Patch/Configuration Management

Related Videos

Misconfiguration, The Forgotten Vulnerability and the Power and Failure of “Yes” – Danny Jenkins – BSW #409

August 20, 2025

The industry is obsessed with vulnerabilities. From vulnerability assessment to vulnerability management to exposure management and even zero days, we love to talk about vulnerabilities. But what about misconfiguration? By definition it's a vulnerability or weakness, but it doesn't have a CVE (common vulnerability enumeration). Should we ignore it?...

Debugging binary code with bug inside magnifying glass

Vulnerability Management

Actively exploited flaws persist in hundreds of N-able N-central instances

SC StaffAugust 19, 2025

Over 870 online instances of the N-able N-central management, automation, and orchestration tool used by managed service providers continue to be impacted by the insecure deserialization flaw, tracked as CVE-2025-8875, and command injection vulnerability, tracked as CVE-2025-8876, which have been exploited in limited attacks, SecurityWeek reports.

Ransomware

Modular ‘PipeMagic’ backdoor used to deploy ransomware

Laura FrenchAugust 18, 2025

The stealthy backdoor framework comes disguised as a legitimate ChatGPT desktop application.

Security Operations

Cisco patches Firewall Management Center bug rated 10.0

Steve ZurierAugust 18, 2025

Security pros consider this a “patch now” flaw because an exploit could let attackers gain admin control and move laterally.

Vulnerability Management

Updated CISA vulnerabilities list adds WinRAR, Microsoft bugs

SC StaffAugust 14, 2025

Observed attacks involving the recently disclosed WinRAR path traversal flaw, tracked as CVE-2025-8088, and the older Microsoft Internet Explorer resource management errors issue and Microsoft Excel remote code execution bug, tracked as CVE-2013-3893 and CVE-2007-0671, have prompted their inclusion in the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog, reports Security Affairs.

Vulnerability Management

Dozens of Adobe vulnerabilities fixed

SC StaffAugust 14, 2025

Over 60 security flaws have been resolved by Adobe across its product offerings as part of this month's Patch Tuesday, SecurityWeek reports.

Vulnerability Management

High-severity Matrix messaging protocol vulnerabilities addressed

SC StaffAugust 14, 2025

Updates have been issued by the Matrix Foundation to resolve a pair of high-severity flaws in the Matrix federated communications protocol, according to The Record, a news site by cybersecurity firm Recorded Future.

Security Operations

Xerox fixes critical RCE flaw in FreeFlow Core software

Laura FrenchAugust 13, 2025

A path traversal bug could enable an attacker to place a webshell on the victim’s server.

Patch/Configuration Management

Related Videos

A couple simple steps companies can take to protect their systems from ransomware

Misconfiguration, The Forgotten Vulnerability and the Power and Failure of “Yes” – Danny Jenkins – BSW #409

Actively exploited flaws persist in hundreds of N-able N-central instances

Modular ‘PipeMagic’ backdoor used to deploy ransomware

Cisco patches Firewall Management Center bug rated 10.0

Updated CISA vulnerabilities list adds WinRAR, Microsoft bugs

Dozens of Adobe vulnerabilities fixed

High-severity Matrix messaging protocol vulnerabilities addressed

Xerox fixes critical RCE flaw in FreeFlow Core software

Fast Five

Selected by the SC Media Editorial team every Tuesday.