My TechDecisions

Search Results: phishing

Metaverse Security

The Metaverse Presents Opportunity, but Also Security Risks

The metaverse is emerging as a valuable new business and consumer tool, but it also comes with a new set of security concerns.

December 20, 2022 Zachary Comeau Leave a Comment

The metaverse is emerging as a new technology that both consumers and businesses see as valuable for communication, collaboration, enhanced services, entertainment and real estate, but those hopes also come with the same security concerns any IT professionals have about a new technology. Nearly 70% of organizations are planning to do business in the metaverse […]

Read More
Phishing Success

U.S. Agencies Warn Food Industry About Business Email Compromise Campaigns

U.S. agencies are warning the food and agriculture sector about recent incidents of business email compromise designed to steal products.

December 19, 2022 Zachary Comeau Leave a Comment

U.S. agencies are warning organizations in the food and agriculture sector about recently observed incidents of business email compromise designed to steal shipments of food products and ingredients with hefty price tags. Instead of being used to directly steal money, these new campaigns are designed to spoof emails and domains to impersonate employees of legitimate […]

Read More
June 2023 Patch Tuesday. Patch Tuesday,

December 2022 Patch Tuesday: Two Zero Days, One Being Exploited

Microsoft's December 2022 Patch Tuesday includes fixes for more than 50 security bugs this month, including one exploited in the wild.

December 13, 2022 Zachary Comeau Leave a Comment

Microsoft has released 52 new patches this month as part of its December 2022 Patch Tuesday release, including two zero-day vulnerabilities, one of which is being actively exploited. Of the 52 released, six are rated critical, 43 are rated important and three are rated moderate in severity, according to Zero Day Initiative, which calls this […]

Read More
Microsoft Apple macOS bug

Apple Introduces Wider Data Protections, Encryption, Security Keys

Apple's three new advanced security features are designed to protect against threats to user data in the cloud.

December 7, 2022 Zachary Comeau Leave a Comment

Apple has announced three new security features designed to protect user data and protect against threats in the cloud, including wider data protections, the ability to verify the identity of contacts and support for third-party security keys. According to the company, the three new features join a suite of other security tools to make Apple […]

Read More
IT news, This Week in it, Microsoft, Google, Gmail, ISE 2023,

This Week in IT: AWS re:Invent, Cuba Ransomware, LastPass Incident

AWS innovations, a new advisory on the Cuba ransomware group and another security incident at LastPass highlight this week's IT news.

December 1, 2022 Zachary Comeau Leave a Comment

Editor’s note: There is a lot going on in the world of IT, from emerging technologies to digital transformation and new cybersecurity threats. However, we can’t possibly cover it all, so we’ll bring you This Week in IT, a curated summary of IT and enterprise technology news stories each week. AWS re:Invent Announcements Amazon Web Services […]

Read More
Token Theft

Hackers are Increasing Token Theft Attacks to Bypass MFA

Microsoft says it has seen an increase in attackers utilizing token theft to compromise identities that have completed MFA.

November 22, 2022 Zachary Comeau Leave a Comment

Organizations are increasing their implementation of multifactor authentication (MFA) to help secure account credentials and prevent unauthorized access, but threat actors are similarly advancing their techniques and are finding ways around those protections, including stealing tokens, according to Microsoft. In a recent post, Microsoft says its Detection and Response Team has seen an increase in […]

Read More
Email Attacks

Email Compromise Attacks Wreaking Havoc, Report Finds

Email is now the top threat vector for cyberattacks, and 20% of advanced email attacks are breaking through defenses, Tessian report finds.

November 10, 2022 Zachary Comeau Leave a Comment

Enterprise email is now the top threat vector for cyberattacks, and 20% of advanced email attacks are breaking through cyber defenses, according to a new report from email security company Tessian. The report sheds new light on how email has remained the “lifeblood” of any organization’s communication tools despite the proliferation of messaging and videoconferencing […]

Read More
Microsoft Yubico Azure AD CBA

Microsoft Releases Preview of Azure AD CBA Support on Mobile Devices via YubiKey

Azure AD CBA on iOS and Android via the YubiKey gives admins the ability to require phishing-resistant MFA on mobile without having to provision certificates on the user’s mobile device.

November 2, 2022 Zachary Comeau Leave a Comment

Microsoft is releasing the public preview of Azure Active Directory (AD) Certificate-based Authentication (CBA) on iOS and Android devices using certificates on hardware security keys from Yubico. The company first announced the general availability of Azure AD CBA during Ignite 2022 as part of the company’s commitment to President Joe Biden’s executive order on improving […]

Read More
MOVEit, ransomware, CVE-2023-34362,

This Ransomware Group is Targeting the Healthcare Industry

The Daixin Team has been targeting healthcare organizations with ransomware and data extortion operations, according to U.S. officials.

October 24, 2022 Zachary Comeau Leave a Comment

U.S. authorities are urging healthcare organizations to be on the lookout for the Daixin Team, a new ransomware group that has been targeting the healthcare sector since June. The U.S. Cybersecurity and Infrastructure Security Agency, FBI and Department of Health and Human Services’ joint advisory says the Daixin Team has been targeting healthcare organizations with […]

Read More