Search Results: cisa

An ‘Enormous’ Amount of IoT Devices Could Be At Risk

Experts are warning of vulnerabilities found in 25 widely used real-time operating systems that power commonly used IoT devices.

May 5, 2021 TD Staff Leave a Comment

Cybersecurity officials and experts are warning of vulnerabilities found in 25 widely used real-time operating systems and supporting libraries that power commonly used IoT devices and internet-connected intelligent systems. Microsoft’s Section 52, the Azure Defender for IoT research group, uncovered the critical memory allocation vulnerabilities that could be exploited to bypass security controls to execute […]

U.S. Agencies Say SolarWinds Hackers Monitor IT Staff To Collect Info, Avoid Detection

Several U.S. agencies have released a report outlining the techniques used by the Russian hackers behind the SolarWinds compromise.

May 4, 2021 Zachary Comeau Leave a Comment

Several U.S. agencies have released a report outlining the techniques used by the Russian hackers behind the SolarWinds compromise and others, which includes targeting cloud resources to reduce the likelihood of detection and monitoring IT staff to collect information on victim networks. The FBI, Department of Homeland Security and Cybersecurity and Infrastructure Security Agency last […]

Patch Your Pulse Connect Secure Appliance

Ivanti has released a security update to address a new authentication bypass vulnerability in Pulse Connect Secure discovered last month.

May 3, 2021 Zachary Comeau Leave a Comment

Ivanti has released a security update to address a new authentication bypass vulnerability in Pulse Connect Secure appliance disclosed last month and is urging customers to move quickly to apply the patch. The company’s Pulse Secure team published a blog Monday calling attention to the update, saying it has worked with CISA, Mandiant/FireEye, Stox Friedberg […]

CORRECTING and REPLACING Axonius Secures Contract to Support DHS CDM for Group F Federal Agencies

April 23, 2021 TechDecisions Staff Leave a Comment

The contract, awarded through a large federal systems integrator via federal distributor IntelliPeak Solutions, Inc., will provide cybersecurity asset management to more than 70 federal agencies NEW YORK–(BUSINESS WIRE)–#assetmanagement–Please replace the release dated April 21, 2021, with the following corrected version due to revisions in the subhead and the body meant to clarify the avenue […]

Patch Now: Pulse Connect Secure Vulnerabilities Actively Exploited

Public and private-sector security experts are sounding the alarm about actively exploited vulnerabilities in Ivanti Pulse Connect Secure products.

April 21, 2021 Zachary Comeau Leave a Comment

Ivanti, FireEye, the U.S. Cybersecurity and Infrastructure Agency and other security experts are sounding the alarm about vulnerabilities in Ivanti Pulse Connect Secure products that have been exploited since at least June 2020 and a dozen malware families associated with the exploits. According to Ivanti, which offers the Pulse Connect Secure VPN appliances, the company […]

McAfee Sees COVID-19-Themed Threats and Powershell Malware Continue to Surge

April 13, 2021 TechDecisions Staff Leave a Comment

Key Findings McAfee sees COVID-19-themed cyber-attack detections increase by 114% in Q4 2020 Powershell threats grow 208% driven by Donoff malware New malware samples grow 10%; averaging 648 new threats per minute New ransomware increases 69%; Mobile malware grows 118% McAfee observes 3.1 million external attacks on cloud user accounts The Eternal Blue exploit was […]

How SolarWinds Is Recovering and Sharing What It Has Learned Over The Last Three Months

What the last few months have been like for SolarWinds -- and what the company has learned about data security.

March 30, 2021 Zachary Comeau Leave a Comment

SolarWinds, a trusted provider of IT management software that was rather unknown outside of IT circles, became a household name after it disclosed in December that advanced threat actors compromised certain versions of its Orion platform and carried out attacks against the U.S. government and other private sector technology companies. The company, along with other […]

Microsoft Releases Additional Updates To Help Customers Protect Against Exchange Server Vulnerabilities

Microsoft has released an additional series of updates to help customers more quickly protect their environments as estimated victim count surges.

March 9, 2021 Zachary Comeau Leave a Comment

Microsoft has released an additional series of updates to help customers more quickly protect their environments in light of the Microsoft Exchange Server vulnerability that has affected thousands of customers. According to Microsoft, the new updates can be applied to some older and supported Cumulative Updates, but are intended only as a temporary measure to […]

Multinational Law Enforcement Officials Take Down Notorious Emotet Botnet

An international group of law enforcement officials have announced a large operation to take down the infrastructure of the malware and botnet Emotet.

January 29, 2021 Zachary Comeau Leave a Comment

An international group of law enforcement officials, including the U.S. Department of Justice and Europol, have announced a large operation to take down the infrastructure of the malware and botnet Emotet. European authorities on Tuesday said they seized control of Emotet, one of the most notorious distributors of malware and hacking-as-a-service operations that has affected […]

President Biden Wants To Invest $10B in U.S. IT Infrastructure, Security

As part of a $1.9 trillion COVID-19 relief plan, President Biden plans to inject billions into the country's IT infrastructure and cybersecurity.

January 20, 2021 Zachary Comeau Leave a Comment

As part of a $1.9 trillion COVID-19 relief plan, President Joe Biden plans to inject billions into the U.S.’s IT infrastructure and remediate the SolarWinds breach, according to text of the plan. In addition to stimulus checks, small business relief and vaccines, Biden’s plan calls for modernization of the country’s IT systems to protect against […]