Month: January 2021

Risk-Based Vulnerability Management: Focus On The Vulnerabilities That Pose The Greatest Risk

Security teams are dealing with more vulnerabilities than they can handle. Spreading these limited – and valuable – resources too thin can quickly lead to inefficiency and job burnout. The last thing you need is to waste precious time remediating vulnerabilities that pose little to no risk.

With risk-based vulnerability management, you can automate the prioritization process. You'll know exactly which vulnerabilities are likely to be exploited – and the ones that will cause the biggest impact on the business. Download the Focus On The Vulnerabilities That Pose The Greatest Risk ebook now to:

  • See how risk-based vulnerability management answers, 'What should we fix first?'
  • Understand why legacy vulnerability management is no match for today's digital world
  • Find out why CVSS fails as a prioritization tool – and why it's imperative to consider business context, including vulnerability data, threat intelligence and asset criticality


    In September 2020 details of a critical vulnerability known as ‘ZeroLogon’ were published. This vulnerability affects Windows NetLogon processes and referenced as CVE-2020-1472. The publication coincided with the August 2020 Windows Security Update release, which addressed this vulnerability before it became widely known and distributed among threat actors. Since its announcement, proof-of-concept exploits have been detected, and a module for exploiting CVE-2020-1472 has been added into the Metasploit framework.


    Continue reading

    Why outbound email is your biggest risk

    From replying to spear-phishing attacks to Bcc errors and wrong recipients, outbound email is the number one security threat your organisation faces. This report shows the reality of this risk, its impact and the solution you need to be aware of.

    Download now to:

    • Recognise the risks – Understand how employees cause email data breaches
    • See how often incidents occur – Uncover how often your organisation is put at risk
    • Evaluate their impacts – Find out more about the repercussions of email security incidents
    • Know your options – Understand why intelligent email security is now the standard

    Fill in the form below for instant access to the full report…


      On the 12th of January 2021, Microsoft released the first cumulative patch of the new year, with eighty-three security vulnerabilities rectified across a range of Microsoft products. The most significant of these fixes related to a zero-day vulnerability within Microsoft Defender, the integrated anti-virus of Windows operating systems.

      This vulnerability is being tracked and identified as CVE-2021-1647 and described as a Remote Code Execution (RCE) vulnerability allowing threat actors to infect target systems with executable code.


      Continue reading

      As we enter the 'next normal,' Blancco explores behavior around e-waste, sustainable practices and the environment.

      Thanks to a pandemic-led surge of remote work, organizations worldwide are shifting gears to protect data on laptops and tablets distributed outside the traditional office environment. When decommissioning these devices, enterprises must continue to enforce data security—while minimizing their contribution to today's unprecedented growth of e-waste.

      Based on responses from 600 enterprise decision makers around the globe, this research study explores:

      • Enterprise behavior around e-waste, device disposal practices and the environment
      • The challenges in executing e-waste and corporate social responsibility (CSR) policies regarding device disposal
      • How COVID-19 response has changed enterprises' approach to e-waste and end-of-life device management

      Finally, we identify areas enterprises need to address to be environmentally responsible and confident about data protection and compliance.

      Get the report now.

        This report is based on an extensive survey of 600 decision makers for data sanitization policy and procedures with job titles of Chief Financial Officer, Head of Operations, Data Protection Officer, Head of IT Operations, IT Asset Manager, Head of Legal, Chief Information Security Officer, and Head of Compliance.

        The research was undertaken by independent research company Coleman Parkes in September 2020.