Search Results: vulnerabilities

Curator Hotel & Resort Collection Selects LEFCON and VENZA as Preferred Partners to Provide PCI Compliance and Managed IT Services to Member Hotels

January 10, 2022 TechDecisions Staff Leave a Comment

BETHESDA, Md. & ATLANTA–(BUSINESS WIRE)–#CuratorHotelCollection—Curator Hotel & Resort Collection (“Curator”) announced that it selected LEFCON and VENZA as preferred partners to provide cybersecurity and IT services solutions to its portfolio of more than 80 independent hotels and resorts. In addition, VENZA has been named as the preferred partner for PCI compliance solutions. LEFCON and VENZA […]

Approov Named CyberSecured Award Winner for Best-In-Class Mobile API Threat Protection

January 6, 2022 TechDecisions Staff Leave a Comment

“Shield Right” Authenticates API Requests, Protecting Against, Bot-Driven Data Theft, Mobile Man in the Middle Attacks, and Other Automated Attacks and API Vulnerabilities. SAN JOSE, Calif. & EDINBURGH, Scotland–(BUSINESS WIRE)–#apisecurity—Approov, creators of advanced mobile threat protection solutions, today announced that it has been honored as winner of the 2021 CyberSecured Award for Best Mobile API […]

Log4j Exploits Stretch Into Second Month

Microsoft is urging organizations to continue their vigilance against the Log4j bugs as known threat actors adopt the exploits.

January 4, 2022 Zachary Comeau Leave a Comment

IT and security professionals should continue to be vigilant and look for signs of vulnerable versions of Log4j as exploitation attempts stretch into a second month, Microsoft warns. According to an update to a running Microsoft security blog on the issue, sophisticated threat actors like nation-state groups and others are rolling Log4J exploitations into its […]

Use These Free, Publicly Available Log4j Scanning Tools

Microsoft, CrowdStrike, CISA and other organizations have released open-sourced Log4j scanning tools to help you find Log4Shell vulnerabilities.

December 29, 2021 Zachary Comeau Leave a Comment

Just in time for the holidays, the Log4j vulnerabilities sent IT and security teams into a panic earlier this month. The Apache Foundation has since fixed the bugs and issued patches, so the onus is now on software developers and administrators to patch software and apply the fixes. Since Log4j is a hugely popular Java […]

Data Theorem Releases Critical Insight into Log4Shell Vulnerability to Assist Security Teams in Addressing the Exploit

December 23, 2021 TechDecisions Staff Leave a Comment

Data Theorem Analyzer Engine Discovers Unique Mutation of Log4Shell to Help Research Teams Detect APIs and Servers Vulnerable to Attack PALO ALTO, Calif.–(BUSINESS WIRE)–#AppSec–Data Theorem, Inc., a leading provider of modern application security, today announced it has uncovering specific scenarios that can help IT teams discover the Log4Shell vulnerability exploit and stop it from causing […]

Shared Assessments Releases Free Standardized Tool for Assessing Log4j Risks

December 22, 2021 TechDecisions Staff Leave a Comment

SANTA FE, N.M.–(BUSINESS WIRE)–#Log4j—The Shared Assessments Program, the member-driven leader in third party risk assurance, has released a free Standardized Assessment Tool for the Log4j risk. The tool incorporates a questionnaire that enables organizations to conduct urgently needed assessments of their third parties. Shared Assessments also advises organizations to share the tool with their vendors, […]

Report: Cybercriminals Can Penetrate 93% of Local Company Networks

Cybercriminals can break almost any corporate infrastructure 93% of the time, according to a report by Positive Technologies.

December 22, 2021 TD Staff Leave a Comment

Cybercriminals can break almost any corporate infrastructure 93% of the time and trigger 71% of dangerous outcomes deemed ‘unacceptable’ for businesses, according to a report by Positive Technologies. Based on data obtained during information security assessments for clients between the second half of 2020 through the first half of 2021, the report reveals an external […]

Why You Should Patch These Two New Active Directory Bugs

Microsoft is urging Active Directory administrators to apply November patches for a pair of tricky domain service privilege escalation bugs.

December 21, 2021 Zachary Comeau Leave a Comment

Microsoft is urging Active Directory administrators to apply November patches for a pair of tricky domain service privilege escalation vulnerabilities after a proof-of-concept tool leveraging them was publicly disclosed. According to the company, an attacker can combine the two bugs (CVE-2021-42287 and CVE-2021-42278) to “create a straightforward path to a Domain Admin user in an […]

C3.ai Digital Transformation Institute Announces Call for Proposals for AI to Transform Cybersecurity and Secure Critical Infrastructure

December 21, 2021 TechDecisions Staff Leave a Comment

BERKELEY, Calif. & URBANA, Ill.–(BUSINESS WIRE)–The C3.ai Digital Transformation Institute invites scholars, software developers, and researchers to advance the science of digital transformation with artificial intelligence (AI) designed to harden information security (Infosec) and secure critical infrastructure. “Cybersecurity is an existential issue,” said Thomas M. Siebel, Chairman and CEO of C3 AI, a leading enterprise […]

ContraForce Announces $2M Seed Investment from DataTribe

December 21, 2021 TechDecisions Staff Leave a Comment

Cyber Foundry Funds Start-Up With a New Approach to Security and Compliance FULTON, Md.–(BUSINESS WIRE)–DataTribe, a global cyber foundry that invests in and co-builds next-generation cybersecurity and data science companies, announced today a $2M seed investment in ContraForce, a leader in no-code security automation for small and medium-sized businesses. ContraForce delivers a no-code security automation […]