My TechDecisions

Search Results: cyberattack

Phishing, Email security

Phishing Remains a Favorite Hacking Tool as New Methods Emerge

New methods such as phone-oriented attack delivery and MFA bypass are making phishing attacks more sophisticated, according to Proofpoint.

March 3, 2023 Zachary Comeau Leave a Comment

Phishing, social engineering, and ransomware remain favorite attack methods of cybercriminals, but threat actors are beginning to shift to newer techniques, such as phone-oriented attack delivery and adversary-in-the-middle phishing proxies designed to bypass multifactor authentication, according to cybersecurity firm Proofpoint. The Sunnyvale, Calif.-based company’s’ State of the Phish report finds that email-based phishing attacks remain […]

Read More
Cybersecurity testing, penetration testing, cyber threats

No Organization Is an Island: How to Protect Against Supply Chain Attacks

To defend against supply chain attacks, organizations need to focus on all three layers of the attack surface: data, identities and infrastructure.

March 2, 2023 Dirk Schrader Leave a Comment

Every organization interacts with other organizations: suppliers, partners, customers, government agencies and more. As a result, you can suffer a breach even though your organization was not directly targeted. For example, adversaries were able to release the infamous NotPetya malware to thousands of companies worldwide by compromising the supplier of a popular accounting software solution. […]

Read More
Log4j, Older Vulnerabilities, CISA KEV

Older, Unpatched Vulnerabilities Are Still Wreaking Havoc

Older vulnerabilities that remain unpatched are still the primary vehicle for cyberattacks, Tenable report finds.

February 28, 2023 Zachary Comeau Leave a Comment

Older vulnerabilities for which patches have already been made available by the vendor are still the primary vehicle for cyberattacks, suggesting that organizations are still behind in practicing good cyber hygiene, according to new data from Tenable. The Columbia, M.D.-based provider of vulnerability management software finds in its 2022 Threat Landscape Report that the number […]

Read More
Mimecast Certificate Compromised

3 Takeaways From Mimecast’s State Of Email Security Report

Mimecast's State of Email Security report reveals IT and security decision-makers are seeing an increase in cyber awareness interest among the C-Suite.

February 24, 2023 TD Staff Leave a Comment

Mimecast, the global email and collaboration security company, published its annual State of Email Security 2023 (SOES) report this week. The global survey, based on responses from 1,700 IT and security decision-makers, provides readers with key takeaways on the current threat landscape and offers recommendations to help organizations improve their cybersecurity posture. The highlights from […]

Read More
Businessman Identifying Customer Usage Stats, business metrics

Why a Culture of Metrics Helps Security Teams Communicate with Business Leaders

By creating a culture of metrics, organizations can find creative ways to demonstrate the effectiveness and value of cybersecurity solutions in use.

February 22, 2023 Greg Notch Leave a Comment

Business leaders want to know they’re getting the most out of their investments. That applies to people, products, vendors, resources, and infrastructure—and it also applies to cybersecurity solutions. At a time when hardly a day goes by without a new cyberattack making headlines, corporate boards are concerned with making sure they have the right solutions […]

Read More

These 3 Departments Pose the Highest Risk of Being Hacked

Experts from NordLocker reveal which departments are most at risk of being hacked and why and provide tips on safeguarding your business from a cyberattack.

February 18, 2023 TD Staff Leave a Comment

Cybersecurity experts from NordLocker, part of Nord Security, reveal that employees from certain departments are much more lucrative targets for cybercriminals than others. With human error being the reason behind a whopping 82% of data breaches, employees are the weakest link when it comes to organizational cybersecurity. “From receptionists to the C-Suite, every employee should […]

Read More
Google Cybersecurity Certificate

Endpoint Management and Security Teams are Merging

Unmanaged devices and security risk are leading to organizations merging their endpoint management and security teams, Syxsense report finds.

February 13, 2023 Zachary Comeau Leave a Comment

Unmanaged device usage is growing among enterprises and more than three-quarters of organizations report experiencing cyberattacks due to unknown, unmanaged or poorly managed endpoints, which is leading to organizations merging their endpoint management and security teams, according to new research from endpoint security firm Syxsense. The Newport Beach, Calif.-based company’s “Endpoint Management Vulnerability Gap” report […]

Read More
Atera ESET Integration

Hackers Are Pivoting to OneNote Documents for Malware Delivery

Proofpoint researchers say they have identified an increase in the use of OneNote documents to deliver malware after Microsoft blocks macros.

February 6, 2023 Zachary Comeau Leave a Comment

Threat actors are increasingly using OneNote documents to deliver malware as Microsoft makes it difficult for them to use other Office documents by blocking macros by default. Now, hackers are experimenting with other file types, including using virtual hard disk, compiled HTML and OneNote, according to new research from enterprise security software company Proofpoint. The […]

Read More
Yubico, Security Keys

Yubico Launches New Security Keys, Updated Enterprise Subscription Program

Yubico is expanding its lineup of security keys with two new enterprise keys and is introducing an improved enterprise subscription program.

January 27, 2023 Zachary Comeau Leave a Comment

Security key maker Yubico is expanding its lineup of security keys with two new enterprise keys and is introducing an improved enterprise subscription program. The Santa Clara, Calif.-based company hopes the new updates will help organizations equip employees with hardware-based authentication and services to help combat the increasingly sophisticated phishing attacks and credential theft. The […]

Read More
Cybersecurity testing, penetration testing, cyber threats

This K-12 Cybersecurity Resource Offers Useful Guidance for School IT Professionals

The U.S. Cybersecurity & Infrastructure Security Agency has released a report to help keep K-12 organizations secure.

January 25, 2023 Zachary Comeau Leave a Comment

In an effort to help protect K-12 educational institutions from an increasing rate of cyberattacks, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a new report with recommendations and resource to help K-12 IT professionals address their plentiful security risks. CISA’s new report, “Protecting Our Future: Partnering to Safeguard K–12 organizations from Cybersecurity […]

Read More