Skip to content

SolarWinds & Trickbot: Cybersecurity News from the Week of 07/12/21

Posted by: GuidePoint Security

2 min read

Published: July 21, 2021, 9:30am

Vulnerabilities and patches dominated the news last week, including a new critical patch issued by SolarWinds and vulnerabilities discovered in programmable logic controllers used in millions of manufacturing, utilities, and automation devices. The notorious TrickBot malware also continued its resurgence last week as Russian-based criminals continued to overhaul the Trickbot attack infrastructure.

Final Words

No software is perfect, and threat actors will do everything in their power to find a way to breach a system. That’s why it is so important for businesses to acknowledge that bugs do exist and to work with security researchers to identify and patch any type of vulnerability. To their credit, businesses that distribute software and hardware are stepping up to the plate. Organizations are increasingly recognizing the challenges associated with vulnerabilities and urging their users to patch, patch, patch.

Yet even with information and patches in hand, thousands (if not millions) of businesses are failing to patch vulnerabilities in a timely manner. (Or, in some cases, ever!)

Good patch management practices are critical to securing a business. Organizations are reminded to:

  • Apply patches promptly and according to patch release cycles.
  • Run regularly scheduled vulnerability scans.
  • Run scan reports and conduct additional research on potential application or system vulnerabilities.
  • Prioritize patching to the highest risk applications.
  • Patch all software/hardware vulnerabilities and not limit patching to only high-profile applications, like Microsoft.
  • Clearly define the team responsible for patch management and make sure they’re adequately staffed.
  • Test the patches before deployment.
  • Grant the patch management team the right levels of authority to get the work done.

As massively large-scale breaches go global, getting back the basics of patch management can go a long way to protect businesses.

Categories: Blog Cybersecurity

GuidePoint Security

Countering The Threat Of Spear-Phishing
With Spear-Phishing, many organizations feel like their tools will help them stop the attacks. This is true at some levels, […]
Download

Related Articles

View All

  • Security Awareness & Education
Countering The Threat Of Spear-Phishing
Read More < 1 min read
  • Threat & Attack Simulation
This Caller Does Not Exist: Using AI to Conduct Vishing Attacks
Posted by: Andre Rosario
Read More 10 min read
  • Blog
Identities and IAM Trends: Q&A With a Saviynt Identity Expert
Posted by: Ben MartinMooney
Read More 4 min read