My TechDecisions

Search Results: cyber

MOVEit, ransomware, CVE-2023-34362,

Ransomware Groups Confirmed to be Exploiting MOVEit Bug

Microsoft, cybersecurity firms say MOVEit Transfer vulnerability is being exploited by a group associated with the Clop ransomware actors.

June 5, 2023 Zachary Comeau Leave a Comment

Cybersecurity firms are reporting widespread exploitation of the MOVEit Transfer vulnerability across a wide range of organizations large and small, with some publicly confirming that known ransomware groups are leveraging the flaw. That includes Microsoft, which is attributing the attacks exploiting the bug, tracked as CVE-2023-34362, to a group it calls “Lace Tempest,” which is […]

Read More
MOVEit vulnerability, zero-day, Progress Software

Act Now: Vulnerability in Progress Software’s MOVEit Transfer Software

Cybersecurity researchers are sounding the alarm on a new zero-day vulnerability in Progress Software’s MOVEit Transfer solution.

June 2, 2023 Zachary Comeau Leave a Comment

Cybersecurity companies and researchers are sounding the alarm on a new zero-day vulnerability in Progress Software’s MOVEit Transfer solution, with attackers pouncing on the vulnerability since it was disclosed by Progress Software on May 31. According to Progress Software, the vulnerability in MOVEit Transfer could lead to escalated privileges and potential unauthorized access to the […]

Read More
iPhone security bug, Apple, Kaspersky

Kaspersky Discovers New 0-Click iOS Exploit

Russia-based cybersecurity firm Kaspersky warns of new 0-click exploit targeting Apple iOS devices as Russia accuses NSA.

June 1, 2023 Zachary Comeau Leave a Comment

Cybersecurity firm Kaspersky says it is investigating “previously unknown” malware targeting the company’s own employee’s Apple iOS devices that can compromise devices via the iMessage service with an attachment without any user interaction. According to Kaspersky, the message triggers a vulnerability that leads to code execution, and the code within the exploit downloads several subsequent […]

Read More
Threat Detection Trends, 2023 Hacking Trends, Expel

New Email Rules, MFA Bypass Are Top Hacking Tactics So Far in 2023

Cybersecurity firm Expel's 2023 first quarter threat report finds that hackers are hiding their activity with email rules and bypassing MFA.

June 1, 2023 Zachary Comeau Leave a Comment

Account compromise, new inbox rules designed to hide malicious activity, and multifactor authentication bypass are the most popular hacking tactics being utilized by threat actors so far in 2023, according to a new report from cybersecurity firm Expel. According to the managed detection and response provider, identity-based attacks such as account compromise, account takeover and […]

Read More
Crowdstrike Charlotte AI

CrowdStrike Launches Virtual Security Assistant Charlotte AI

CrowdStrike wants its new generative AI tool Charlotte AI to make IT and security professionals more efficient and narrow the skills gap.

May 31, 2023 Zachary Comeau Leave a Comment

CrowdStrike is launching a private customer preview of its own generative AI solution which it calls Charlotte AI, essentially an AI assistant for the company’s CrowdStrike Falcon platform designed to help any user of the platform become a power user. According to the Austin, Texas-based cybersecurity giant, Charlotte AI lets customers ask natural language questions […]

Read More
AWS Amazon Security Lake

AWS Launches General Availability of Amazon Security Lake

Amazon Security Lake automatically centralizes security data from across AWS environments, SaaS providers, on-premises and cloud sources.

May 31, 2023 Zachary Comeau Leave a Comment

AWS is launching the general availability of Amazon Security Lake, a new service designed to automatically centralize an organization’s security data from across their AWS environments, leading SaaS providers, on-premises environments, and cloud sources into a purpose-built data lake. According to AWS, this allows customers to act on security data faster and helps them simplify […]

Read More
Digital transformation technology strategy, digitization and digitalization of business processes and data

Five Key Topics for Digital Transformation in Manufacturing Companies

Improve manufacturing efficiency, productivity and CX by integrating digital tech. Learn five key considerations for a successful digital transformation strategy.

May 30, 2023 Alexander Paulus Leave a Comment

Digital transformation is the key to unlocking the full potential of manufacturing companies in the 21st century. By integrating digital technology into all aspects of manufacturing, companies can fundamentally change how they operate and deliver value to their customers. This shift has become especially essential in manufacturing, where customer experience and flexibility are taking center […]

Read More
spear phishing, Phishing bait alert concept on a smartphone screen

Barracuda: Half of Organizations Fell Victim to Spear Phishing in 2022

Barracuda report reveals the high success rate of spear-phishing attacks in 2022, despite their low-volume, but widespread nature.

May 30, 2023 Alyssa Borelli Leave a Comment

A recent Barracuda Networks Inc. (Barracuda) report shows that 50% of organizations were victims of spear-phishing in 2022 — and 24% had at least one email account compromised through account takeover. Cybercriminals continue to barrage organizations with targeted email attacks, and many companies are struggling to keep up, says the Campbell, Calif.-based cloud security solutions […]

Read More
My TechDecisions Podcast, zero trust

My TechDecisions Podcast Episode 195: Zero Trust Adoption Challenges and Drivers

Chalan Aras, the managing director of cyber and strategic risk at Deloitte, joins the podcast to talk about issues with zero trust adoption.

May 25, 2023 Zachary Comeau Leave a Comment

On this episode of the My TechDecisions Podcast, we discuss zero trust adoption challenges and drivers with Chalan Aras, the managing director of cyber and strategic risk at Deloitte. According to a recent Deloitte poll, legacy systems and environments are the greatest challenge to adopting zero trust, with 44.6% of executives agreeing to that sentiment. […]

Read More
China, Hacking, Microsoft, Routers, Volt Typhoon

Microsoft, NSA Warn of Stealthy China-Sponsored Hacking Group Volt Typhoon

Microsoft, U.S. agencies say Volt Typhoon is a China-based state-sponsored threat actor that is stealthily targeting critical infrastructure.

May 24, 2023 Zachary Comeau Leave a Comment

Microsoft is sounding the alarm on a group it calls Volt Typhoon, another state-sponsored hacking group based in China that is targeting critical infrastructure organizations and leveraging living-off-the-land techniques and proxying its network traffic through compromised network edge devices and routers to evade detection. Microsoft says Volt Typhoon is pursing development of capabilities that could […]

Read More