Search Results: vulnerabilities

NSA: Switch to ‘Memory-Safe’ Programming Languages

The NSA is urging organizations to drop some commonly used programming languages such as C and C++ due to exploitable memory-based bugs.

November 11, 2022 Zachary Comeau Leave a Comment

In a new report, the National Security Agency urges organizations to drop some commonly used programming languages such as C and C++ due to programmer error leading to exploitable memory-based vulnerabilities. The agency’s guidance, “Software Memory Safety” Cybersecurity Information Sheet, highlights how malicious cyber actors exploit poor memory management issues to access sensitive information and […]

IT news, This Week in it, Microsoft, Google, Gmail, ISE 2023,

This Week in IT: New VMware & IBM Products, Vulnerability Management, Zoomtopia, Tech Employment

New VMware products, IBM quantum computing announcements, vulnerability management guides from CISA and more highlight this week's IT news.

November 10, 2022 Zachary Comeau Leave a Comment

Editor’s note: There is a lot going on in the world of IT, from emerging technologies to digital transformation and new cybersecurity threats. However, we can’t possibly cover it all, so we’ll bring you This Week in IT, a curated summary of IT and enterprise technology news stories each week. VMware Explore Europe 2022 announcements VMware […]

My TechDecisions Episode 178: November 2022 Patch Tuesday

Satnam Narang, senior staff research engineer at Tenable, joins the podcast to talk about Microsoft's November 2022 Patch Tuesday.

November 10, 2022 Zachary Comeau Leave a Comment

Satnam Narang, senior staff research engineer at Tenable, joins the podcast to talk about Microsoft’s November 2022 Patch Tuesday.

November 2022 Patch Tuesday: Four Actively Exploited Zero Days

Microsoft’s November 2022 Patch Tuesday includes fixes for four actively exploited zero-day vulnerabilities.

November 8, 2022 Zachary Comeau Leave a Comment

Microsoft’s November 2022 Patch Tuesday is a particularly important one, as the company has released fixes for four zero-day vulnerabilities, all of which are currently being exploited in the wild. In total, the Redmond, Wash. software giant has released fixes for 62 security bugs, including nine rated critical and 53 rated important. Here’s a look […]

Microsoft Sounds the Alarm on Nation-state Attacks, Cybercriminals and IoT Threats

Microsoft's Digital Defense Report suggests cybersecurity will remain a critical IT investment as bad actors continue to shift strategies.

November 7, 2022 Zachary Comeau Leave a Comment

Nation-state cyberattacks targeting critical infrastructure are rising as countries continue to leverage technology to carry out advanced cyberattacks in addition to physical warfare, according to Microsoft’s latest Digital Defense Report. Much of the report focuses on the ongoing Russian war against Ukraine—which Microsoft attributes as a main cause of a spike in cyberattacks targeting critical […]

OpenSSL Bugs: What IT Admins Need to Know

The bugs impacting newer versions of OpenSSL are not as severe as once feared, but IT admins should still be expecting a wave of patches.

November 1, 2022 Zachary Comeau Leave a Comment

OpenSSL has released fixes for high-severity vulnerabilities affecting versions 3.0.0 through 3.0.6 that can cause a denial of service or remote code execution and allow attackers to take control of an affected system. However, the bugs are not as severe as once feared. The OpenSSL project, the organization that maintains the general-purpose cryptography and secure […]

This Week in IT: USB-C for iPhones, Ransomware, Google Chrome, Microsoft’s Diversity

iPhone support for USB-C, ransomware vulnerability trends, Google Chrome's EOL on old Windows and Microsoft's diversity highlight this week's IT news.

October 27, 2022 Zachary Comeau Leave a Comment

A Third of Cybersecurity Professionals Are So Stressed Out That They Want to Leave Their Jobs

A new report from email security firm Mimecast finds that cybersecurity teams are facing unsustainable levels of stress from cyberattacks.

October 27, 2022 Zachary Comeau Leave a Comment

As ransomware and cyberattacks continue to wreak havoc on corporate networks, one third of cybersecurity professionals are considering leaving their role within the next two years due to stress or burnout, according to new research from email security company Mimecast. The London-based firm’s research, “The 2022 State of Ransomware Readiness Report,” finds that 33% of […]

Poly Studio X Series to Offer Native Google Meet Experience

Poly says its line of Studio X video bars will be the first Android-based single codec video appliances for Google Meet.

October 26, 2022 Zachary Comeau Leave a Comment

Video and audio collaboration solutions provider Poly says its line of Studio X video bars will be the first Android-based single codec video appliances for Google Meet. According to Poly, the Studio X lineup of video bars joins the company’s growing list of devices certified for Google Meet, Google Voice and ChromeOS. The Studio X30, […]

The Vice Society ransomware group targets the education sector due to its weaker security controls and likelihood to pay, Microsoft says.

October 25, 2022 Zachary Comeau Leave a Comment

Microsoft is sounding the alarm on Vice Society, a ransomware group that is heavily targeting the education sector and preying upon organizations that have weak security controls and a higher likelihood of compromise and ransom payout. The ransomware group was detailed in an advisory from the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the FBI […]