Sunday, January 29, 2023
  • Advertise With Us
  • Write For Us
  • Contact Us
  • About Us
  • Editorial Calendar
Download Free Magazine
The Cyber Express
Ransomware 2023 Report
  • Magazine
  • Firewall Daily
    • All
    • Dark Web News
    • Data Breach News
    • Hacks
    • Ransomware
    • Vulnerabilities
    Westmont Hospitality

    ALPHV/BlackCat Ransomware Gang Attacks Westmont Hospitality Group

    cybersecurity

    ‘You are Essentially Funding Cybercriminals When You Pay Ransom’

    Dr Pepper Russian Branch

    Data Breach at Dr Pepper Russian Branch, Mystery Hacker Steals Confidential Info

    Amadey Botnet

    Old Bot in New Bottle: Amadey Botnet Back in Action Via Phishing Sites

    Verizon

    Verizon Customer Data for Sale on Dark Web, New Data Breach Suspected

    GoTo Confirms User Data Stolen With Encryption Key

    GoTo Confirms User Data Stolen With Encryption Key

    HIVE Ransomware

    Hive Ransomware Servers Taken Down in FBI-led Global Law Enforcement Action

    porsche nft

    Porsche NFT Hits Pit Stop, Fake NFT Sale On With Malvertising and Fraud Domains

    Hilton Hotels

    Hilton Hotels Loyalty Program Data Breached, Customer Info for Sale

  • Essentials
    • All
    • Compliance
    • Governance
    • Policy Updates
    • Regulations
    TRAI

    TRAI Asked to Involve MoD in Drafting Big Data Regulations & Policies

    cybersecurity

    Cybersecurity incidents may soon be ‘uninsurable’

    Australia

    Australia Ropes in Tech Veterans to Set Up Cyber Action Plan

    Active Directory

    Prevent Ransomware: Save the Active Directory

    Privacy Penalty Bill

    Privacy Penalty Bill: Australian Parliament Approves Heavy Fines

    Zero Trust Strategy

    US Department of Defense to Embrace Zero Trust Strategy

    browser hijackers

    Researchers Find Browser Hijackers on Google Chrome Web Store

    DORA proposal

    DORA Proposal for Cybersecurity Awaits Full Approval by Council and ESAs

    Privacy penalty bill

    Australia Privacy Penalty Bill 2022: Pay a $50 Million Fine for Data Breaches

    • Regulations
    • Compliance
    • Governance
    • Policy Updates
  • Features
    • Cyber Warfare
    • Espionage
    • Workforce
      • Learning & Development
  • Business News
    • Startups
    • Mergers & Aquisitions
    • Partnerships
    • Appointments
    • Budgets
    • Research
      • Whitepapers
      • Sponsored Content
      • Market Reports
    • Interviews
      • Podcast
  • Events
    • Webinars
    • World CyberCon Middle East 2023
    • Endorsed Events
  • Advertise
No Result
View All Result
The Cyber Express
  • Magazine
  • Firewall Daily
    • All
    • Dark Web News
    • Data Breach News
    • Hacks
    • Ransomware
    • Vulnerabilities
    Westmont Hospitality

    ALPHV/BlackCat Ransomware Gang Attacks Westmont Hospitality Group

    cybersecurity

    ‘You are Essentially Funding Cybercriminals When You Pay Ransom’

    Dr Pepper Russian Branch

    Data Breach at Dr Pepper Russian Branch, Mystery Hacker Steals Confidential Info

    Amadey Botnet

    Old Bot in New Bottle: Amadey Botnet Back in Action Via Phishing Sites

    Verizon

    Verizon Customer Data for Sale on Dark Web, New Data Breach Suspected

    GoTo Confirms User Data Stolen With Encryption Key

    GoTo Confirms User Data Stolen With Encryption Key

    HIVE Ransomware

    Hive Ransomware Servers Taken Down in FBI-led Global Law Enforcement Action

    porsche nft

    Porsche NFT Hits Pit Stop, Fake NFT Sale On With Malvertising and Fraud Domains

    Hilton Hotels

    Hilton Hotels Loyalty Program Data Breached, Customer Info for Sale

  • Essentials
    • All
    • Compliance
    • Governance
    • Policy Updates
    • Regulations
    TRAI

    TRAI Asked to Involve MoD in Drafting Big Data Regulations & Policies

    cybersecurity

    Cybersecurity incidents may soon be ‘uninsurable’

    Australia

    Australia Ropes in Tech Veterans to Set Up Cyber Action Plan

    Active Directory

    Prevent Ransomware: Save the Active Directory

    Privacy Penalty Bill

    Privacy Penalty Bill: Australian Parliament Approves Heavy Fines

    Zero Trust Strategy

    US Department of Defense to Embrace Zero Trust Strategy

    browser hijackers

    Researchers Find Browser Hijackers on Google Chrome Web Store

    DORA proposal

    DORA Proposal for Cybersecurity Awaits Full Approval by Council and ESAs

    Privacy penalty bill

    Australia Privacy Penalty Bill 2022: Pay a $50 Million Fine for Data Breaches

    • Regulations
    • Compliance
    • Governance
    • Policy Updates
  • Features
    • Cyber Warfare
    • Espionage
    • Workforce
      • Learning & Development
  • Business News
    • Startups
    • Mergers & Aquisitions
    • Partnerships
    • Appointments
    • Budgets
    • Research
      • Whitepapers
      • Sponsored Content
      • Market Reports
    • Interviews
      • Podcast
  • Events
    • Webinars
    • World CyberCon Middle East 2023
    • Endorsed Events
  • Advertise
No Result
View All Result
The Cyber Express
No Result
View All Result
Home Cybersecurity News

The Biggest Cybersecurity Decision for 2023

If you are using any version of Microsoft Windows, make sure to update your system as soon as possible.

Chandu Gopalakrishnan by Chandu Gopalakrishnan
January 2, 2023
in Cybersecurity News
0
Biggest Cybersecurity Decision
605
SHARES
3.4k
VIEWS
Share on LinkedInShare on Twitter

New Year’s Day is hardly a day old, and we have the biggest cybersecurity decision currently possible already in our hands: patch Windows vulnerability CVE-2022-37958. If you are using Microsoft Windows of any version, make sure to update your system as soon as possible.

Microsoft had issued an alert on CVE-2022-37958 in December, clearly mentioning that the bug patched in September was still wormable. A spot survey by The Cyber Express among its registered readers found that many are unaware of the bug.

You might also like

ALPHV/BlackCat Ransomware Gang Attacks Westmont Hospitality Group

Hive Ransomware Servers Taken Down in FBI-led Global Law Enforcement Action

League of Legends Source Code Up For Sale a Day After $10m Ransom Demand, Riot Games Confirm Leak

A random survey among 32 CISO leaders across geographies working in organizations across sectors showed that only 17% initiated the patch, that too after the alert in December. An astonishing 43% is yet to ensure a complete update of their systems.

A few respondents actually asked us about the need for the survey. In other words, why the fuss?  

Why is this a big cybersecurity decision? 

CVE-2022-37958 could allow for remote code execution (RCE) on all Windows devices. Microsoft spotted the bug in September and issued a patch, initially believing it only allowed for the disclosure of potentially sensitive information. 

There is currently a vulnerability in the SPNEGO Extended Negotiation (NEGOEX) Security Mechanism, which allows for the negotiation of security mechanisms between a client and server.  

This vulnerability is a pre-authentication remote code execution issue that affects a variety of protocols, including Server Message Block (SMB) and Remote Desktop Protocol (RDP).  

The vulnerability also allows attackers to remotely execute arbitrary code by accessing the NEGOEX protocol through any Windows application that uses authentication.  

The list of affected protocols is not exhaustive and could potentially include Simple Message Transport Protocol (SMTP) and Hyper Text Transfer Protocol (HTTP) when SPNEGO authentication negotiation is enabled for use with Kerberos or Net-NTLM authentication. 

In December, IBM security researcher Valentina Palmiotti discovered that CVE-2022-37958 could lead to RCE. Microsoft re-evaluated the bug in the December 2022 Patch Tuesday update and decided to classify it as a RCE vulnerability rather than an Information Disclosure one.  

It also upgraded the severity of the vulnerability to “Critical” and assigned it a CVSSv3 score of 8.1. The original CVSSv3 score was 7.5 with a severity rating of “High”. 

What makes it deadly is the fact that it has the potential to rival EternalBlue.   

Patching: Cybersecurity decision 101 

The EternalBlue exploit was created by the NSA as a possible attack vector to be used in the cyber-attacks of the future, but it was later released to the public by the Shadow Brokers on April 14, 2017.  

This occurred after Microsoft had already issued patches for the vulnerability. Just over a month later, on May 12, 2017, the WannaCry ransomware attack utilized EternalBlue to target unpatched computers around the world. 

Like EternalBlue, this vulnerability allows attackers to execute malicious code without authentication and is wormable, meaning that one exploit can trigger a chain reaction of self-replicating follow-on exploits on other vulnerable systems.  

However, unlike EternalBlue that was limited to the SMB protocol for file and printer sharing, this latest vulnerability is present in a wider range of network protocols, giving attackers more flexibility.  

A patch has been available for three months. However, as with previous vulnerabilities, The Cyber Express spotted some organizations being slow to deploy patches. In some cases, they missed patching altogether! 

Why firms fail to patch? 

There are several common challenges that contribute to poor patch management within companies, wrote Dan Richings, SVP – Global Presales and Solutions Engineering, at endpoint IT management business Adaptiva. 

One is that employees may be overwhelmed by the constant influx of patches that need to be applied.  

This can result in a backlog of updates that need to be prioritized based on how widely used the affected application is and how severe the security vulnerability is.  

Additionally, the increase in remote work has led to more employees using personal devices for work, which can be harder to secure and monitor for updates.  

Another issue is that different teams within IT may be responsible for different tasks, such as identifying vulnerabilities and applying patches, leading to communication and workflow disruptions.  

Change management processes can also be slow and outdated, causing delays in the patching process. There is also the possibility that the patches themselves may be flawed or compromised, requiring IT teams to carefully test and verify them before deployment.  

Lastly, many patching processes are still done manually, requiring a significant amount of time and resources.

Share this:

  • Click to share on LinkedIn (Opens in new window)
  • Click to share on Reddit (Opens in new window)
  • Click to share on Twitter (Opens in new window)
  • Click to share on Facebook (Opens in new window)
  • More
  • Click to email a link to a friend (Opens in new window)
  • Click to share on WhatsApp (Opens in new window)

Related

Previous Post

Saudi Arabia’s Alwsata Real Estate Co. Targeted, 14 GB Data Exposed

Next Post

Chuck Brooks is The Cyber Express Cybersecurity Person of the Year 2022

Chandu Gopalakrishnan

Chandu Gopalakrishnan

Executive Editor, The Cyber Express

Related Posts

Westmont Hospitality
Cybersecurity News

ALPHV/BlackCat Ransomware Gang Attacks Westmont Hospitality Group

by Chandu Gopalakrishnan
January 28, 2023
HIVE Ransomware
Cybersecurity News

Hive Ransomware Servers Taken Down in FBI-led Global Law Enforcement Action

by Chandu Gopalakrishnan
January 26, 2023
League of Legends
Cybersecurity News

League of Legends Source Code Up For Sale a Day After $10m Ransom Demand, Riot Games Confirm Leak

by Editorial
January 25, 2023
Australia International Task Force
Cybersecurity News

Australia Launches International Task Force to Counter Ransomware

by Chandu Gopalakrishnan
January 25, 2023
Zoho ManageEngine Vulnerability
Cybersecurity News

CERT-IN Issues Alert on Zoho ManageEngine Vulnerability

by Chandu Gopalakrishnan
January 19, 2023
Next Post
Cybersecurity Person of the Year 2022

Chuck Brooks is The Cyber Express Cybersecurity Person of the Year 2022

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest Issue is Out. Subscribe Now

Cybersecurity Person of The Year 2023
Download Now

Sign Up For Newsletter

Name*

Recommended

Play Ransomware

After Antwerp, Play Ransomware Hits Argentina

December 16, 2022
YouTube bot

This YouTube Bot Malware Increases Views, And Steals Your Data!

December 26, 2022

Categories

  • Appointments
  • Budgets
  • Business News
  • Compliance
  • Cyber Essentials
  • Cyber Warfare
  • Cybersecurity News
  • Dark Web News
  • Data Breach News
  • DDoS Attacks
  • Espionage
  • Features
  • Firewall Daily
  • Gitex2022
  • Governance
  • Hacks
  • How to
  • Interviews
  • Learning & Development
  • Main Story
  • Malware News
  • Mergers & Aquisitions
  • Partnerships
  • Podcast
  • Policy Updates
  • Press Release
  • Ransomware
  • Regulations
  • Research
  • Resources
  • Startups
  • Vulnerabilities
  • Workforce

Don't miss it

Westmont Hospitality
Cybersecurity News

ALPHV/BlackCat Ransomware Gang Attacks Westmont Hospitality Group

January 28, 2023
SOCs
Features

SOCs to Face Greater Challenges from Cybercriminals Targeting Govt. and Media in 2023

January 28, 2023
cybersecurity
Firewall Daily

‘You are Essentially Funding Cybercriminals When You Pay Ransom’

January 28, 2023
Dr Pepper Russian Branch
Data Breach News

Data Breach at Dr Pepper Russian Branch, Mystery Hacker Steals Confidential Info

January 27, 2023
How to protect and recover your Facebook and Instagram accounts – a complete guide
Resources

How to protect and recover your Facebook and Instagram accounts – a complete guide

January 27, 2023
Amadey Botnet
Firewall Daily

Old Bot in New Bottle: Amadey Botnet Back in Action Via Phishing Sites

January 27, 2023

About

The Cyber Express

Cybersecurity News and Magazine

The Cyber Express is a handbook for all stakeholders of the internet that provides information security professionals with the latest news, updates and knowledge they need to combat cyber threats.

Follow The Cyber Express

Contact

For editorial queries: [email protected]

For marketing, PR & media partnerships: [email protected]

For media kit and digitals sales: [email protected]

For Sponsorship/Event Partnership: [email protected]

For Conferences related information: [email protected]

Our Address

We’re remote friendly, with office locations around the world:

San Francisco, Atlanta, Rome,
Dubai, Mumbai, Bangalore, Hyderabad,  Singapore, Jakarta, Sydney, and Melbourne

 

Headquarters:

The Cyber Express LLC
555 North Point Center E
Alpharetta, GA 30022, USA.

Tel: (678) 578-8838

Subscribe to Our Feed

RSS Feeds

© 2022 The Cyber Express | By Cyble Inc.

No Result
View All Result
  • Firewall Daily
  • Business News
  • Cyber Essentials
  • Features
  • Cybersecurity Magazine
  • Events
    • World CyberCon Middle East 2023
    • Webinars

© 2022 The Cyber Express | By Cyble Inc.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.