And let’s focus on more cyber news… let’s some good ones.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has shared details of misconfigurations and vulnerabilities exploited by ransomware gangs as part of its Ransomware Vulnerability Warning Pilot (RVWP) program. The program has identified over 800 vulnerable systems and provides a catalog of known exploited vulnerabilities and a list of misconfigurations and weaknesses used in ransomware campaigns. This initiative is part of CISA’s broader campaign to address the escalating ransomware threat to critical infrastructure.
Google, Amazon, Microsoft, and Cloudflare recently faced massive distributed denial of service (DDoS) attacks on their cloud infrastructure, exploiting a vulnerability in the HTTP/2 protocol. While patching efforts are underway, fixes must reach every web server globally to address the issue. The vulnerability, known as “HTTP/2 Rapid Reset,” allows for DDoS attacks but not remote server takeover or data exfiltration. The situation is complicated because HTTP/2 is widely adopted and implemented differently by each website. It will take years for patches to be fully adopted, and some web servers may remain vulnerable. However, the exposure of the vulnerability allows for necessary fixes to be developed and implemented.
And some fundamental technology changes.
Microsoft is retiring the VBScript programming language, a favorite tool for cybercriminals. In future releases of Windows, VBScript will only be available as a feature on demand and will eventually be removed from the operating system altogether. While it has been nearly 30 years since VBScript was introduced, cybercriminals still use it for initial target access. Microsoft’s decision to retire VBScript aims to reduce the avenue for malware delivery and improve security.
Microsoft plans to deprecate the NTLM authentication protocol in Windows 11 due to its vulnerabilities and exploitation by threat actors. Kerberos has replaced NTLM as the default authentication protocol for domain-connected devices. Microsoft is working on new Kerberos features and expanding NTLM management controls to disable NTLM in Windows 11 eventually.
Why do we care?
Any IT professional should be aware of those Microsoft changes — retiring VBScript and NTLM are long-time technologies that have served their time. Enjoy retirement, both. These changes need to be communicated to customers.
CISA continues to pump out resources. You could probably do without me if you just ingested all of them — that’s the reason to highlight them. That said, I’ll keep reminding and highlighting the good ones.

