Search Results: log4shell

DPRK Ransomware Group Targets Healthcare Sector, Agencies Say

U.S. agencies are warning healthcare organizations and others to be aware of new ransomware activity from a North Korean nation-state group.

February 13, 2023 Zachary Comeau Leave a Comment

U.S. agencies are warning healthcare organizations and other critical infrastructure organizations to be aware of recent activity from a North Korean nation-state ransomware group that is leveraging older vulnerabilities–including Log4Shell– to gain access into victim environments. The advisory from the FBI, U.S. Cybersecurity and Infrastructure Security Agency and other agencies gives an overview of the […]

My TechDecisions Podcast Episode 184: Log4J’s Persistence

Bob Rudis, VP of data science for GreyNoise Intelligence, joins the podcast to talk about the persistence of the Log4J vulnerability.

January 26, 2023 Zachary Comeau Leave a Comment

On this episode of the My TechDecisions Podcast, we speak with Bob Rudis, vice president of data science for GreyNoise Intelligence, about why the Log4J vulnerability discovered in December 2021 will persist for many years to come. In a new report from GreyNoise Intelligence, the company says the full scope of attacks involving the vulnerability […]

Expect ‘Headline-grabbing’ Log4j Attacks in 2023

Log4j bug will continue to be a critical issue for IT professionals in 2023, according to GreyNoise.

January 4, 2023 Zachary Comeau Leave a Comment

Organizations should expect to see continued cyberattacks leveraging the Log4Shell vulnerability in 2023, cybersecurity company GreyNoise Intelligence says in a new report. The Washington, D.C.-based internet scanning traffic analysis firm’s recently released report, the 2022 Mass Exploitation Report, dives deep into the most significant threat detection events of the past year, including touching on CISA’s […]

Our Top IT Stories From 2022

Hybrid work, cybersecurity, cloud computing, recession, and new products and services highlight this year's top IT stories.

December 29, 2022 Zachary Comeau Leave a Comment

2022 was a very busy year for IT professionals as they grappled with new trends, technologies, tools, workplace models, cyberattacks and more while they helped their organization remain productive and secure. We looked back at our coverage to find common trends in our content to bring you our top 10 stories from this past year. […]

Software Inefficiencies are Costing U.S. Economy Trillions, Study Says

Vulnerabilities, software supply chain problems and technical debt could be costing the U.S. economy $2.4 trillions, Synopsys report finds.

December 6, 2022 Zachary Comeau Leave a Comment

Software quality issues such as vulnerabilities, software supply chain problems and technical debt could be costing the U.S. economy trillions, according to a new report from electronic design automation solutions and services firm Synopsys. The Mountain View, Calif. company’s report, “The Cost of Poor Software Quality in the US,” finds that software quality issues may […]

OpenSSL Bugs: What IT Admins Need to Know

The bugs impacting newer versions of OpenSSL are not as severe as once feared, but IT admins should still be expecting a wave of patches.

November 1, 2022 Zachary Comeau Leave a Comment

OpenSSL has released fixes for high-severity vulnerabilities affecting versions 3.0.0 through 3.0.6 that can cause a denial of service or remote code execution and allow attackers to take control of an affected system. However, the bugs are not as severe as once feared. The OpenSSL project, the organization that maintains the general-purpose cryptography and secure […]

Fortinet, ransomware, zero day vulnerabilities, log4shell

Ransomware, Zero-Day Vulnerabilities On the Rise

Ransomware variants and the use of zero-day vulnerabilities continued their upward tend in the first half of 2022, Fortinet report says.

August 17, 2022 Zachary Comeau Leave a Comment

The number of new ransomware variants nearly doubled in the first half of 2022 and attackers are increasingly leveraging zero-day vulnerabilities, painting a dire picture for IT and cybersecurity professionals, according to a new report from cybersecurity solutions provider Fortinet. According to the company’s FortiGuard Labs Threat Landscape report for the first half of 2022, […]

Modern Cyber Threats, Supply Chain Attacks Are Burning Out IT Pros, Experts Say

The constantly shifting IT landscape is breeding more cyberattacks, leading to burnout. Applying psychology concepts to the industry may help.

August 9, 2022 Zachary Comeau Leave a Comment

The software supply chain and our increasing reliance on cloud infrastructure is making protecting IT environments more challenging and leading to cybersecurity burnout among IT professionals, according to a panel of cybersecurity experts held last week in advance of Black Hat USA this week. Attackers are increasingly leveraging the software supply chain and open-source software […]

Microsoft Open Sources Salus SBOM Tool

Microsoft is open sourcing its SBOM tool Salus to help the IT industry better understand their dependencies on the software supply chain.

July 13, 2022 Zachary Comeau Leave a Comment

Microsoft is open sourcing its software bill of materials (SBOM) tool Salus to help the technology industry and IT decisionmakers better understand the security of their tools and their dependencies on the software supply chain. SBOMs have recently been given heightened importance after several high-profile cybersecurity flaws in popular software products have led to widespread […]

WatchGuard: Ransomware on Pace for Record Year

WatchGuard Technologies says ransomware detections doubled the total number of detections for all of 2021 in just the first quarter.

June 28, 2022 Zachary Comeau Leave a Comment

Despite increased law enforcement pressure on the ransomware industry and an IT community that has never been more aware of the ransomware threat, ransomware detections had already doubled the total number of detections for all of 2021 in just the first quarter, according to a new report from WatchGuard Technologies. The cybersecurity firm’s researchers say […]