Each week our security team tracks threats, vulnerabilities, and patches announced by leading IT experts and vendors to ensure we prioritize, address, and communicate them to our managed IT services clients.
Below you'll find our monthly recap of all events. If you're not a client, make sure your team knows about these security events, as well as future ones. Just click below to sign up.
High Impact
Nothing new in the high category was reported in February. If you missed last month's report, see the January Security Threats Summary.
Medium Impact
Company/Source | Product | Type |
Microsoft | Multiple | CVE-2022-21882 Win 32k Privilege Escalation Vulnerability |
VMware | Multiple | Security update 3091 |
VMware | Multiple | Security update 3104 |
Low Impact
Company/Source | Product | Type |
Zabbix | Multiple | Front-end authentication bypass and improper access control vulnerabilities |
No Impact to Our Clients/FYI
Company/Source | Product | Type |
CISA | Multiple | Industrial control system advisories (Release 18) |
CISA | Multiple | 15 known exploited vulnerabilities added to the catalog |
Drupal | Multiple | Security updates |
FBI/USSS | U.S. Critical Infrastructure | Security advisory -BlackByte Ransomware |
Mitsubishi | Mitsubishi Electric Factory Automation Engineering Products | Update F |
As part of our primeCLOUD services suite, we partner with leading IT vendors to offer security services like ransomware protection, phishing training, multi-factor authorization (MFA), data backup/recovery, and more.
If you're not confident your organization is on top of security threats, vulnerabilities, and patches, it may be time to conduct a cyber security audit.
Or better, get in touch and let us walk you through critical items for your security checklist.