Our thoughts, industry views and technology trends

Why elevating the issue won’t always alleviate it

“We’ve done it!” – The majority of your users have admin rights removed, meaning your environment is far more secure than it was before and you’ve successfully mitigated 85% of critical vulnerabilities in Windows. But are you as secure as you think? A surprisingly common pitfall that we come across in the support team are those who, either intentionally or unwittingly, elevate everything. Everything.

Continue Reading


Microsoft Vulnerabilities Report 2015 – What you need to know

Now in its third year, the 2015 Microsoft Vulnerabilities Report analyses the data from Security Bulletins issued by Microsoft throughout 2015. Typically issued on the second Tuesday of each month, these “Patch Tuesday” bulletins contain fixes for vulnerabilities affecting Microsoft products. With the launch of Windows 10, this approach changed slightly, with patches being released as soon as they are available.

Continue Reading


Fear and Loathing in Las Vegas – Advanced attacks and the InfoSec dream

During August members of the InfoSec community leave the comfort of their ergonomic desks and head out into the Nevada desert on a spiritual pilgrimage to Las Vegas. This mass movement is no coincidence, the draw is clear with Black Hat, DEF CON, BSides Vegas and the Star Trek Convention all occurring within a week. If you have an interest in offensive security, protecting data or ensuring your car cannot be remotely hijacked, Las Vegas is the place to be in August.

Continue Reading


The Mitigation Game

Last year, Avecto released its first Microsoft Vulnerabilities Report celebrating 10 years of “Patch Tuesdays” with analysis of the vulnerabilities from 2013. Following on from the success of the original report Avecto have crunched the numbers to analyze the 2014 Microsoft vulnerabilities, revealing how the removal of admin rights is more important than ever.

Continue Reading


Restoring user freedom in the security-first enterprise

It’s been a busy year in the cyber security arena so far, and it doesn’t look like the pace will be slowing down. From hacking schemes like Heartbleed to significant data breaches at Home Depot, P.F. Chang’s and the Montana Health Department, criminals are stepping up their game. But as organizations adapt their security strategies in kind, there is one key stakeholder who often goes unnoticed: the end user.

Continue Reading