Brian Greenberg :verified:<p>☢️😱 A US nuclear weapons agency has reportedly been breached in the recent Microsoft SharePoint vulnerability attacks. It turns out on‑prem SharePoint servers were compromised via a zero‑day, hitting dozens of organizations including the National Nuclear Security Administration. Microsoft patched it only after hackers had already exfiltrated countless credentials and moved laterally within the networks, which raises questions on how Microsoft handles legacy systems and patch management. 🤷♂️</p><p>TL;DR<br>⚠️ Zero‑day in on‑prem SharePoint allowed remote code execution<br>🔐 Affected at least 50 entities including NNSA, but no classified data leaked? Maybe?<br>🛠️ Cloud‑based SharePoint remained untouched, on‑prem took the hit<br>📌 Response: patch, isolate, rotate credentials, audit enterprise policies, and demand more from your vendors!</p><p><a href="https://www.theverge.com/news/712080/microsoft-sharepoint-hack-us-nuclear-weapons-agency" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">theverge.com/news/712080/micro</span><span class="invisible">soft-sharepoint-hack-us-nuclear-weapons-agency</span></a><br><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/zeroday" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>zeroday</span></a> <a href="https://infosec.exchange/tags/patchmanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>patchmanagement</span></a> <a href="https://infosec.exchange/tags/cloudsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cloudsecurity</span></a> <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://infosec.exchange/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> <a href="https://infosec.exchange/tags/cloud" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cloud</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/MicrosoftFail" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MicrosoftFail</span></a></p>
Administered by:
#patchmanagement
1 post1 participant0 posts today
Trend Micro has just closed the door on critical flaws that could’ve let hackers run code in your security setup. Are you up to date with the latest patch fixes?
#trendmicro
#cybersecurity
#vulnerability
#patchmanagement
#remotecodeexecution
By their design, ransomware attacks are hard to undo once they’ve hit your computer, which makes prevention far better than cure. With a comprehensive backup solution, even if a ransomware attack penetrates the many layers of protection, you’ve got the ability to roll back to before the attack and keep all your precious data.
https://www.solidarityit.com/2025/01/20/ransomware-reminder/
Solidarity IT · Vulnerable Virgil: Ransomware - Solidarity ITAre you familiar with ransomware? It’s a type of malware that, as the name implies, makes money for the attacker by holding files to ransom. How Does it Work? To achieve this, the ransomware encrypts files on a target’s computer and then offers the affected target’s user a chance to decrypt those files again in […]
Ivanti's hardcoded key slip is like leaving your house key under the mat—suddenly, sensitive SQL creds are an open invitation for attackers. Is your system protected with the latest update?
#ivantiworkspacecontrol
#cybersecurity
#vulnerabilitymanagement
#infosec
#patchmanagement
Windows Admins—Don’t Delete That Empty inetpub Folder!
Microsoft has released a PowerShell script to restore the C:\inetpub folder created by the April 2025 security update after many users mistakenly deleted it, not realizing it plays a critical role in mitigating a high-severity privilege escalation vulnerability (CVE-2025-21204).
This seemingly empty folder helps protect against attackers escalating privileges using symbolic link abuse, and deleting it can leave your organization vulnerable. If you have already deleted it, Microsoft has a restoration script.
Read the details: https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-script-to-restore-inetpub-folder-you-shouldnt-delete/
Cisco's recent flaws could let hackers swipe your cloud credentials and even take control of your network. Are you sure your systems are secure? Learn how to stay ahead of the threat.
#cisco
#cybersecurity
#vulnerabilities
#cloudsecurity
#patchmanagement
DragonForce just exploited weaknesses in the SimpleHelp platform, giving attackers a backdoor into MSP networks and client data. Could your defenses be the next weak link?
#dragonforceransomware
#simplehelpvulnerabilities
#cybersecurity
#patchmanagement
#ransomwareattack
Cybersecurity isn’t just about smart tech, it’s about getting the basics right.
Patch Management might seem basic, but it’s still one of the most critical defences against cyber threats. Unpatched software leaves the door open for cybercriminals.
Protect-IT keeps your systems secure by ensuring your computer is always up to date. Don’t let the fundamentals slip, your business depends on it.
Imagine if every patch update was treated like a potential threat. ThreatLocker’s zero trust approach audits every change before deployment, keeping vulnerabilities in check and hackers at bay. Ready for a security revolution?
https://thedefendopsdiaries.com/threatlocker-a-security-first-approach-to-patch-management/
#threatlocker
#patchmanagement
#zerotrust
#cybersecurity
#infosec
Cyber threats are evolving; are your defences keeping up?
Patch management is your first line of defence against data breaches, downtime, and compliance issues. By regularly updating your systems, you close security gaps, boost performance, and keep your business running smoothly. Stay secure Stay compliant Stay efficient
Follow the link to find out more:
https://www.solidarityit.com/landing/patchmanagement
Die nächsten Tage werde ich mal beobachten und testen, ob ich mit der EU Schwachstellendatenbank EUVD klarkomme und ggf. genug und zeitnahe Informationen zu Software Schwachstellen erhalte.
Bisher hatte ich für's alerting einen CISA rss feed abonniert, aber der ist nun wohl Geschichte.
CVE deatials hat wohl einen rss feed...
euvd.enisa.europa.euEUVDEuropean Vulnerability Database
Ivanti's latest flaw lets attackers bypass authentication in a snap. Is your ITSM system patched up before it’s too late? Dive into why swift patch management is a must for keeping your data safe.
https://thedefendopsdiaries.com/understanding-critical-vulnerabilities-in-ivanti-neurons-for-itsm/
When Visibility Meets Action in NHS Cybersecurity – Source: heimdalsecurity.com https://ciso2ciso.com/when-visibility-meets-action-in-nhs-cybersecurity-source-heimdalsecurity-com/ #rssfeedpostgeneratorecho #HeimdalSecuritycom #CyberSecurityNews #heimdalsecurity #Patchmanagement #Industrytrends
CISO2CISO.COM & CYBER SECURITY GROUP · When Visibility Meets Action in NHS Cybersecurity – Source: heimdalsecurity.comSource: heimdalsecurity.com - Author: Danny Mitchell In NHS cybersecurity, one problem keeps security teams up at night: the gap between spotti
Aggiornamenti Windows 11 a pagamento? Facciamo chiarezza
#Aggiornamenti #Costi #Hotpatching #Laptop #Microsoft #Notizie #Novità #PatchManagement #PC #Server #Sicurezza #SistemaOperativo #Software #Windows11
https://www.ceotech.it/aggiornamenti-windows-11-a-pagamento-facciamo-chiarezza/