News, Trends, and Insights for IT & Managed Services Providers
News, Trends, and Insights for IT & Managed Services Providers
Business of Tech | Significant Changes in Cybersecurity Landscape: VBScript

And let’s focus on more cyber news… let’s some good ones.  

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has shared details of misconfigurations and vulnerabilities exploited by ransomware gangs as part of its Ransomware Vulnerability Warning Pilot (RVWP) program. The program has identified over 800 vulnerable systems and provides a catalog of known exploited vulnerabilities and a list of misconfigurations and weaknesses used in ransomware campaigns. This initiative is part of CISA’s broader campaign to address the escalating ransomware threat to critical infrastructure.

Google, Amazon, Microsoft, and Cloudflare recently faced massive distributed denial of service (DDoS) attacks on their cloud infrastructure, exploiting a vulnerability in the HTTP/2 protocol. While patching efforts are underway, fixes must reach every web server globally to address the issue. The vulnerability, known as “HTTP/2 Rapid Reset,” allows for DDoS attacks but not remote server takeover or data exfiltration. The situation is complicated because HTTP/2 is widely adopted and implemented differently by each website. It will take years for patches to be fully adopted, and some web servers may remain vulnerable. However, the exposure of the vulnerability allows for necessary fixes to be developed and implemented.

And some fundamental technology changes.

Microsoft is retiring the VBScript programming language, a favorite tool for cybercriminals. In future releases of Windows, VBScript will only be available as a feature on demand and will eventually be removed from the operating system altogether. While it has been nearly 30 years since VBScript was introduced, cybercriminals still use it for initial target access. Microsoft’s decision to retire VBScript aims to reduce the avenue for malware delivery and improve security.

Microsoft plans to deprecate the NTLM authentication protocol in Windows 11 due to its vulnerabilities and exploitation by threat actors. Kerberos has replaced NTLM as the default authentication protocol for domain-connected devices. Microsoft is working on new Kerberos features and expanding NTLM management controls to disable NTLM in Windows 11 eventually.

Why do we care?

Any IT professional should be aware of those Microsoft changes — retiring VBScript and NTLM are long-time technologies that have served their time.   Enjoy retirement, both.     These changes need to be communicated to customers.  

CISA continues to pump out resources.  You could probably do without me if you just ingested all of them — that’s the reason to highlight them.    That said, I’ll keep reminding and highlighting the good ones.  

Choose your upgrade:

Get the full benefits of Business of Tech Plus

Insider Access

$12/month

Perfect for MSPs and ITSPs that want full interviews, early access, and ad-free listening

  • Programmatic Ad-free private podcast feedSame show, little interruptions
  • Channel Chatter previews1–2 topics with light insights
  • Early access to interview episodesHear it days before public release
  • Monthly Insider BriefTighter analysis you can share internally
  • Extra audio segmentsCut interviews, behind-the-scenes commentary, quick competitive notes
  • Become an Insider for $12/month

    Leadership Access

    $149/month

    Perfect for MSPs and Vendors that run a team and need the extended tactics, executive summaries, and weekly alignment brief

  • All Insider Access benefits plus . . .
  • Invite your teamIncludes access for 5 team members with option to add more
  • Vendor Strategy BriefsThe entire library, plus new analysis every month
  • Channel ChatterAll topics, full insights, complete vendor discussion + sentiment list
  • Quarterly State of the Channel Briefing
  • Monthly AMA submission priorityAsk Dave direct questions, and skip the line
  • Get the Leadership Edge for $149/month

    Vendor Partner

    $500/month

    Perfect for channel companies or vendors looking to deepen their engagement with the show.

  • All Leadership Access benefits plus . . .
  • Get highlighted as a show sponsor You'll get placement in the show notes, throughout the website, and on our dedicated sponsors page.
  • Enjoy regular shout outs You'll be featured in a rotating format during the show
  • Become a show sponsor for $500/month

    Search all stories