SolarWinds & Trickbot: Cybersecurity News from the Week of 07/12/21

2 min read

Published: July 21, 2021, 9:30am

Vulnerabilities and patches dominated the news last week, including a new critical patch issued by SolarWinds and vulnerabilities discovered in programmable logic controllers used in millions of manufacturing, utilities, and automation devices. The notorious TrickBot malware also continued its resurgence last week as Russian-based criminals continued to overhaul the Trickbot attack infrastructure.

Final Words

No software is perfect, and threat actors will do everything in their power to find a way to breach a system. That’s why it is so important for businesses to acknowledge that bugs do exist and to work with security researchers to identify and patch any type of vulnerability. To their credit, businesses that distribute software and hardware are stepping up to the plate. Organizations are increasingly recognizing the challenges associated with vulnerabilities and urging their users to patch, patch, patch.

Yet even with information and patches in hand, thousands (if not millions) of businesses are failing to patch vulnerabilities in a timely manner. (Or, in some cases, ever!)

Good patch management practices are critical to securing a business. Organizations are reminded to:

Apply patches promptly and according to patch release cycles.
Run regularly scheduled vulnerability scans.
Run scan reports and conduct additional research on potential application or system vulnerabilities.
Prioritize patching to the highest risk applications.
Patch all software/hardware vulnerabilities and not limit patching to only high-profile applications, like Microsoft.
Clearly define the team responsible for patch management and make sure they’re adequately staffed.
Test the patches before deployment.
Grant the patch management team the right levels of authority to get the work done.

As massively large-scale breaches go global, getting back the basics of patch management can go a long way to protect businesses.

Services

Application Security

Strategic Solutions

Tactical Assessment

Managed Security

Services by Platform

Professional Services

Resources

Professional Services

Resources

Professional Services

Resources

Professional Services

Professional Services

Governance Services

Business Resiliency

Risk Services

Managed Security

Compliance Services

Professional Services

IAM Pillars

Managed Security

Proactive Services

Reactive Services

Managed Security

Advisory Services

Security Program Management

Third-Party Managed Services

"As A Service" Offerings

Security Program Management

Professional Services

Implementation & Administration

Managed Security

Professional Services

Resources

Professional Services

Resources

Professional Services

Platform-Specific Services

Managed Security

Robust Staffing Solutions

Managed Security

Threat Emulation

Tactical Assessment

Vulnerability Management

Managed Security

Technologies

Technology Solutions

Government Solutions

ABOUT GOVERNMENT SOLUTIONS

GSA Contract

DOD ESI Contract

SeaPort Next Generation (SeaPort-NxG)

Emerging Cyber Vendor Program

Company

ABOUT GUIDEPOINT SECURITY

Customers

GuidePoint Security Financial

GuidePoint Security University

GuidePoint Research and Intelligence Team (GRIT®)

Contact Us

Resources

Resource Library

Events

Blog

Featured Resources

SolarWinds & Trickbot: Cybersecurity News from the Week of 07/12/21

Final Words

Related Articles