Security News
The state of bot mitigation 64% of organizations lost more than 6% of their revenue due to bot attacks, and 32% lost 10% or more within the last year. 64% of organizations lost 6% or more of their revenue due to bot attacks, and 32% report that their organizations lost 10% or more of revenue within the last 12 months.
In a document released last week, the agency provides mitigations against the risks that come with the use of wildcard certificates. A wildcard digital certificate can be used with multiple subdomains on the same domain, so it can cover multiple servers, while a multi-domain certificate is used for multiple domains on a single IP address.
The recent SolarWinds IT Trends Report found 49% of IT pro respondents perceive their organization's senior leaders or decision makers have a heightened awareness of risk exposure, believing it's not "If" but "When" they will be impacted by a risk factor. Here, we look at how this awareness represents a greater opportunity for IT pros to collaborate with senior leaders and help ensure better risk mitigation for businesses.
Both Microsoft and federal cybersecurity officials are urging organizations to use mitigations to combat a zero-day remote control execution vulnerability in Windows that allows attackers to craft malicious Microsoft Office documents. Microsoft has not revealed much about the MSHTML bug, tracked as CVE-2021-40444, beyond that it is "Aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents," according to an advisory released Tuesday.
American software company Kaseya has issued a security update to patch server-side Kaseya Unitrends zero-day vulnerabilities found by security researchers at the Dutch Institute for Vulnerability Disclosure. Kaseya Unitrends is a cloud-based enterprise backup and recovery solution provided as a stand-alone solution or an add-on for Kaseya's VSA remote management platform.
Microsoft has released temporary mitigation info for a known issue that might cause print and scan failures on multiple Windows Server versions after installing July 2021 security updates on domain controllers. If the known issue still appears on up-to-date devices, affected customers should contact the device manufacturer and ask for setting changes or updates to make the printer or scanner compliant with CVE-2021-33764 hardenings deployed via July Windows 10 security updates.
Microsoft has released mitigations for the new PetitPotam NTLM relay attack that allows taking over a domain controller or other Windows servers. PetitPotam is a new method that can be used to conduct an NTLM relay attack discovered by French security researcher Gilles Lionel.
Microsoft has released mitigations for the new PetitPotam NTLM relay attack that allows taking over a domain controller or other Windows servers. PetitPotam is a new method that can be used to conduct an NTLM relay attack discovered by French security researcher Gilles Lionel.
The U.S. government has stepped in to offer a mitigation for a critical remote code execution vulnerability in the Windows Print Spooler service that may not have been fully patched by Microsoft's initial effort to fix it. In the meantime, Microsoft Thursday put out a new advisory of its own on PrintNightmare that assigns a new CVE and seems to suggest a new attack vector while attempting to clarify confusion that has arisen over it.
Microsoft has provided mitigation guidance to block attacks on systems vulnerable to exploits targeting the Windows Print Spooler zero-day vulnerability known as PrintNightmare. In a separate threat analytics report for Microsoft 365 Defender customers seen by BleepingComputer, Microsoft says attackers are actively exploiting the PrintNightmare zero-day.