Search Results: vulnerabilities

Supply Chain Attacks Jump 51% In Second Half of 2021

Malicious actors are increasingly attacking the software supply chain, leading to renewed calls for supplier transparency.

April 12, 2022 Zachary Comeau Leave a Comment

Recent IT supply chain attacks such as the SolarWinds compromise, ransomware campaign that leveraged the Kaseya VSA platform or mass exploitation of the Log4j vulnerabilities have renewed focus on such attacks, which NCC Group says increased by 51% in the last half of 2021. The consulting and managed services firm’s global survey of 1,400 cybersecurity […]

Black Hat Announces Keynote Speakers for Black Hat Asia 2022 Hybrid Event

April 11, 2022 TechDecisions Staff Leave a Comment

SAN FRANCISCO–(BUSINESS WIRE)–#BHASIA—Black Hat, the producer of the cybersecurity industry’s most established and in-depth security events, announces Samir Saran, President of the Observer Research Foundation, and George Do, Chief Information Security Officer at Gojek and GoTo Financial, as Keynote speakers for Black Hat Asia 2022 hybrid event. Registration is open for the hybrid event offering […]

Everything You Need To Know About Windows Autopatch

Windows Autopatch is a new upgrade tool coming for certain Windows versions designed to keep devices updated automatically.

April 8, 2022 Zachary Comeau Leave a Comment

One of Microsoft’s largest announcements about improvements to the Windows management experience for IT professionals last week was Windows Autopatch, a new feature of Windows Enterprise E3 designed to keep Windows and Office software on enrolled endpoints updated automatically. According to Microsoft, Patch Tuesdays — when the company releases monthly security patches the second Tuesday […]

SynSaber Co-Founder Ron Fabela to Participate in OT Edge Visibility Webinar

April 7, 2022 TechDecisions Staff Leave a Comment

Fabela Will Join Fellow Industry Veterans Mark Weatherford and Ali Golshan to Discuss Key Issues Facing Asset Owners in Critical Infrastructure CHANDLER, Ariz.–(BUSINESS WIRE)–SynSaber, an industrial asset and network monitoring company, announced today that CTO & co-founder Ron Fabela will be participating, along with industry veterans Mark Weatherford and Ali Golshan, in a webinar titled, […]

Report: Advanced Threats Detected Rise 33% in Q4

WatchGuard Technologies' Internet Security Report finds that attacks are increasing and a 2018 Office exploit is being exploited.

April 7, 2022 Zachary Comeau Leave a Comment

If the fourth quarter for 2021 is any indication, 2022 will be another year that cybersecurity and IT professionals would want to forget, as advanced network attacks increase by 33% in the fourth quarter, indicating a higher level of zero day threats than ever before, reports WatchGuard Technologies. In a new analysis of the fourth […]

FBI Takes Down Russian GRU Sandworm Botnet: What You Need To Know

The FBI obtained a court order to remove Russian botnet malware from firewall devices from thousands of victims. Here's what you need to know.

April 7, 2022 Zachary Comeau Leave a Comment

The FBI and a contingent of U.S. agencies and cybersecurity professionals have removed malware from vulnerable internet-connected firewall devices to remove the Russian-implanted botnet Sandworm and disable the command and control infrastructure on thousands of underlying victim devices. Via a court order, the FBI “copied and removed malware from vulnerable internet-connected firewall devices that Sandworm […]

What We Know So Far About Spring4Shell

A vulnerability in the widely used Spring Framework for Java is causing alarm in the IT community, but it's not Log4Shell just yet.

April 5, 2022 Zachary Comeau Leave a Comment

The information technology and cybersecurity communities are still assessing the impact of Spring4Shell, a remote code execution vulnerability recently disclosed in the Spring Framework for Java that could allow for remote code execution in vulnerable installations. While exploit attempts have not yet been widespread, there is a simmering concern that this bug could be nearly […]

Google: Government Employees Echo Concerns About Cyberattacks on Legacy Systems

Google Cloud survey suggests the government has an overreliance on legacy solutions despite a track record of cybersecurity vulns and poor user perception.

April 5, 2022 TD Staff Leave a Comment

Government workers are echoing concerns about cyberattacks and the government’s reliance on Microsoft and legacy productivity software, according to a new survey conducted by Public Opinion Strategies commissioned by Google Cloud. The survey polled 2,600 Americans workers, including 600 workers from the Washington, D.C. metro area, and 338 workers employed by federal, state or local […]

The Key Components of a Vulnerability Scanning & Management Program

Identifying security bugs and developing a robust vulnerability scanning and patching program should be a core duty of any IT team.

March 31, 2022 Zachary Comeau Leave a Comment

With thousands of new software vulnerabilities to protect against each year, it is critical that organizations develop a robust vulnerability management program that can quickly identify and remediate vulnerabilities in IT environments. Issues like Log4Shell, PrintNightmare, ProxyLogon and dozens of other critical vulnerabilities in widely used systems have kept IT departments up at night as […]

Buildings IOT Launches Ontology Alignment Project to Streamline the Normalization of Building Data

March 31, 2022 TechDecisions Staff Leave a Comment

Alignment model improves standardization in building data models and specifies relationships between equipment, enabling the delivery of building automation systems that are open and interoperable CONCORD, Calif.–(BUSINESS WIRE)–As building owners become increasingly interested in advanced tools to better manage their properties, Buildings IOT released the OAP (Ontology Alignment Project). This open-source ontology includes a data […]