security advisories

When critical infrastructure depends on digital controls, vulnerabilities in supervisory technology can reverberate far beyond a typical IT breach. Recent security advisories concerning Siemens OZW web servers have thrown a harsh spotlight on this persistent risk, revealing two high-severity...

In recent times, Microsoft Outlook has consistently remained not just an integral productivity tool for enterprises and individual users worldwide, but also a high-value target for cyberattackers seeking to exploit vulnerabilities embedded deep within its codebase. One of the most critical and...

Microsoft’s Patch Tuesday releases have long been a cornerstone in the battle against evolving cybersecurity threats, and May 2025’s wave of security updates underscores the stakes for enterprises and everyday users relying on Windows Remote Desktop Services. With the discovery and subsequent...

In a decisive shift that reflects both the fast-paced evolution of cyber threats and the changing habits of information consumption, the Cybersecurity and Infrastructure Security Agency (CISA) has updated its approach to sharing cyber-related alerts and notifications. As of May 12, the agency no...

Industrial control systems (ICS) stand at the heart of critical infrastructure worldwide, silently powering sectors such as energy, water, transportation, and manufacturing. In an era of proliferating cyber threats, the need for timely intelligence and robust defenses has never been more acute...

Windows Server 2025 is facing an unexpected road bump that has caught the attention of IT administrators and system users alike. Recent reports indicate that Remote Desktop sessions on Windows Server 2025 systems are freezing after installing security updates—more specifically after installing...

In an era where the security and reliability of our physical infrastructure are increasingly interwoven with digital systems, every new advisory concerning industrial control systems (ICS) carries a weight that resonates far beyond the world of cybersecurity professionals. On March 20, 2025, the...

If your Planet Technology network appliances have recently been basking in the (mis)fortune of being in the news, it’s likely not for their blazing gigabit speeds or rack-mount elegance—rather, a clutch of vulnerabilities has landed these devices on CISA’s advisories page, and not in the...

Unveiling the Siemens Mendix Runtime Vulnerability: What Industrial Operators Need to Know In an era where digital transformation interlaces deeply with industrial operations, the security of software platforms that power these environments becomes paramount. Siemens' Mendix Runtime—a...

CISA has issued three new Industrial Control Systems (ICS) advisories on March 6, 2025, spotlighting emerging security vulnerabilities and exploits that could affect critical industrial operations. These advisories serve as a crucial signal to IT professionals, industrial operators, and security...

In a significant development for the ever-evolving world of cybersecurity, Security Risk Advisors (SRA) has just announced its induction into the prestigious Microsoft Intelligent Security Association (MISA). While that might sound like another tech buzzword soup to the uninformed, this move has...

The ever-evolving cybersecurity landscape demands collaborative efforts to fend off threats, safeguard enterprises, and build resilient defenses. In an exciting development for both IT professionals and businesses leveraging Microsoft products, Security Risk Advisors (SRA) has announced its...

In a proactive move to bolster cybersecurity, the Cybersecurity and Infrastructure Security Agency (CISA) has released a set of five advisories targeted at vulnerabilities affecting various Industrial Control Systems (ICS). Dated November 12, 2024, these advisories shine a spotlight on current...

On November 7, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) unveiled three critical advisories aimed at improving security within the realm of Industrial Control Systems (ICS). This proactive move underlines the ongoing vulnerabilities present in these essential...

On September 10, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) released a set of four critical advisories aimed at safeguarding Industrial Control Systems (ICS). This move highlights the ongoing vulnerability of these systems against exploits and the pressing need for...

Today, as part of Update Tuesday, we released eight security updates – three rated Critical and five rated Important - to address 24 Common Vulnerabilities & Exposures (CVEs) in Windows, Office, .NET Framework, .ASP.NET, and Internet Explorer (IE). We encourage you to apply all of these updates...

It was just over one year ago, May 28, 2012, to be exact, that I transitioned from running active MSRC cases and writing bulletins to my current role managing software security incidents. A lot has changed in that year - and I’ve dealt with some interesting issues during my tenure - but...