My TechDecisions

Search Results: malware

June 2023 Patch Tuesday. Patch Tuesday,

December 2022 Patch Tuesday: Two Zero Days, One Being Exploited

Microsoft's December 2022 Patch Tuesday includes fixes for more than 50 security bugs this month, including one exploited in the wild.

December 13, 2022 Zachary Comeau Leave a Comment

Microsoft has released 52 new patches this month as part of its December 2022 Patch Tuesday release, including two zero-day vulnerabilities, one of which is being actively exploited. Of the 52 released, six are rated critical, 43 are rated important and three are rated moderate in severity, according to Zero Day Initiative, which calls this […]

Read More
Malware file types, HP Wolf security

HP: Archive File Format Use Among Hackers on the Rise

Archive files such as ZIP and RAR files are the file type of choice for malware delivery, according to a new report from HP Wolf Security.

December 5, 2022 Zachary Comeau Leave a Comment

Office files are no longer the most common file type for delivering malware, as archive file formats such as ZIP and RAR files are the file type of choice for threat actors to deliver malware, according to a new report from HP Wolf Security. The findings come from a quarterly report from HP’s endpoint security […]

Read More
Token Theft

Hackers are Increasing Token Theft Attacks to Bypass MFA

Microsoft says it has seen an increase in attackers utilizing token theft to compromise identities that have completed MFA.

November 22, 2022 Zachary Comeau Leave a Comment

Organizations are increasing their implementation of multifactor authentication (MFA) to help secure account credentials and prevent unauthorized access, but threat actors are similarly advancing their techniques and are finding ways around those protections, including stealing tokens, according to Microsoft. In a recent post, Microsoft says its Detection and Response Team has seen an increase in […]

Read More
Red Hat Summit, AI, Enterprise Linux

Red Hat Enterprise Linux 8.7 and 9.1 Officially Available

Red Hat Enterprise Linux 8.7 and 9.1 are designed for modern enterprise IT needs, including security and hybrid cloud management.

November 17, 2022 Zachary Comeau Leave a Comment

Red Hat is releasing Red Hat Enterprise Linux (RHEL) 9.1, the latest version of the company’s enterprise Linux platform that adds and refines capabilities for a wide range of enterprise IT needs, including streamlining complex infrastructure environments and improving the security of containerized applications. The release comes less than week after the company released RHEL […]

Read More
Palo Alto Networks PAN-OS 11.0 Nova

Palo Alto Networks to Release PAN-OS 11.0 Nova

The new PAN-OS 11.0 Nova software includes new cloud-delivered malware protection and a new advanced threat protection service.

November 16, 2022 Zachary Comeau Leave a Comment

Cybersecurity giant Palo Alto Networks is introducing PAN-OS 11.0 Nova, a new version of its PAN-OS software that includes more than 50 product updates and innovations such as new cloud-delivered malware protection and a new advanced threat protection service to protect against zero-day injection attacks. According to the company, the new PAN-OS 11.0 Nova comes in […]

Read More
MIcrosoft Entra External ID

Microsoft Sounds the Alarm on Nation-state Attacks, Cybercriminals and IoT Threats

Microsoft's Digital Defense Report suggests cybersecurity will remain a critical IT investment as bad actors continue to shift strategies.

November 7, 2022 Zachary Comeau Leave a Comment

Nation-state cyberattacks targeting critical infrastructure are rising as countries continue to leverage technology to carry out advanced cyberattacks in addition to physical warfare, according to Microsoft’s latest Digital Defense Report. Much of the report focuses on the ongoing Russian war against Ukraine—which Microsoft attributes as a main cause of a spike in cyberattacks targeting critical […]

Read More

SEON Expands Advanced Digital Device Fingerprinting to Counter New Internet and Mobile Fraud Tactics

October 20, 2022 TechDecisions Staff Leave a Comment

Catches New and Unusual Fraudulent Device Setups and Reduces False Positives on Legitimate Users and Transactions AUSTIN, Texas–(BUSINESS WIRE)–#FraudPrevention—SEON, the fraud fighters, today unveiled modern digital device fingerprinting capabilities designed to identify and counter the latest internet and mobile fraud tactics used by sophisticated fraudsters and bots. Fraudsters increasingly use unusual device setups to speed […]

Read More

Microsoft Discovers Novel, Previously Unidentified Ransomware Strain

A novel ransomware campaign targeting organizations in Ukraine has been observed by Microsoft for the first time.

October 17, 2022 Zachary Comeau Leave a Comment

Microsoft is warning of a “novel” ransomware campaign targeting organizations in Ukraine and Poland leveraging a previously unidentified payload that was deployed in attacks just last week. According to the Redmond, Wash. IT giant, the new ransomware labels itself as “Prestige ranusomeware” and features an enterprise-wide deployment model that is not common in attacks seen […]

Read More
Windows 11 vs. macOS Monterey

Windows vs. macOS: Which OS Is Best For You?

For decades, the Windows vs. macOS argument has raged. In general, the capabilities of both operating systems are equivalent. Find out which is best for you.

October 4, 2022 Julius McGee Leave a Comment

For decades, the Windows vs. macOS argument has raged. In general, the capabilities of both operating systems are equivalent. However, there are enough differences to influence people one way or the other. It all boils down to your priorities. Do you choose a flexible operating system over one that is simple to use? Is safety […]

Read More
Microsoft Security RSA Conference

Two New Exchange Vulnerabilities Are Being Actively Exploited

Two new vulnerabilities in Microsoft Exchange that are similar to ProxyShell are being actively exploited, and a patch is not yet available.

October 3, 2022 Zachary Comeau Leave a Comment

Microsoft is warning organizations to mitigate two zero-day vulnerabilities in Exchange Server that are being actively exploited in the wild and can result in hands-on-keyboard access and Active Directory reconnaissance and data exfiltration. The vulnerabilities are CVE-2022-41040–a server-side request forgery (SSRF) vulnerability–and CVE-2022-41082–a remote code execution bug via Exchange PowerShell. According to Microsoft, CVE-2022-41040 can enable […]

Read More