CISA has added the use of single-factor authentication for remote or admin access to its list of “Bad Practices.”
System administrators and other IT professionals are urged to apply Microsoft’s May 2021 security updates as threat actors are actively exploiting a previous vulnerability in Microsoft Exchange Server. The U.S. Cybersecurity and Infrastructure Security Agency said over the weekend that multiple threat actors are exploiting three ProxyShell Vulnerabilities, which could allow an attacker to install […]
The U.S. Cybersecurity and Infrastructure Agency (CISA) is aware of other attack methods on the IT supply chain in addition to known malware that infected SolarWinds’ Orion IT management platform. In an alert issued Thursday, the agency said it “has evidence of additional initial access vectors, other than the SolarWinds Orion platform; however these are […]
The 2020 U.S. election is dragging on into a third day of uncertainty as we wait for results from four key battleground states, but one thing is for sure: the election went off without any cybersecurity incidents, according to officials. The U.S. Cybersecurity and Infrastructure Agency in a statement on Wednesday said there was no […]
The U.S. Cybersecurity and Infrastructure Security Agency, along with the FBI, have released a joint advisory warning that threat actors are actively exploiting vulnerabilities as they target government networks. The joint advisory, released last Friday, says these recent attacks are directed at federal, state, local, tribal and territorial government networks, and there is some risk […]
The U.S. Cybersecurity and Infrastructure Security Agency has issued an emergency directive to federal agencies demanding that they apply an August update to Windows Server before Tuesday to address a critical vulnerability that could allow an attacker to compromise all Active Directory identity services. The vulnerability – CVE-2020-1472 – is an elevation of privilege vulnerability […]
Note: The views expressed by guest bloggers and contributors are those of the authors and do not necessarily represent the views of, and should not be attributed to My TechDecisions. As expected from authorities anticipating an increase in threats to the education sector, cyberattacks are continuing to wreak havoc on colleges and universities across the United States. As […]
The MOVEit Transfer story continues to plague IT departments and security professionals as Progress Software has issued another advisory, urging organizations to apply yet another patch to address a privilege escalation flaw in its Transfer product. The company’s update comes amid reports of widespread exploitation, including several at several U.S. agencies that were breached as […]
Cybersecurity officials the, FBI, Microsoft and Sophos are warning organizations to limit their use of some legitimate tools as they are being leveraged by the BianLian group, a ransomware group that has targeted organizations with a data extortion model, bypassing the need to encrypt victims’ data. According to a joint advisory from CISA, its Australian […]
Microsoft is hoping to address the security issue of emails sent to Exchange online from unsupported and unpatched Exchange Servers by enabling a transport-based enforcement system in Exchange Online that will throttle and then block emails from an unsupported server. The end goal is to encourage Microsoft customers to stop using persistently vulnerable versions of […]
FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets
View all Guides
Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.
Enter Today!