https://www.scmagazine.com/topic/patchconfiguration-management
SCM feed for Patch/Configuration Management
2024-03-29T15:07:07+00:00
https://files.scmagazine.com/logo/scm-horizontal-white-with-resource.png
Copyright © 2024 CyberRisk Alliance, LLC All Rights Reserved
tag:www.scmagazine.com:post,709770
Covert extension installation possible with Microsoft Edge flaw
2024-03-28T09:24:14-04:00
SC Staff
https://www.scmagazine.com/contributor/sc-staff
<p>Potential cyberattacks facilitated by covertly installed browser extensions could have been deployed with the exploitation of an already addressed medium-severity privilege escalation vulnerability in Microsoft Edge, according to The Hacker News.</p>
2024-03-28T09:24:09-04:00
tag:www.scmagazine.com:post,703811
What We Don’t Know Will Hurt Us - Cheryl Biswas - BTS #26
2024-03-27T17:22:03-04:00
Paul Asadoorian
https://www.scmagazine.com/contributor/paul-asadoorian
Allan Alford
https://www.scmagazine.com/contributor/allan-alford
2024-03-27T17:00:00-04:00
tag:www.scmagazine.com:post,709522
Rockwell Automation posts advisories on 10 new bugs
2024-03-27T15:11:51-04:00
Steve Zurier
https://www.scmagazine.com/contributor/steve-zurier
<p>CISA encouraged security teams handling industrial control systems to review and mitigate the Rockwell Automation bugs.</p>
2024-03-27T14:19:02-04:00
(Adobe Stock)
tag:www.scmagazine.com:post,709288
Fortinet FortiClient EMS SQL injection flaw exploited in the wild
2024-03-26T16:50:29-04:00
Laura French
https://www.scmagazine.com/contributor/laura-french
<p>A PoC exploit is available for the critical flaw, which was added to CISA’s KEV catalog Monday. </p>
2024-03-26T16:49:28-04:00
SQL injection in Fortinet FortiClient EMS can lead to RCE.
tag:www.scmagazine.com:post,708329
Memory leak on Windows Server update causes domain controllers to crash
2024-03-21T13:56:08-04:00
Steve Zurier
https://www.scmagazine.com/contributor/steve-zurier
<p>Microsoft says it will fix this month’s Patch Tuesday for Windows Server in the coming days.</p>
2024-03-21T13:48:06-04:00
Microsoft is working to resolve a Windows Server update that could cause domain controllers to crash. (Photo by Ramon Costa/SOPA Images/LightRocket via Getty Images)
tag:www.scmagazine.com:post,707706
Google Firebase may have exposed 125M records from misconfigurations
2024-03-19T14:41:02-04:00
Steve Zurier
https://www.scmagazine.com/contributor/steve-zurier
<p>Researchers say they reported their findings to Chattr.ai on Jan. 10, then followed up with a full scan of the internet.</p>
2024-03-19T14:39:22-04:00
Misconfigured Google Firebase websites could have leaked nearly 125 million user records. (Adobe Stock)
tag:www.scmagazine.com:post,709911
Three cloud security misconceptions that hold SMBs back
2024-03-28T15:42:43-04:00
Ben Schreiner
https://www.scmagazine.com/contributor/ben-schreiner
<p>Too many SMB owners think cloud security costs too much money – and won’t make the business more secure. Here’s why that’s not true. </p>
2024-03-29T07:00:00-04:00
tag:www.scmagazine.com:post,709947
Odd NuGet package for industrial equipment raises espionage concerns
2024-03-28T17:36:13-04:00
Laura French
https://www.scmagazine.com/contributor/laura-french
<p>The open-source .NET package stealthily exfiltrates screenshots from BOZHON equipment.</p>
2024-03-28T17:34:12-04:00
tag:www.scmagazine.com:post,709864
Nothing will change as a result of the Change Healthcare incident
2024-03-28T14:11:47-04:00
Toby Gouker
https://www.scmagazine.com/contributor/toby-gouker
<p>Unless there are major policy and regulatory changes and the industry focuses more on threat sharing, nothing much will change in healthcare.</p>
2024-03-28T13:59:23-04:00
tag:www.scmagazine.com:post,709826
'Darcula’ phishing platform targets postal organizations worldwide
2024-03-28T13:38:53-04:00
Steve Zurier
https://www.scmagazine.com/contributor/steve-zurier
<p>Netcraft researchers say the Chinese-language PhaaS platform targeted postal organization in more than 100 countries, including USPS. </p>
2024-03-28T13:38:40-04:00