My TechDecisions

Search Results: cybersecurity

Cybersecurity testing, penetration testing, cyber threats

Is Your Organization Testing Against the Right Cyber Threats?

New research shows that organizations are testing against cyber threats in the headlines rather than attacks they're more likely to face.

April 12, 2023 Zachary Comeau Leave a Comment

Ransomware, supply chain attacks and nation-state threat actors have grabbed mainstream headlines in recent years, and organizations are largely recognizing that they must invest more in cybersecurity to defend against those emerging techniques. However, new research shows that some organizations are prioritizing defending against those trending, newsworthy threats at the expense of the threats actually […]

Read More
Zero Trust, ZTNA, Netskope

Check Out CISA’s Updated Zero Trust Guidance

CISA's updated Zero Trust Maturity Model helps organizations strengthen their posture regardless of their starting point.

April 11, 2023 Zachary Comeau Leave a Comment

The U.S. Cybersecurity and Infrastructure Security Agency has released an updated version of its Zero Trust Maturity Model, which bolsters the agency’s zero trust standards with input from a public comment period. While designed for federal agencies, any organization can review the guidance and apply the protections to their infrastructure to help keep malicious actors […]

Read More
Cloud, SASE, Aryaka

7 Strategies for Improving Your Business’s Security in the Cloud

Complexity of the cloud can make it difficult to protect data. Here are seven strategies to Improve your business’s security in the cloud.

April 11, 2023 Joseph Carson Leave a Comment

Editor’s note: This article was originally published on March 13, 2023 and has since been updated as of April 11, 2023.  Cloud computing offers numerous advantages, including flexibility, cost-effectiveness, scalability, rapid deployment and storage capacity. Still, there are inherent cybersecurity risks with cloud infrastructure, including data breaches and leaks, compromised credentials, and human errors that […]

Read More
Security Operations

More than 9 in 10 Organizations Find Security Operations Difficult

Despite 94% of organizations seeing at least one attack in 2022, 93% aren't keeping up with essential security operations, Sophos report finds.

April 10, 2023 Zachary Comeau Leave a Comment

New research from cybersecurity firm Sophos finds that the vast majority of organizations find executing essential security operation tasks challenging, which makes incident response and remediation difficult in the face of an onslaught of attacks. According to the company’s report, “The State of Cybersecurity 2023: The Business Impact of Adversaries,” 94% of global organizations reported […]

Read More
Tax day concept. Businessman using the laptop to fill in the income tax online return form for payment.

Best Practices on How to Avoid Phishing Scams Ahead of Tax Day

Learn how to protect yourself and your organization from tax scams ahead of the U.S. tax deadline with these best practices.

April 10, 2023 Steven Spadaccini Leave a Comment

With April’s U.S. tax deadline, cybercriminals have sprung into action. For one, a devious Emotet malware phishing campaign has been launched, masquerading as official W-9 tax form emails sent from the Internal Revenue Service (IRS). A malicious group known as Tactical#Octopus is also on the prowl and looking to spread malware through fake file downloads […]

Read More
Microsoft Fortra healthcare ransomware

Microsoft, Fortra Take Action to Disrupt Ransomware Groups Targeting Healthcare

Microsoft, Fortra and Health-ISAC obtained a court order to disrupt the malicious use of Cobalt Strike and Microsoft tools in cyberattacks.

April 7, 2023 Zachary Comeau Leave a Comment

In a move that represents a growing offensive against cybercriminals, Microsoft, cybersecurity firm Fortra and Health Information Sharing and Analysis Center have taken action to disrupt ransomware groups that have been observed attacking healthcare organizations in more than 19 countries. According to Microsoft, the company’s Digital Crimes Unit (DCU), Fortra and Health Information Sharing and […]

Read More
Genesis Market

Check to See If Your Organization’s Credentials Were on Genesis Market

Dark web initial access marketplace Genesis Market has been seized, and organizations can check to see if they were compromised.

April 6, 2023 Zachary Comeau Leave a Comment

Genesis Market, online criminal marketplace that advertised and sold packages of stolen credentials that threat actors use to compromise accounts in the financial sector, critical infrastructure and federal, state and local government agencies, has been dismantled by a coalition of international law enforcement agencies. According to a news release from the U.S. Department of Justice, […]

Read More
ransomware emsisoft, organization impacted by ransomware

Businesses Beware: April is the Most Dangerous Month for Ransomware Attacks

The month of April is expected to be a high-risk month when it comes to ransomware attacks, according to NordLocker research.

April 6, 2023 TD Staff Leave a Comment

The month of April has been identified as the most dangerous period in terms of ransomware attacks, according to research by end-to-end file encryption provider NordLocker. Last year, the month of April saw 294 ransomware incidents, the most attacks per month in all of 2022. Most of these attacks were carried out against U.S. and […]

Read More
F5 headquarters, AI API

F5 Releases New AI-Powered App and API Security Tools

New AI tools from F5 give customers better protection and control in managing apps and APIs across on-premises, cloud and edge locations.

April 4, 2023 Zachary Comeau Leave a Comment

Cybersecurity company F5 is releasing new AI-powered app and API security capabilities designed to give customers comprehensive protection and control in managing apps and APIs across on-premises, cloud and edge locations. According to the Seattle-based application services and security company, new machine learning enhancements will provide the company’s cloud security portfolio with advanced API endpoint […]

Read More
Log4j, Older Vulnerabilities, CISA KEV

These Dangerous Vulnerabilities on CISA’s KEV List Are Still Being Widely Exploited

Despite patches being available for most of the bugs in CISA's Known Exploited Vulnerabilities catalog, many devices remain unpatched.

April 3, 2023 Zachary Comeau Leave a Comment

The U.S. Cybersecurity and Infrastructure Security Agency has been keeping an updated list of Known Exploited Vulnerabilities (KEV) that currently includes more than 900 security bugs, with the goal of helping inform organizations about vulnerabilities that should be prioritized. Despite that awareness campaign and emphasis on vulnerabilities that have been exploited in the wild, new […]

Read More