In Cyber-security, 2022 was no joke. From major vulnerability exploits to new product releases, there is a lot to highlight throughout the whole year.

Spring4Shell

Emerging in March of 2022, the Spring4Shell vulnerability was from a widely used Java library, Spring Framework. Spring by VMware has since released fixes to this critical vulnerability, but it could allow remote code execution via data binding when applications use the Spring Framework with JDK 9 or higher. SAINT released both credentialed and uncredentialed checks for this vulnerability.

MSDT “Follina”

Follina is a vulnerability from the Microsoft Support Diagnostic Tool (MSDT) which could allow remote command execution on Windows systems. This vulnerability occurs when MSDT is called via a URL from an application such as Word. This was being heavily exploited in May of 2022. SAINT also has a credentialed check for the nicknamed Follina. 

Cybersecurity Awareness Month

October 2022 was an opportunity to educate the everyday user, on all fronts, ranging from executives to developers to project managers to salesmen, etc. Following the theme of CISA and NCA’s Cyber Security Month “See Yourself in Cyber”, we emphasized key points to help people protect themselves.

Simple steps like these can make a massive difference to protecting your organization, or even just your personal devices.

SAINT 10 Release

For Carson & SAINT, SAINT 10 is a big step forward. To new capabilities to a new User Interface, SAINT performs and looks better than ever.

From our organization to yours, we wish you the best of fortune in 2023!

Follow us on social media for the latest on cybersecurity updates and solutions below: