In Cyber-security, 2022 was no joke. From major vulnerability exploits to new product releases, there is a lot to highlight throughout the whole year.
Spring4Shell
Emerging in March of 2022, the Spring4Shell vulnerability was from a widely used Java library, Spring Framework. Spring by VMware has since released fixes to this critical vulnerability, but it could allow remote code execution via data binding when applications use the Spring Framework with JDK 9 or higher. SAINT released both credentialed and uncredentialed checks for this vulnerability. For more information about Spring4Shell, see here.
MSDT “Follina”
Follina is a vulnerability from the Microsoft Support Diagnostic Tool (MSDT) which could allow remote command execution on Windows systems. This vulnerability occurs when MSDT is called via a URL from an application such as Word. This was being heavily exploited in May of 2022. SAINT also has a credentialed check for the nicknamed Follina. Our information on MSDT Follina can be found here.
Cybersecurity Awareness Month
October 2022 was an opportunity to educate the everyday user, on all fronts, ranging from executives to developers to project managers to salesmen, etc. Following the theme of CISA and NCA’s Cyber Security Month “See Yourself in Cyber“, we emphasized key points to help people protect themselves:
- “Think Before You Click: Recognize and Report Phishing”
- “Update Your Software”
- “Use Strong Passwords”
Simple steps like these can make a massive difference to protecting your organization, or even just your personal devices.
SAINT 10 Release
For Carson & SAINT, SAINT 10 is a big step forward. To new capabilities to a new User Interface, SAINT performs and looks better than ever. To learn more about all the new features in detail, click here.
Want to see it for yourself? Try SAINT for Free here.
From our organization to yours, we wish you the best of fortune in 2023!
Follow us on social media for the latest on cybersecurity updates and solutions below: