4 min read

[Security Tip] July Security Threats Summarized

By Prime Care Tech Security Team on Thu, Aug 04, 2022 @ 12:23 PM

Each week our security team tracks threats, vulnerabilities, and patches announced by leading IT experts and vendors to ensure we prioritize, address, and communicate them to our managed IT services clients.

Below you'll find our monthly recap of all events. To check previous reports, see 2022 Security Threats.

If you're not a client, make sure your team knows about these security events, as well as future ones. Just click below to sign up. 

KEEP ME UPDATED

 

High Impact

Company/Source Product Type
Google Chrome Security updates

 

Medium Impact

Company/Source Product Type
Microsoft Multiple Security updates
(July  2022)

 

Low Impact

Company/Source Product Type
Apple Multiple Security updates

 

No Impact on Our Clients/FYI

Company/Source Product Type
Cisco Multiple Security updates
Citrix Hypervisor Security updates
Open SSL Multiple Security updates
Oracle Multiple Security updates

 

As part of our primeCLOUD services suite, we partner with leading IT vendors to offer security services like ransomware protection, phishing training, multi-factor authorization (MFA), data backup/recovery, and more.

If you're not confident your organization is on top of security threats, vulnerabilities, and patches, it may be time to conduct a cyber security audit.

Conduct Self-Audit Now

Or better, get in touch and let us walk you through critical items for your security checklist.

Topics: primeCLOUD cyber security security vulnerabilities cyber criminals security patches security threats
5 min read

[Security Tip] June Security Threats Summarized

By Prime Care Tech Security Team on Tue, Jul 05, 2022 @ 04:20 PM

Each week our security team tracks threats, vulnerabilities, and patches announced by leading IT experts and vendors to ensure we prioritize, address, and communicate them to our managed IT services clients.

Below you'll find our monthly recap of all events. To check previous reports, see 2022 Security Threats.

If you're not a client, make sure your team knows about these security events, as well as future ones. Just click below to sign up. 

KEEP ME UPDATED

 

High Impact

Company/Source Product Type
Microsoft Multiple Workaround guidance for MSDT Follina vulnerability

 

Medium Impact

Company/Source Product Type
CISA Multiple Recommended mitigations for Karakurt Data Extortion Group
Citrix Application Delivery Management Security update
Google Chrome Security updates
(June 10 and 22)
Microsoft Multiple Security updates
(June  2022)

 

Low Impact

Company/Source Product Type
Mozilla Firefox, Firefox ESR, Thunderbird Security updates

 

No Impact on Our Clients/FYI

Company/Source Product Type
Adobe Multiple Security updates
Atlassian Confluence Server and Data Center Security updates (CVE-2022-26134)
CISA Multiple Security updates
Cisco Multiple Security updates
Drupal Multiple Security updates
SAP Multiple Security updates

 

As part of our primeCLOUD services suite, we partner with leading IT vendors to offer security services like ransomware protection, phishing training, multi-factor authorization (MFA), data backup/recovery, and more.

If you're not confident your organization is on top of security threats, vulnerabilities, and patches, it may be time to conduct a cyber security audit.

Conduct Self-Audit Now

Or better, get in touch and let us walk you through critical items for your security checklist.

Topics: primeCLOUD cyber security security vulnerabilities cyber criminals security patches security threats
2 min read

[Security Tip] Anti-Virus Is Simply Not Enough

By Prime Care Tech Office of Security and Compliance on Mon, Jun 20, 2022 @ 11:29 AM

It’s safe to say traditional antivirus software simply isn’t enough to protect against cyber-attacks anymore. The current threat landscape and cyber insurance carriers demand a proactive approach to security. It’s time to update your antivirus solutions – and immediately.

One updated defense solution is endpoint detection and response (EDR).  EDR complements and enhances current anti-virus and firewall security protocols to help thwart attacks and optimize threat hunting operations. It is not a replacement for these security platforms but another essential tool in the security stack. But what exactly is EDR?

How Does EDR Protect Your Organization

As threat actors are getting more sophisticated, you need to as well. Traditional anti-virus and anti-malware software are no longer considered sufficient to thwart cyberattacks; it’s too easily bypassed. One of the next-generation tools in protecting devices is EDR, which goes well beyond standard anti-virus/anti-malware.

EDR is an integrated endpoint (i.e., desktops/laptops) security protocol that combines endpoint data collection and continuous real-time monitoring with rules-based automated response and behavioral analysis capabilities. In other words, this is a security system that proactively detects and investigates suspicious activity on hosts (i.e., servers) and endpoints.

The primary objectives of EDR security systems are as follows:

  • Automatically identify and respond to known threats, remove or contain them, and alert the security team
  • Continuously analyze data to identify threat patterns or suspicious behavior quickly
  • Monitor and collect activity data from various endpoints and look out for potential threats

Wrapping Up

We’re all acutely aware of the risks from various cyber threat actors around the world. It is our job and yours to do everything in our collective power to keep our networks and data safe. One small misstep by you or an employee (i.e., clicking on a link or opening an attachment in a phishing email), can lead to catastrophic results.

This is why many of you carry cyber insurance, and rightly so. The cyber insurance carriers are there to help “put you back together” in the event of a ransomware attack. As the success of ransomware attacks and cyber insurance carrier payouts increase, the cyber insurance carriers react by requiring you to implement more stringent information technology defenses, such as EDR. Consequently, deploying EDR has become table stakes in addressing cyber threats.

Prime Care's partnership with McAfee can help. 

Conduct Self-Audit Now

Topics: cyber security malware cyber attack antivirus Endpoint Detection and Response edr
6 min read

[Security Tip] 13% Increase in Ransomware + May Security Summary

By Prime Care Tech Marketing on Sat, Jun 04, 2022 @ 08:45 AM

This week, McKnight's Senior Living highlighted the latest from Verizon – Ransomware attacks rise 13 percent year over year. This serves as an excellent reminder for organizations to continue in their vigilant tracking of threats, vulnerabilities, and patches. Our primeCLOUD clients receive a list of security threats, vulnerabilities, and patches weekly via email, along with our plans to address them. Below is the summary of May events. 

High Impact

Company/Source Product Type
Google Chrome Security updates
(May 1 & 15)

 

Medium Impact

Company/Source Product Type
Citrix ADC and Gateway Security update
Google Chrome Security update
(May 29)
Microsoft Multiple Security updates
(May  2022)

 

Low Impact

Company/Source Product Type
Mozilla Multiple Firefox Security updates

 

No Impact on Our Clients/FYI

Company/Source Product Type
Adobe Multiple Security updates
Apache Tomcat Security advisory
Apple Multiple Security updates 
CISA F5-IP Exploitation of CVE 2022-1388
CISA Industrial Control System Security advisory
CISA VMware Emergency directive and vulnerabilities advisory
Cisco Multiple Security updates
Cisco Enterprise NFV Infrastructure Software Security updates
Drupal Multiple Security updates
F5 Multiple Security advisory of multiple vulnerabilities
ISC BIND Security advisory
Microsoft Azure Data Factory & Synapse Pipeline Security advisory

 

As part of our primeCLOUD services suite, we partner with leading IT vendors to offer security services like ransomware protection, phishing training, multi-factor authorization (MFA), data backup/recovery, and more.

If you're not confident your organization is on top of security threats, vulnerabilities, and patches, it may be time to conduct a cyber security audit.

Conduct Self-Audit Now

Or better, get in touch and let us walk you through critical items for your security checklist.

Topics: cyber security ransomware vulnerabilities security patches security threats
6 min read

[Security Tip] April Security Threats Summarized

By Prime Care Tech Security Team on Sat, May 07, 2022 @ 06:14 PM

Each week our security team tracks threats, vulnerabilities, and patches announced by leading IT experts and vendors to ensure we prioritize, address, and communicate them to our managed IT services clients.

Below you'll find our monthly recap of all events. To check previous reports, see 2022 Security Threats.

If you're not a client, make sure your team knows about these security events, as well as future ones. Just click below to sign up. 

KEEP ME UPDATED

 

High Impact

Company/Source Product Type
Microsoft Remote Procedure Call Runtime Library Security vulnerability
(CVE-2022-26809)

 

Medium Impact

Company/Source Product Type
Google Chrome Security updates
(April 1 and 8)
Microsoft Multiple Security updates
(April  2022)
Mozilla Firefox and Firefox ESR Security updates
(April 8)

 

Low Impact

Company/Source Product Type
Apple Multiple Security updates

 

No Impact to Our Clients/FYI

Company/Source Product Type
Apache Struts 2 Security advisory
Arctic Wolf Multiple Security updates (Download/run Spring4Shell Deep Scan)
Cisco Multiple Security updates
CISA Multiple Security updates
Citrix SD-WAN Products Security updates
Drupal Multiple Security updates
Juniper Networks Multiple Security updates
Oracle Multiple Critical patch update (April 2022)
Spring Spring4Shell and Spring CLOUD Security update for function vulnerabilities
VMware Cloud Director Security updates

 

As part of our primeCLOUD services suite, we partner with leading IT vendors to offer security services like ransomware protection, phishing training, multi-factor authorization (MFA), data backup/recovery, and more.

If you're not confident your organization is on top of security threats, vulnerabilities, and patches, it may be time to conduct a cyber security audit.

Conduct Self-Audit Now

Or better, get in touch and let us walk you through critical items for your security checklist.

Topics: primeCLOUD cyber security security vulnerabilities cyber criminals security patches security threats

Featured

Posts by Tag

See all