February's Patch Tuesday includes two actively exploited vulnerabilities you need to patch now. Ryan Braunstein breaks down a denial of service flaw in Windows Remote Access Connection Manager that can black out your VPN infrastructure and leave remote endpoints unreachable. Seth Hoyt covers a pair of SmartScreen bypasses that let malicious files slip past Windows security prompts without warning.
Both vulnerabilities rely on user interaction to succeed, and phishing is getting harder to spot. Ryan and Seth discuss how AI is lowering the barrier to entry for attackers, making convincing phishing emails easier to generate and enabling single actors to operate like full teams.
What you'll learn:
• How attackers use VPN disruption as a distraction for larger attacks
• Why SmartScreen bypasses are a serious initial access vector
• Which endpoints to prioritize for patching
• How AI is changing the threat model for social engineering
Patch your systems. Train your users. Stay ahead.
