-
Tyler Reguly
Blog
VERT Threat Alert: May 2024 Patch Tuesday Analysis
By Tyler Reguly on Tue, 05/14/2024
Image
Today’s VERT Alert addresses Microsoft’s May 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1106 as soon as coverage is completed.
In-The-Wild & Disclosed CVEs
CVE-2024-30040
Up first this month, we have a security feature bypass in MSHTML. More specifically, we...
Blog
The Impact of NIST SP 800-171 on SMBs
By Josh Breaker-Rolfe on Mon, 05/06/2024
Image
From more broad laws like GDPR to industry-specific regulations like HIPAA, most organizations today must comply with some kind of data protection guideline. Some businesses may even have to comply with numerous data protection regulations. As such, compliance with data protection regulations has become increasingly complicated....
Blog
VERT Threat Alert: April 2024 Patch Tuesday Analysis
By Tyler Reguly on Tue, 04/09/2024
Image
Today’s VERT Alert addresses Microsoft’s April 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1101 as soon as coverage is completed.
In-The-Wild & Disclosed CVEs
CVE-2024-26234
This CVE describes a Proxy Driver Spoofing Vulnerability that, thanks to Microsoft’s...
Blog
VERT Threat Alert: March 2024 Patch Tuesday Analysis
By Tyler Reguly on Tue, 03/12/2024
Image
Today’s VERT Alert addresses Microsoft’s March 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1097 as soon as coverage is completed.
In-The-Wild & Disclosed CVEs
There were no in-the-wild or disclosed CVEs included in the March Patch Tuesday release.
CVE...
Blog
VERT Threat Alert: February 2024 Patch Tuesday Analysis
By Tyler Reguly on Tue, 02/13/2024
Image
Today’s VERT Alert addresses Microsoft’s February 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1093 as soon as coverage is completed.
In-The-Wild & Disclosed CVEs
CVE-2024-21351
This CVE describes a bypass in the Windows SmartScreen Security Feature. At this...
Blog
Resolving Top Security Misconfigurations: What you need to know
By Jeff Moline on Mon, 01/22/2024
Image
One of the most common factors that can lead to cybersecurity incidents is a security misconfiguration in software or application settings. The default settings that come with the implementation of these tools and solutions are often not configured securely, and many organizations do not invest the time and resources into...
Blog
VERT Threat Alert: January 2024 Patch Tuesday Analysis
By Tyler Reguly on Tue, 01/09/2024
Image
Today’s VERT Alert addresses Microsoft’s January 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1088 as soon as coverage is completed.
In-The-Wild & Disclosed CVEs
There were no in-the-wild or disclosed CVEs included in the January Patch Tuesday drop.
CVE...
Blog
VERT Threat Alert: December 2023 Patch Tuesday Analysis
By Tyler Reguly on Tue, 12/12/2023
Image
Today’s VERT Alert addresses Microsoft’s December 2023 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1086 on Wednesday, December 13th.
In-The-Wild & Disclosed CVEs
CVE-2023-20588
AMD has released AMD-SB-7007 – Speculative Leaks Security Notice, which describes how...
Blog
NIST CSF 2.0: What you need to know
By Antonio Sanchez on Mon, 12/11/2023
Image
Organizations looking to protect their sensitive data and assets against cyberattacks may lack the ability to build a cybersecurity strategy without any structured help. The National Institute of Standards and Technology (NIST) has a free, public framework to help any organization mature its IT security posture. Recently, the...
Blog
VERT Threat Alert: November 2023 Patch Tuesday Analysis
By Tyler Reguly on Tue, 11/14/2023
Image
Today’s VERT Alert addresses Microsoft’s November 2023 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1082 on Wednesday, November 15th.
In-The-Wild & Disclosed CVEs
CVE-2023-36033
A vulnerability in the Microsoft Desktop Window Manager (DWM) could allow an attacker to...
Blog
VERT Threat Alert: October 2023 Patch Tuesday Analysis
By Tyler Reguly on Tue, 10/10/2023
Image
Today’s VERT Alert addresses Microsoft’s October 2023 Security Updates, which includes a recently introduced release notes format. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1077 on Wednesday, October 11th.
In-The-Wild & Disclosed CVEs
CVE-2023-41763
While this vulnerability is...
Blog
Closing Integrity Gaps with NIST CSF
By Lane Thames on Wed, 09/27/2023
Image
The then-new 2014 NIST Cybersecurity Framework (CSF) was designed to plug security gaps in operational technology. It’s still in use today and more relevant than ever. Fortra’s whitepaper provides a cohesive review of this security staple and how to glean the best out of it for your strategy.
A Brief History of NIST CSF
“The...
Blog
VERT Threat Alert: September 2023 Patch Tuesday Analysis
By Tyler Reguly on Tue, 09/12/2023
Image
Today’s VERT Alert addresses Microsoft’s September 2023 Security Updates, which includes a recently introduced release notes format. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1073 on Wednesday, September 13th.
In-The-Wild & Disclosed CVEs
CVE-2023-36761
Microsoft has indicated that...
Blog
VERT Threat Alert: August 2023 Patch Tuesday Analysis
By Tyler Reguly on Tue, 08/08/2023
Image
Today’s VERT Alert addresses Microsoft’s August 2023 Security Updates, which includes a recently introduced release notes format. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1068 on Wednesday, August 9th.
In-The-Wild & Disclosed CVEs
CVE-2023-38180
A vulnerability in Kestrel could...
Blog
VERT Threat Alert: July 2023 Patch Tuesday Analysis
By Tyler Reguly on Tue, 07/11/2023
Image
Today’s VERT Alert addresses Microsoft’s July 2023 Security Updates, which include a new release notes format. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1064 on Wednesday, July 12th.
In-The-Wild & Disclosed CVEs
CVE-2023-32046
A vulnerability in MSHTML could allow an attacker to...
Blog
VERT Threat Alert: June 2023 Patch Tuesday Analysis
By Tyler Reguly on Tue, 06/13/2023
Image
Today’s VERT Alert addresses Microsoft’s June 2023 Security Updates, which include a new release notes format. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1060 on Wednesday, June 14th.
In-The-Wild & Disclosed CVEs
There were no in-the-wild or disclosed CVEs in the June Patch Tuesday...
Blog
VERT Threat Alert: May 2023 Patch Tuesday Analysis
By Tyler Reguly on Tue, 05/09/2023
Image
Today’s VERT Alert addresses Microsoft’s May 2023 Security Updates, which include a new release notes format. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1055 on Wednesday, May 10th.
In-The-Wild & Disclosed CVEs
CVE-2023-29336
Up first this month is a vulnerability reported by Avast...
Blog
VERT Threat Alert: April 2023 Patch Tuesday Analysis
By Tyler Reguly on Tue, 04/11/2023
Image
Today’s VERT Alert addresses Microsoft’s April 2023 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1050 on Wednesday, April 12th.
In-The-Wild & Disclosed CVEs
CVE-2023-28252
A vulnerability in the Common Log File System (CLFS) Driver has been exploited in-the-wild....
Blog
VERT Threat Alert: March 2023 Patch Tuesday Analysis
By Tyler Reguly on Tue, 03/14/2023
Image
Today’s VERT Alert addresses Microsoft’s March 2023 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1046 on Wednesday, March 15th.
In-The-Wild & Disclosed CVEs
CVE-2023-24880
Up first this month is a publicly disclosed and exploited vulnerability impacting Windows...