While patching workstations and servers within organisations can be time consuming and occasionally disruptive to operations; critical infrastructure must remain online or at least minimise downtime. I wish to provide a respectful shout-out to the following article from Amir Levintal,CEO and Co-Founder of Cylus who discusses these challenges and provides suggestions e.g. more resources, increased security awareness, and increased lobbying among regulators (among other suggestions) to overcome them:
How to Secure Critical Infrastructure When Patching Isn’t Possible: Kaspersky ThreatPost by Amir Levintal
I also wish to provide a respectful shout-out for the following article which highlights possible upcoming software updates for Amazon Kindles since vulnerabilities in the Universal Boot Loader were recently resolved:
Amazon Kindle, Embedded Devices Open to Code-Execution: Kaspersky ThreatPost by Tara Seals
Full-disclosure: I am not affiliated or sponsored by Kaspersky ThreatPost in any way. I simply wish to more widely highlight good advice on topical security issues.