My TechDecisions

Search Results: data breaches

Progress MOVEit vulnerability

Progress Software Urges Further Action to Prevent MOVEit Exploitation

Defending against exploitation of MOVEit vulnerabilities gets more complicated as Progress Software issues another patch.

June 16, 2023 Zachary Comeau Leave a Comment

The MOVEit Transfer story continues to plague IT departments and security professionals as Progress Software has issued another advisory, urging organizations to apply yet another patch to address a privilege escalation flaw in its Transfer product. The company’s update comes amid reports of widespread exploitation, including several at several U.S. agencies that were breached as […]

Read More
Phishing, Email security

Email Attacks are Evading Security Protections. Here’s How Security Teams Should Respond.

IT, security teams and end users should take these actions to combat increasingly sophisticated email threats.

June 6, 2023 Trevor Collins Leave a Comment

Instances of business email compromise (BEC) – a targeted form of phishing in which attackers try to scam companies out of money or goods or trick employees into giving up sensitive info – have continued to increase, causing devastating impacts. Last year, the FBI’s Internet Crime Complaint Center (IC3) reported $43 billion of global exposed […]

Read More
spear phishing, Phishing bait alert concept on a smartphone screen

Barracuda: Half of Organizations Fell Victim to Spear Phishing in 2022

Barracuda report reveals the high success rate of spear-phishing attacks in 2022, despite their low-volume, but widespread nature.

May 30, 2023 Alyssa Borelli Leave a Comment

A recent Barracuda Networks Inc. (Barracuda) report shows that 50% of organizations were victims of spear-phishing in 2022 — and 24% had at least one email account compromised through account takeover. Cybercriminals continue to barrage organizations with targeted email attacks, and many companies are struggling to keep up, says the Campbell, Calif.-based cloud security solutions […]

Read More
Google, AI, Google Security AI Workbench

Google at RSA: AI, LLMs Meet Security with Security AI Workbench

Google is enhancing its security tools with Google Cloud Security AI Workbench, an extensible platform powered by a specialized security LLM.

April 27, 2023 Zachary Comeau Leave a Comment

Google is beefing up its security offerings by integrating new generative AI tools and large language models (LLMs) into its security product suite, including a new Google Cloud Security AI Workbench designed to address threat overload, tooling issues and talent shortages. According to the company, which announced the news during the annual RSA Conference, Google […]

Read More
ransomware emsisoft, organization impacted by ransomware

Businesses Beware: April is the Most Dangerous Month for Ransomware Attacks

The month of April is expected to be a high-risk month when it comes to ransomware attacks, according to NordLocker research.

April 6, 2023 TD Staff Leave a Comment

The month of April has been identified as the most dangerous period in terms of ransomware attacks, according to research by end-to-end file encryption provider NordLocker. Last year, the month of April saw 294 ransomware incidents, the most attacks per month in all of 2022. Most of these attacks were carried out against U.S. and […]

Read More
Security Awareness Training

Security Awareness Training Needs to Change. Here’s Why.

Phishing is still wildly successful and a tried-and-true way into any organization's network, and security awareness training needs to evolve.

March 21, 2023 Zachary Comeau Leave a Comment

Despite repeated urges from IT professionals to be wary of clicking on links in emails and opening attachments from strange messages, phishing is still wildly successful as attackers adopt new tricks and techniques that should force organizations to improve and update their cybersecurity awareness strategies. In fact, email-based phishing attacks remain a thorn in the […]

Read More
Cybersecurity testing, penetration testing, cyber threats

No Organization Is an Island: How to Protect Against Supply Chain Attacks

To defend against supply chain attacks, organizations need to focus on all three layers of the attack surface: data, identities and infrastructure.

March 2, 2023 Dirk Schrader Leave a Comment

Every organization interacts with other organizations: suppliers, partners, customers, government agencies and more. As a result, you can suffer a breach even though your organization was not directly targeted. For example, adversaries were able to release the infamous NotPetya malware to thousands of companies worldwide by compromising the supplier of a popular accounting software solution. […]

Read More
Cloud, SASE, Aryaka

Varonis Launches Automated Posture Management

Varonis is releasing a new automated posture management tool to help customers automatically remediate cloud security and compliance gaps.

January 26, 2023 Zachary Comeau Leave a Comment

Cybersecurity company Varonis is releasing a new automated posture management tool designed to help customers remediate security and compliance gaps across their cloud-based software and infrastructure environments. According to the New York-based company, the automated posture management tool continuously scans, detects and prioritizes cloud security risks, giving IT and security professionals real-time visibility into their […]

Read More
Microsoft Nuance DAX

FDA to Regulate Medical Device Cybersecurity

A new law requires manufacturers of medical devices to ensure that their equipment and related systems are cybersecure.

January 19, 2023 TD Staff Leave a Comment

For years now, healthcare providers have been struggling with the cybersecurity issues posed by medical devices. One study released in December found that internet-connected medical devices have a 24% greater risk for cyberattacks. However, a new federal law passed late last year offers some relief. The Food and Drug Administration (FDA) now has the authority and $5 […]

Read More
Royal Ransomware

Phishing, Ransomware Continue to Dominate as Cyberattacks Surge in 2022

Acronis' year-end report finds that ransomware, phishing and unpatched bugs remain top threats as cybercriminals adapt.

December 28, 2022 Zachary Comeau Leave a Comment

Phishing, MFA fatigue attacks are on the rise, and the cost of a data breach is now expected to reach $5 million, according to a year-end cyberthreat report from cybersecurity firm Acronis. The Switzerland-based firm’s report from its Cyber Protection Operation Center provides an in-depth analysis of the cyberthreat landscape including ransomware, phishing, malicious websites, […]

Read More