My TechDecisions

Search Results: cyber

insider threats, military document leak, Jack Teixeira, insider risk

The Alleged U.S. Military Document Leaker Worked in IT

The Air National Guardsman and IT worker arrested for leaking sensitive documents is a reminder to take insider risk seriously.

April 14, 2023 Zachary Comeau Leave a Comment

The FBI has arrested an alleged leaker of sensitive and highly classified U.S. military documents on the Ukraine-Russia conflict, arresting a 21-year-old Massachusetts Air National Guardsman and accusing him of posting the documents on a Discord server. That individual, Jack Teixeira, was an IT worker for the Air National Guard, working as a Cyber Defense […]

Read More
CISA Software Security

Software Manufacturers Urged to Think Security Before Features, Speed to Market

CISA and other cybersecurity agencies are urging tech companies to think more about security of their products.

April 13, 2023 Zachary Comeau Leave a Comment

The U.S. Cybersecurity and Infrastructure Security Agency along with its counterpart agencies from several different countries have published a new guide urging software manufacturers to take steps to ship products that are built with security from the ground up. The guidance, “Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Security-by-Design and -Default, comes […]

Read More
Zero Trust, ZTNA, Netskope

Check Out CISA’s Updated Zero Trust Guidance

CISA's updated Zero Trust Maturity Model helps organizations strengthen their posture regardless of their starting point.

April 11, 2023 Zachary Comeau Leave a Comment

The U.S. Cybersecurity and Infrastructure Security Agency has released an updated version of its Zero Trust Maturity Model, which bolsters the agency’s zero trust standards with input from a public comment period. While designed for federal agencies, any organization can review the guidance and apply the protections to their infrastructure to help keep malicious actors […]

Read More
Cloud, SASE, Aryaka

7 Strategies for Improving Your Business’s Security in the Cloud

Complexity of the cloud can make it difficult to protect data. Here are seven strategies to Improve your business’s security in the cloud.

April 11, 2023 Joseph Carson Leave a Comment

Editor’s note: This article was originally published on March 13, 2023 and has since been updated as of April 11, 2023.  Cloud computing offers numerous advantages, including flexibility, cost-effectiveness, scalability, rapid deployment and storage capacity. Still, there are inherent cybersecurity risks with cloud infrastructure, including data breaches and leaks, compromised credentials, and human errors that […]

Read More
Security Operations

More than 9 in 10 Organizations Find Security Operations Difficult

Despite 94% of organizations seeing at least one attack in 2022, 93% aren't keeping up with essential security operations, Sophos report finds.

April 10, 2023 Zachary Comeau Leave a Comment

New research from cybersecurity firm Sophos finds that the vast majority of organizations find executing essential security operation tasks challenging, which makes incident response and remediation difficult in the face of an onslaught of attacks. According to the company’s report, “The State of Cybersecurity 2023: The Business Impact of Adversaries,” 94% of global organizations reported […]

Read More
Tax day concept. Businessman using the laptop to fill in the income tax online return form for payment.

Best Practices on How to Avoid Phishing Scams Ahead of Tax Day

Learn how to protect yourself and your organization from tax scams ahead of the U.S. tax deadline with these best practices.

April 10, 2023 Steven Spadaccini Leave a Comment

With April’s U.S. tax deadline, cybercriminals have sprung into action. For one, a devious Emotet malware phishing campaign has been launched, masquerading as official W-9 tax form emails sent from the Internal Revenue Service (IRS). A malicious group known as Tactical#Octopus is also on the prowl and looking to spread malware through fake file downloads […]

Read More
Microsoft Fortra healthcare ransomware

Microsoft, Fortra Take Action to Disrupt Ransomware Groups Targeting Healthcare

Microsoft, Fortra and Health-ISAC obtained a court order to disrupt the malicious use of Cobalt Strike and Microsoft tools in cyberattacks.

April 7, 2023 Zachary Comeau Leave a Comment

In a move that represents a growing offensive against cybercriminals, Microsoft, cybersecurity firm Fortra and Health Information Sharing and Analysis Center have taken action to disrupt ransomware groups that have been observed attacking healthcare organizations in more than 19 countries. According to Microsoft, the company’s Digital Crimes Unit (DCU), Fortra and Health Information Sharing and […]

Read More
Genesis Market

Check to See If Your Organization’s Credentials Were on Genesis Market

Dark web initial access marketplace Genesis Market has been seized, and organizations can check to see if they were compromised.

April 6, 2023 Zachary Comeau Leave a Comment

Genesis Market, online criminal marketplace that advertised and sold packages of stolen credentials that threat actors use to compromise accounts in the financial sector, critical infrastructure and federal, state and local government agencies, has been dismantled by a coalition of international law enforcement agencies. According to a news release from the U.S. Department of Justice, […]

Read More
ransomware emsisoft, organization impacted by ransomware

Businesses Beware: April is the Most Dangerous Month for Ransomware Attacks

The month of April is expected to be a high-risk month when it comes to ransomware attacks, according to NordLocker research.

April 6, 2023 TD Staff Leave a Comment

The month of April has been identified as the most dangerous period in terms of ransomware attacks, according to research by end-to-end file encryption provider NordLocker. Last year, the month of April saw 294 ransomware incidents, the most attacks per month in all of 2022. Most of these attacks were carried out against U.S. and […]

Read More
backup storage security

Backup and Storage Devices Contain an Average of 14 Security Issues

Research from cyber resilience company Continuity shows that enterprise backup and storage devices need to be more secure.

April 5, 2023 Zachary Comeau Leave a Comment

With storage and backup devices often representing the last line of defense against ransomware attacks and outages, they should be as secure as possible so organizations can restore their data in a critical time of need. However, new research from cyber resilience company Continuity shows that the average enterprise storage and backup device has 14 […]

Read More