cyberattacks in the initial months of the pandemic, the HHS Office for Civil Rights released a list of privacy and security resources to help providers bolster security defenses and prevent violations of the the Health Insurance Portability and Accountability Act.

Healthcare

Healthcare Cybersecurity CISO Cyber threats

What Is VLAN Tagging? Definition & Best Practices

eSecurity Planet

OCTOBER 17, 2023

However, especially for larger companies that are managing large swathes of varied traffic and user types, VLAN tagging is one of the most effective, cost-efficient, and scalable ways for system administrators to manage cybersecurity; bandwidth; network performance; and role-based, device-based, and traffic-based controls.

Authentication

Authentication Wireless Network Security Cybersecurity

CSPM vs CWPP vs CIEM vs CNAPP: What’s the Difference?

eSecurity Planet

AUGUST 4, 2023

To set up and administer access controls using CIEM systems, administrators and security teams may need specialized training. Implementing well-targeted security strategy and defenses will help you properly protect your sensitive data and valuable assets in the cloud.

Architecture

Architecture Risk Data breaches Threat Detection

How to Perform a Vulnerability Scan in 10 Steps

eSecurity Planet

JULY 20, 2023

Vulnerability scans play a vital role in identifying weaknesses within systems and networks, reducing risks, and bolstering an organization’s security defenses. Develop and implement suitable remediation procedures in collaboration with key stakeholders such as system administrators, network engineers, and security teams.

Authentication

Authentication Penetration Testing Risk Software

How to Get Started in Cybersecurity: Steps, Skills & Resources

eSecurity Planet

JULY 30, 2024

A few highlights include analysts, engineering roles in networking, IT system administration, pentesting, and leadership roles. Sysadmin roles can involve: Setting up networks and IT systems: These leaders manage setup processes for hardware, software, network connections, and user permissions.

Cybersecurity

Cybersecurity System Administration Engineering Firewall

Vulnerability Recap 7/15/24 – Industry Patches vs Flaw Exploits

eSecurity Planet

JULY 15, 2024

System administrators should promptly update to the most recent version (4.98). While no active exploitation has been confirmed, more than 1.5 million Exim servers remain vulnerable worldwide, especially in the United States, Russia, and Canada. The fix: Exim developers issued a patch to solve CVE-2024-39929.

Authentication

Authentication Backups Software Risk

Cyber Security Informer

VulnRecap 2/26/24 – VMWare, Apple, ScreenConnect Face Risks

Vulnerability Recap 9/16/24 – Critical Endpoint Flaws Emerged

Trending Sources

Black Hat AI Tools Fuel Rise in Business Email Compromise (BEC) Attacks

Weekly Vulnerability Recap – August 28, 2023 – Windows, Ivanti, Adobe Hit By Flaws

Weekly Vulnerability Recap – August 28, 2023 – Windows, Ivanti, Adobe Hit By Flaws

Weekly Vulnerability Recap – Sept. 11, 2023 – Android Update Fixes 33 Vulnerabilities

Vulnerability Recap 5/27/24 – Google, Microsoft & GitLab Fixes

What Are Firewall Rules? Ultimate Guide & Best Practices

More ‘actionable’ intel needed from HHS to support health IT security

What Is VLAN Tagging? Definition & Best Practices

CSPM vs CWPP vs CIEM vs CNAPP: What’s the Difference?

How to Perform a Vulnerability Scan in 10 Steps

How to Get Started in Cybersecurity: Steps, Skills & Resources

Vulnerability Recap 7/15/24 – Industry Patches vs Flaw Exploits

Stay Connected