My TechDecisions

Search Results: malware

Uber hack, MFA

What IT and Security Teams Should Take Away From the Uber Hack

Cybersecurity experts say the Uber hack demonstrates how attackers are bypassing multi-factor authentication and other security tools.

September 21, 2022 Zachary Comeau Leave a Comment

Uber disclosed late last week that the massive ridesharing company was the target of a cyberattack that resulted in attackers gaining access to the company’s internal systems, including its G-Suite and Slack accounts. This week, Uber has shared more about the hack, including how the attacker was able to bypass security tools. According to Uber, […]

Read More
Atera integrations

Atera Launches Integrations with Veeam, ThreatLocker, Domotz

New integrations with backup, security and network monitoring providers add to Atera's growing list of partnerships.

September 14, 2022 Zachary Comeau Leave a Comment

Remote monitoring and management solution provider Atera is adding three new integrations to further empower IT professionals, including integrations with Veeam Software, ThreatLocker and Domotz to include backup and recovery, endpoint security and network monitoring solutions, respectively. According to the Israel-based Atera, the integrations expand the company’s partnership program by adding the security offerings from […]

Read More
VMware EXSi security

U.S. Agencies Warn of Ransomware Attacks on K-12 Education Sector

K-12 institutions should take action now to protect against an increase in ransomware as the school year begins, U.S. agencies say.

September 7, 2022 Zachary Comeau Leave a Comment

U.S. agencies are warning of an increase in ransomware attacks against the K-12 education sector, singling out a relatively new threat actor that has been observed disproportionately targeting school systems as they welcome students back into their buildings. That threat actor is Vice Society—an intrusion, exfiltration and extortion hacking group that first appeared in summer […]

Read More
Google, Bard

Google: Update Chrome Now To Fix Zero Day Bug

Users of Google Chrome are again being urged to download a latest update to patch a new zero-day flaw being actively exploited.

September 6, 2022 Zachary Comeau Leave a Comment

Users of Google Chrome are again being urged to download a latest update to patch a high-severity security bug that is currently being exploited in the wild. The vulnerability, CVE-2022-3075, is described as an insufficient data validation flaw in Mojo, a collection of runtime libraries that Google says provides “a platform-agnostic abstraction of common IPC […]

Read More
Microsoft Fortra healthcare ransomware

Microsoft: This is How to Protect Against Ransomware

Microsoft says securing identities, hardening cloud infrastructure and leveraging comprehensive security tools will help protect against ransomware.

September 1, 2022 Zachary Comeau Leave a Comment

Microsoft has outlined its three strategies to protect against ransomware and the growing as-a-service cybercrime economy that has taken hold among ransomware groups. As well as investing in “integrated threat protection across devices, identities, apps, email, data and the cloud,” Microsoft suggests organizations take three key strategies to protect against ransomware, including preparing a defense […]

Read More
Proofpoint CISO, CISOs cyberattack

Notorious Russian Hacking Group Has A New Trick to Maintain Persistence

Microsoft says the same threat actors that compromised SolarWinds Orion are leveraging AD FS to maintain access.

August 30, 2022 Zachary Comeau Leave a Comment

Microsoft says it has uncovered a tactic used by Russia-aligned threat actors that is used to maintain persistence access to compromised environments after leveraging an Active Directory Federation Services (AD FS) server. In a lengthy blog post, Microsoft details how NOBELIUM—the codename attached to the same threat group that leveraged the SolarWinds Orion platform and […]

Read More
Microsoft Apple macOS bug

Patch Now: Apple Releases Fixes for Two Actively Exploited Zero-Day Bugs

Apple has discovered two actively exploited zero-day vulnerabilities that could give attackers full access to a wide range of Apple devices.

August 19, 2022 Zachary Comeau Leave a Comment

Apple has discovered two actively exploited zero-day vulnerabilities that could give attackers full access to a wide range of Apple devices, prompting the company to release security updates and urging users to apply the fixes immediately. According to Apple, the two zero-day out-of-bounds write bugs affect iPhone 6s and later, all iPad Pro models, iPad […]

Read More
Fortinet, ransomware, zero day vulnerabilities, log4shell

Ransomware, Zero-Day Vulnerabilities On the Rise

Ransomware variants and the use of zero-day vulnerabilities continued their upward tend in the first half of 2022, Fortinet report says.

August 17, 2022 Zachary Comeau Leave a Comment

The number of new ransomware variants nearly doubled in the first half of 2022 and attackers are increasingly leveraging zero-day vulnerabilities, painting a dire picture for IT and cybersecurity professionals, according to a new report from cybersecurity solutions provider Fortinet. According to the company’s FortiGuard Labs Threat Landscape report for the first half of 2022, […]

Read More
Zoom Anthropic Claude AI Zoom IQ

Update Zoom on macOS Devices Now

A local attacker could use the Zoom for macOS exploit to leverage an auto-update function and elevate privileges to root.

August 15, 2022 Zachary Comeau Leave a Comment

Users of the macOS version of Zoom are being urged to apply a patch after a vulnerability was discovered that could allow an attacker to gain access over the entire operating system. Specifically, the vulnerability lies in the Zoom Client for Meetings app for macOS, both standard and IT admin editions, with version  5.7.3 and […]

Read More
CISO Burnout

Cybersecurity Burnout Persists as Attack Landscape Shifts

As new cyberattack trends continue to emerge, burnout among cybersecurity teams remains a critical issue, according to VMware report.

August 8, 2022 Zachary Comeau Leave a Comment

As new cyberattack trends continue to emerge, burnout among cybersecurity teams remains a critical issue, according to VMware’s new Global Incident Response Threat Report. The Palo Alto, Calif.-based company’s report, issued during Black Hat USA 2022, details how the “ceaseless wave of cyberattacks,” pandemic disruptions and a constantly shifting threat landscape is causing nearly 47% […]

Read More