Category: alerts

Microsoft’s May Patch Tuesday update is triggering authentication errors. Read more

Original release date: May 13, 2022 CISA is temporarily removing CVE-2022-26925 from its Known Exploited Vulnerability Catalog due to a risk of authentication failures when the May 10, 2022 Microsoft rollup update is applied to domain controllers. After installing May 10, 2022 rollup update on domain controllers, organizations might experience authentication failures on the server or… Read more

Tony Lauro, director of security technology and strategy at Akamai, discusses reducing your company’s attack surface and the “blast radius” of a potential attack. Read more

Original release date: May 9, 2022 | Last revised: May 11, 2022   High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info N/A — N/A   On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and… Read more

Dell and HP were among the first to release patches and fixes for the bug. Read more

Original release date: May 11, 2022 The cybersecurity authorities of the United Kingdom, Australia, Canada, New Zealand, and the United States have released joint Cybersecurity Advisory (CSA), Protecting Against Cyber Threats to Managed Service Providers and their Customers, to provide guidance on how to protect against malicious cyber activity targeting managed service providers (MSPs) and… Read more

Microsoft’s May Patch Tuesday roundup also included critical fixes for a number of flaws found in infrastructure present in many enterprise and cloud environments. Read more

Why a private college that stayed in business for 157 years had to close after the combo of COVID-19 and ransomware proved too much. Read more

Original release date: May 11, 2022 Summary Tactical actions for MSPs and their customers to take today: • Identify and disable accounts that are no longer in use. • Enforce MFA on MSP accounts that access the customer environment and monitor for unexplained failed authentication. • Ensure MSP-customer contracts transparently identify ownership of ICT security… Read more

Original release date: May 9, 2022 | Last revised: May 10, 2022 Microsoft has released a security advisory to address a remote code execution vulnerability affecting Azure Data Factory and Azure Synapse Pipelines. A remote attacker could exploit this vulnerability to take control of an affected system.  CISA encourages users and administrators to review Microsoft… Read more