Search Results: cisa

Prepare: Microsoft Begins Disabling Basic Auth in Exchange Online Oct. 1

Microsoft and CISA are releasing more details and guides to help organizations move from legacy authentication methods in Exchange Online.

June 30, 2022 Zachary Comeau Leave a Comment

Microsoft and U.S. cybersecurity officials renewing calls for organizations to switch from Basic Authentication (Basic Auth) in Microsoft Exchange Online to Modern Authentication before the company begins to disable Basic Auth in October. Microsoft on Oct. 1 will begin turning off the ability to use Basic Auth in Exchange Online for Exchange ActiveSync (EAS), POP, […]

Why Security Technology Convergence is Crucial to Future-Proofing the Workplace

When it comes to maintaining the security of workplace IT and technology systems, a holistic approach to physical and cybersecurity can help teams create a more robust security posture.

June 28, 2022 Andi Krebs Leave a Comment

Today’s commercial technology stacks are increasingly leveraging IoT and the cloud to make managing businesses more efficient: people are more reliant on technology in order to use, access, and manage their offices. This trend holds true for workplace security systems, too. Now, we’re seeing higher mobile credential adoption for commercial access control systems, increased migration […]

Log4Shell Exploitation Continues, Agencies Warn

Multiple hacking groups are leveraging the vulnerability in the ubiquitous Log4J tool six months after it was first discovered, CISA says.

June 24, 2022 Zachary Comeau Leave a Comment

More than six months after the Log4Shell vulnerability was discovered in the widely used Java logger Log4j, cybersecurity agencies are warning of the continued exploitation of the bug in unpatched VMWare Horizon and Unified Access Gateway servers. The U.S. Cybersecurity and Infrastructure Agency (CISA), along with the U.S. Coast Guard Cyber Command (CGCYBER), say malicious […]

Five Takeaways From RSA Conference 2022

Although smaller due to the COVID-19 pandemic, the 2022 RSA Conference marked the most important year of the event yet.

June 14, 2022 Zachary Comeau Leave a Comment

Although it was a noticeably smaller crowd and trade show floor than previous shows, the 31st annual RSA Conference marked arguably the most important version of the show as IT and security professionals were eager to learn about what the cybersecurity industry is doing to help protect their organizations. According to conference officials, the event […]

10 Common Cybersecurity Mistakes Your Organization is Making

The 10 most common ways attackers gain initial access are not all that hard to secure, according to new CISA advisory.

May 23, 2022 Zachary Comeau Leave a Comment

With more of the world relying on technology to connect and maintain business continuity over the last two years, malicious cyber actors have stepped up their game to exploit weaknesses in organizations’ IT infrastructure and conduct a broad range of attacks against both public and private entities. However, network defenders and IT professionals can stop […]

Is Your IT Department Augmented by an MSP? Take These Cybersecurity Steps Now.

CISA and other agencies are urging organizations to take steps to guard themselves against possible compromise of their MSPs.

May 20, 2022 Zachary Comeau Leave a Comment

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and a host of other cybersecurity and law enforcement agencies are urging organizations to take steps to guard themselves against possible compromise of their managed service providers (MSP) as advanced threat actors and nation states are expected to up their attacks against those service providers. Attacking and […]

Patch These Four VMware Vulnerabilities Immediately

After several large organizations have reported attacks, VMware and CISA are urging others to patch these four vulnerabilities immediately.

May 19, 2022 Zachary Comeau Leave a Comment

Organizations are being urged to patch certain VMware products as threat actors are chaining a series of unpatched vulnerabilities in some of the company’s products to gain full system control, even as patches have been available for several weeks. According to the U.S. Cybersecurity and Infrastructure Security Agency (CISA), threat actors, likely sophisticated groups, are […]

Some May 2022 Microsoft Security Updates Are Leading to Authentication Failures

Microsoft recommends manually mapping certificates to a machine account in Active Directory until the issues are fixed.

May 16, 2022 Zachary Comeau Leave a Comment

In the wake of Active Directory authentication failures caused by Microsoft’s May 2022 Patch Tuesday updates, the U.S. Cybersecurity and Infrastructure Security Agency has removed a Windows LSA spoofing zero day bug from its catalog of vulnerabilities agencies are required to patch. The bug, CVE-2022-26925, is a Windows LSA spoofing flaw that was patched last […]

Recon InfoSec Offers Free Cybersecurity Threat Hunting Service for Critical Infrastructure Entities

May 10, 2022 TechDecisions Staff Leave a Comment

AUSTIN, Texas–(BUSINESS WIRE)–With the ongoing conflict in Ukraine and U.S. sanctions against Russia continuing to build, the need has never been greater for American infrastructure entities to protect their operations from cyber threats and attacks. At the end of March, President Biden extended the state of national emergency declared to counteract the growing number of […]

The Global Cyber Innovation Summit, the CISO “Invitation-only” Event, Returns in 2022 to Set the Global Agenda for Cybersecurity

April 29, 2022 TechDecisions Staff Leave a Comment

Exclusive event keynoted by NSA Cybersecurity Director Rob Joyce and CISA Executive Assistant Director Eric Goldstein among other prestigious speakers BALTIMORE–(BUSINESS WIRE)–The Global Cyber Innovation Summit (GCIS), renowned as the “Davos of Cybersecurity,” returned this year to bring together a preeminent group of leading Global 2000 CISO executives, cyber technology innovators, policy influencers, and members […]