My TechDecisions

Search Results: malware

Windows 11 Education

Microsoft Rolls Out New Windows 11 Education Features

Microsoft is rolling out new collaboration, accessibility, IT management and security features in Windows 11 designed for education.

March 1, 2023 Zachary Comeau Leave a Comment

Microsoft is rolling out a new set of easy-to-use collaboration, accessibility and security features in Windows 11 designed for education organizations. The new Windows 11 education features Microsoft highlights include new IT management features, live captions, focus features to help eliminate distractions, simple sign-in and personalized desktop themes. According to Microsoft, school IT administrators in […]

Read More
LastPass Breach, Hack

LastPass Hack: Attacker Accessed DevOps Engineer’s Home Computer to Steal Decrpytion Keys

LastPass reveals new information on its ongoing investigation into a security incident, including how a developer's home computer was hacked.

February 28, 2023 Zachary Comeau Leave a Comment

[Editor’s note: This article has been updated to reflect the company’s official statement on the new updates.] The same threat actor that accessed portions of the LastPass development environment and source code that has forced the company since August 2022 to provide updates as new information is revealed, apparently accessed a shared cloud-storage environment obtained […]

Read More
iOS macOS vulnerabilities

These macOS, iOS Vulnerabilities Could Allow Attackers to Access Messages, Photos & Call History

Cybersecurity firm Trellix has discovered new privilege escalation bugs in macOS and iOS that could give hackers access to sensitive data.

February 21, 2023 Zachary Comeau Leave a Comment

Cybersecurity firm Trellix says it has discovered a new class of privilege escalation bugs in macOS and iOS that could allow attackers to bypass code signing to execute arbitrary code and gain access to messages, location data, call history and photos. According to the firm, this could allow sandbox escape on both macOS and iOS. […]

Read More

These 3 Departments Pose the Highest Risk of Being Hacked

Experts from NordLocker reveal which departments are most at risk of being hacked and why and provide tips on safeguarding your business from a cyberattack.

February 18, 2023 TD Staff Leave a Comment

Cybersecurity experts from NordLocker, part of Nord Security, reveal that employees from certain departments are much more lucrative targets for cybercriminals than others. With human error being the reason behind a whopping 82% of data breaches, employees are the weakest link when it comes to organizational cybersecurity. “From receptionists to the C-Suite, every employee should […]

Read More
Cybersecurity testing, penetration testing, cyber threats

This Cybersecurity Company Now Offers Threat Intelligence Services

ESET is launching new threat intelligence services to give organizations guidance about specific threat vectors and attack sources.

February 16, 2023 Zachary Comeau Leave a Comment

Cybersecurity firm ESET is launching new threat intelligence services via commercially available reports to help give organizations, governments and partners guidance about specific threat vectors and attack sources. The San Diego, Calif.-based firm says the threat intelligence services expand on the company’s research, which is published on cybersecurity blog WeLiveSecurity, as well as tri-annual threat […]

Read More
June 2023 Patch Tuesday. Patch Tuesday,

February 2023 Patch Tuesday: Three Exploited; Exchange, Word Bugs

Microsoft's February 2023 Patch Tuesday includes fixes for 75 security bugs, including three being actively exploited and four Exchange RCEs.

February 14, 2023 Zachary Comeau Leave a Comment

[Editor’s note: An earlier version of this article stated there were two exploited bugs patched this month. It has been updated to reflect the additional exploited vulnerability.] Microsoft has released patches to fix 75 security bugs in the February 2023 Patch Tuesday release, including one each in Microsoft Office, Windows Common Log File System Driver […]

Read More
Royal Ransomware

DPRK Ransomware Group Targets Healthcare Sector, Agencies Say

U.S. agencies are warning healthcare organizations and others to be aware of new ransomware activity from a North Korean nation-state group.

February 13, 2023 Zachary Comeau Leave a Comment

U.S. agencies are warning healthcare organizations and other critical infrastructure organizations to be aware of recent activity from a North Korean nation-state ransomware group that is leveraging older vulnerabilities–including Log4Shell– to gain access into victim environments. The advisory from the FBI, U.S. Cybersecurity and Infrastructure Security Agency and other agencies gives an overview of the […]

Read More
Progress MOVEit vulnerability

How to Protect Against and Recover from ESXiArgs Ransomware

CISA has released a recovery guide that includes a recovery script to help organizations recover from the ESXiArgs ransomware attacks.

February 9, 2023 Zachary Comeau Leave a Comment

To help organizations impacted by the ESXiArgs ransomware campaign that is exploiting a two-year-old vulnerability in VMware ESXi servers, the U.S Cybersecurity and Infrastructure Agency has released a recovery guide that includes a recovery script to help organizations recover their files. According to the agency, threat actors are targeting end-of-life ESXi servers or ESXi servers […]

Read More
CISA Ransomware

Critical VMware Vulnerability From 2021 Leveraged in Mass Ransomware Campaign

A threat actor is reportedly leveraging a two-year-old vulnerability in VMware ESXi servers to deploy ransomware.

February 7, 2023 Zachary Comeau Leave a Comment

A two-year-old vulnerability in VMware ESXi servers is reportedly under mass-exploitation by a ransomware threat actor, and more than 1,000 VMware ESXI severs have been compromised. According to cybersecurity firm Blackberry, the new ransomware, ESXiArgs, is targeting unpatched VMware ESXi servers connected to the internet, leveraging a remote code execution bug from 2021 to cause […]

Read More
ChatGPT, IT, Policies, AI Tools, Data

The Cybersecurity Implications of AI Like ChatGPT

While tools like ChatGPT can help IT and cybersecurity professionals do their jobs, there is potential for it to be used maliciously.

January 31, 2023 Zachary Comeau Leave a Comment

While ChatGPT may appear to be a shiny new tool that technologists get to play with under OpenAI’s public preview, cybersecurity experts are warning that the conversational AI chatbot could be abused just like any other legitimate IT tool. However, the implications are far more serious, as a highly intelligent assistant being leveraged by attackers […]

Read More