Search Results: cisa

Make Sure These 15 Most Exploited Vulnerabilities From 2021 Are Patched

IT pros should be familiar with some of these 15 most exploited 2021 bugs, but continued targeting of them suggests more organizations need to patch.

April 28, 2022 Zachary Comeau Leave a Comment

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), along with a coalition of U.S. and foreign security and law enforcement agencies, have released a list of the 15 most exploited vulnerabilities from 2021, calling on both public and private organizations to ensure these critical security bugs are mitigated and systems patched. The list, published in a […]

Insiders Pose Cybersecurity Threat to Healthcare

The average cost for credential theft was more than $871,000 for each incident associated with an insider, warns HHS.

April 26, 2022 TD Staff Leave a Comment

The U.S. Department of Health and Human Services (HHS) Cybersecurity Program Office of Information Security warned healthcare facilities on Thursday about vulnerabilities to insider threats. HHS cited a 2020 study from Ponomon, which found that 61% of data breaches involving an insider are primarily unintentional, caused by negligent insiders. Nearly 14% of breaches, however, are […]

DHS’ First Bug Bounty Program Nets 122 Vulnerabilities

Hack DHS, the Department of Homeland Security's first bug bounty program, uncovers 27 critical-rated vulnerabilities.

April 25, 2022 Zachary Comeau Leave a Comment

The U.S. Department of Homeland Security says its first bug bounty program, Hack DHS, has resulted in the disclosure of more than 120 vulnerabilities, and 27 of them were determined to be critical. The Department of Homeland Security (DHS) launched the agency’s first bug bounty program in December 2021 in an attempt to find and […]

Acalvio Autonomous Deception Technology Provides Advanced Cyber Security to The Department of Homeland Security

April 20, 2022 TechDecisions Staff Leave a Comment

ShadowPlex Added to the Department of Homeland Security CISA CDM Approved Products List SANTA CLARA, Calif.–(BUSINESS WIRE)–#AcalvioTech–Acalvio Technologies, the leader in cyber deception, today announced that the FedRamp Ready ShadowPlex platform has been added to the Department of Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) Continuous Diagnostics and Mitigation (CDM) Approved Products List (APL). […]

What We Know So Far About Spring4Shell

A vulnerability in the widely used Spring Framework for Java is causing alarm in the IT community, but it's not Log4Shell just yet.

April 5, 2022 Zachary Comeau Leave a Comment

The information technology and cybersecurity communities are still assessing the impact of Spring4Shell, a remote code execution vulnerability recently disclosed in the Spring Framework for Java that could allow for remote code execution in vulnerable installations. While exploit attempts have not yet been widespread, there is a simmering concern that this bug could be nearly […]

The Key Components of a Vulnerability Scanning & Management Program

Identifying security bugs and developing a robust vulnerability scanning and patching program should be a core duty of any IT team.

March 31, 2022 Zachary Comeau Leave a Comment

With thousands of new software vulnerabilities to protect against each year, it is critical that organizations develop a robust vulnerability management program that can quickly identify and remediate vulnerabilities in IT environments. Issues like Log4Shell, PrintNightmare, ProxyLogon and dozens of other critical vulnerabilities in widely used systems have kept IT departments up at night as […]

Trellix and CSIS Find Organizations Outmatched by Nation-State Cyber Threat Actors

March 28, 2022 TechDecisions Staff Leave a Comment

Report Highlights Increased Government Support Required to Defend Against Sophisticated Nation-States NEWS HIGHLIGHTS 86 percent of respondents believe they have been targeted by a cyberattack conducted by a group acting on behalf of a nation-state Only 27 percent of respondents said they have complete confidence in the ability of their organization to differentiate between nation-state […]

51% of Small Businesses Don’t Have Cybersecurity Measures in Place

Despite the negative consequences, small business owners believe they are too small to be targeted for cyberattacks.

March 25, 2022 TD Staff Leave a Comment

According to a new study, a majority of small businesses have no protection against cyberattacks, suggesting that businesses and their consumers are vulnerable to hacking and identity theft. A study from Digital.com, an independent website for small business online tools, products and services, revealed that 51% of small businesses do not have protection against cyberattacks. […]

Russian Cyberattack Threat Evolves, Spurs New White House Warning To Harden IT Environments

The White House is urging organizations to take immediate action to harden cyber defenses Russian cyberattack threats evolve.

March 21, 2022 Zachary Comeau Leave a Comment

The White House is urging organizations to take immediate action to harden cyber defenses as credible intelligence of a Russian cyberattack in response to U.S. involvement in the Ukraine crisis continues to evolve. In a statement by President Joe Biden and a related fact sheet, the administration says there is “evolving intelligence that the Russian […]

Report: Older Vulnerabilities Plaguing Legacy Systems

F-Secure report finds that older vulnerabilities dating back several years are still impacting legacy IT systems.

March 8, 2022 Zachary Comeau Leave a Comment

New critical software vulnerabilities are discovered every month, but its older vulnerabilities in legacy systems that continue to plague IT departments and cybersecurity professionals, according to new research from cybersecurity firm F-Secure. The report, Attack Landscape Update, dishes on trending cybersecurity threats, including ransomware, malware, phishing and more, but the most alarming information in the […]