Search Results: log4shell

SimSpace Unveils Expanded Open Cyber Range Platform at RSA Conference

June 6, 2022 TechDecisions Staff Leave a Comment

Platform to Help Validate Cybersecurity Mesh Architecture with expanded environments for Cloud, Critical Infrastructure, and OT/IoT; Increased Coverage of Security Vendors; New Automated Attack Scenarios and Training Options SAN FRANCISCO–(BUSINESS WIRE)–SimSpace, the leading cybersecurity risk management platform company, today unveiled new updates to its award-winning cyber range to deliver the most comprehensive open platform for […]

Verizon Report Suggests Ransomware Is Getting Worse

Ransomware is up 13%, a larger rise than the past five years combined, according to Verizon's Data Breach Investigations Report.

May 25, 2022 Zachary Comeau Leave a Comment

Despite a global focus on cybersecurity, increased pressure from law enforcement on cybercrime groups and a software industry that continues to rapidly innovate to solve security issues, ransomware continues its upward trajectory, rising as much in one year as it has over the past five years combined, according to Verizon’s 2022 Data Breach Investigations Report. […]

Make Sure These 15 Most Exploited Vulnerabilities From 2021 Are Patched

IT pros should be familiar with some of these 15 most exploited 2021 bugs, but continued targeting of them suggests more organizations need to patch.

April 28, 2022 Zachary Comeau Leave a Comment

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), along with a coalition of U.S. and foreign security and law enforcement agencies, have released a list of the 15 most exploited vulnerabilities from 2021, calling on both public and private organizations to ensure these critical security bugs are mitigated and systems patched. The list, published in a […]

Trellix Finds Escalation of Cyberattacks Targeting Critical Infrastructure as Geopolitical Tensions Rise

April 27, 2022 TechDecisions Staff Leave a Comment

New Report Details Wiper Malware Aimed at Ukraine and Upsurge in Cyber Threats from Likely Russian-backed Actor in the Fourth Quarter of 2021 News Highlights Advanced persistent threat (APT) actors most often targeted the transportation and shipping sectors in Q4 2021. APT29, believed to conduct operations for Russian government entities, ranked most active among nation-state […]

DHS’ First Bug Bounty Program Nets 122 Vulnerabilities

Hack DHS, the Department of Homeland Security's first bug bounty program, uncovers 27 critical-rated vulnerabilities.

April 25, 2022 Zachary Comeau Leave a Comment

The U.S. Department of Homeland Security says its first bug bounty program, Hack DHS, has resulted in the disclosure of more than 120 vulnerabilities, and 27 of them were determined to be critical. The Department of Homeland Security (DHS) launched the agency’s first bug bounty program in December 2021 in an attempt to find and […]

Malware Developers Are Targeting These 10 2021 Security Bugs

Research from Skybox Security finds that security 2021 bugs in Log4j and Exchange Server are the most targeted by malware developers.

April 13, 2022 Zachary Comeau Leave a Comment

Security analysts at Skybox Security uncovered a 42% increase in new ransomware programs targeting known vulnerabilities last year, including critical vulnerabilities discovered in Log4j and Exchange Server. The San Jose, Calif. cybersecurity company’s 2022 Vulnerability and Trends Report, released this week, details how quickly hackers capitalize on new security bugs and continue to reduce the […]

The Key Components of a Vulnerability Scanning & Management Program

Identifying security bugs and developing a robust vulnerability scanning and patching program should be a core duty of any IT team.

March 31, 2022 Zachary Comeau Leave a Comment

With thousands of new software vulnerabilities to protect against each year, it is critical that organizations develop a robust vulnerability management program that can quickly identify and remediate vulnerabilities in IT environments. Issues like Log4Shell, PrintNightmare, ProxyLogon and dozens of other critical vulnerabilities in widely used systems have kept IT departments up at night as […]

30% Of Log4j Instances Remain Vulnerable To Exploitation

Qualys finds that nearly a third of Log4j instances remain vulnerable to attack more than three months after the flaw was discovered.

March 24, 2022 Zachary Comeau Leave a Comment

More than two months after the Log4j vulnerabilities known as Log4Shell were discovered, 30% of Log4j instances remain vulnerable for hackers to exploit and take control of affected systems, according to cybersecurity firm Qualys. The company indexed more than 10 trillion data points across its installed enterprise customer base and completed six billion IP scans […]

The Top Vulnerabilities of 2021

Cybersecurity firm Tenable rounds up the top vulnerabilities in 2021, noting increases in ransomware attacks, data breaches, zero-days and more.

January 31, 2022 TD Staff Leave a Comment

Tenable’s 2021 Threat landscape retrospective report looks back at year unlike any other. Dozens of groups, like REvil, Conti, DarkSide and more, dominated the headlines and continued to wreak havoc across a wide range of industries. Tenable’s research team noted a surge in ransomware attacks, data breaches, zero-days and much more in 2021. Top vulnerabilities […]

Log4j Highlights the Need for a Software Bill of Materials; Here’s How to Create One

Amid the Log4j vulnerabilities, it’s more important than ever that companies prioritize dependency management by creating a SBOM.

January 11, 2022 Bren Briggs, VP of DevOps and Cybersecurity at Hypergiant. Leave a Comment

Just days into the new year and the cybersecurity community is already playing catch up thanks to the recent Log4j vulnerability which illuminated major setbacks in how organizations deal with its own software and open-source packages on which its relies on. In particular, organizations have been caught off guard in auditing its own systems, giving […]