SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) ISC StormCast for Wednesday, December 11th, 2024
5 snips
Dec 11, 2024 The latest cybersecurity updates from Microsoft tackle 71 vulnerabilities, with 16 deemed critical, emphasizing the importance of timely patching. Ivanti reveals serious authentication issues while Microsoft plans to phase out NTLM authentication. A rediscovered feature in Visual Studio Code could enhance security, alongside a discussion on mitigating NTLM relay attacks. Stay informed to protect your digital environment.
AI Snips
Chapters
Transcript
Episode notes
Regular Patching
- Patch your systems regularly.
- There's no need to rush patching this month unless you have exposed Remote Desktop Services.
Remote Desktop Vulnerabilities
- Numerous critical vulnerabilities were found in Windows Remote Desktop Services.
- Exposing these services to the internet is inherently risky, regardless of patches.
Ivanti Vulnerabilities
- Ivanti's Cloud Services Application had critical vulnerabilities, including a 10.0-rated authentication bypass.
- Update to version 5.0 to mitigate these issues, especially in exposed admin consoles.