My TechDecisions

Search Results: vulnerabilities

Business email compromise

Business Email Compromise is on the Rise

Business email compromise attacks are increasing in sophistication, allowing attackers to quietly take over email accounts, Microsoft says.

May 22, 2023 Zachary Comeau Leave a Comment

Business email compromise has emerged as a critical threat as threat actors shift their tactics and increase the sophistication of attacks designed to takeover business emails, including leveraging residential IP addresses to hide the attacks, Microsoft says in a new Cyber Signals report. The report, the fourth such edition of Microsoft’s cybersecurity research report, finds […]

Read More
MOVEit, ransomware, CVE-2023-34362,

BianLian Ransomware Group Skips Encryption and Goes Straight to Exfiltration

The BianLian group is a ransomware actor that is targeting organizations with a data extortion model, bypassing traditional encryption.

May 17, 2023 Zachary Comeau Leave a Comment

Cybersecurity officials the, FBI, Microsoft and Sophos are warning organizations to limit their use of some legitimate tools as they are being leveraged by the BianLian group, a ransomware group that has targeted organizations with a data extortion model, bypassing the need to encrypt victims’ data. According to a joint advisory from CISA, its Australian […]

Read More
VMware EXSi security

CrowdStrike: VMware ESXi in the RaaS Crosshairs

Cybersecurity researchers are noting an uptick in Ransomware-as-a-Service groups targeting VMware ESXi vSphere hypervisors.

May 15, 2023 Zachary Comeau Leave a Comment

Cyberattacks are continuing to target VMware ESXi vSphere hypervisors, with cybersecurity firm CrowdStrike reporting today that ransomware-as-a-service (RaaS) platforms are increasingly being leveraged to deploy Linux versions of ransomware tools. According to the cybersecurity giant, these tools are specifically designed to affect VMware’s ESXi vSphere hypervisor. The company’s research into these kind of attacks date […]

Read More
Google Cybersecurity Certificate

Google Launches New Cybersecurity Certificate Program

The Cybersecurity Certificate is a new addition to the Google Career Certificate program designed to help job seekers upskill and transition to tech.

May 4, 2023 Zachary Comeau Leave a Comment

In a bid to help expand the cybersecurity workforce and fill the skills gap, Google is launching a new Cybersecurity Certificate as a new addition to the Google Career Certificate program designed to help job seekers transition to the technology industry. According to Google, the Cybersecurity Certificate is designed and taught by the company’s cybersecurity […]

Read More
Apple Rapid Security Response iOS

Why You Shouldn’t Ignore Apple’s iOS Rapid Security Response Update

Apple is urging all users of iOS devices to apply the iOS Rapid Security Response 16.4.1 (a) update to fix some undisclosed security issue.

May 2, 2023 Zachary Comeau Leave a Comment

IT administrators overseeing deployments of Apple devices should apply the iOS Rapid Security Response update–the company’s first such security-only fix–as we wait for more details on what exactly the update is fixing. Apple released the update Monday through its Rapid Security Response update program, urging all users of iOS devices to apply the iOS Security […]

Read More
Google, AI, Google Security AI Workbench

Google at RSA: AI, LLMs Meet Security with Security AI Workbench

Google is enhancing its security tools with Google Cloud Security AI Workbench, an extensible platform powered by a specialized security LLM.

April 27, 2023 Zachary Comeau Leave a Comment

Google is beefing up its security offerings by integrating new generative AI tools and large language models (LLMs) into its security product suite, including a new Google Cloud Security AI Workbench designed to address threat overload, tooling issues and talent shortages. According to the company, which announced the news during the annual RSA Conference, Google […]

Read More
Fortinet Vulnerability, Fortigate

Tenable Developing Four Generative AI Tools for Security Research

Tenable's generative AI-assisted tools help with reverse code engineering, debugging, web app security and visibility into cloud-based tools.

April 27, 2023 Zachary Comeau Leave a Comment

Tenable is developing four new tools designed to create efficiencies in processes such as reverse code engineering, code debugging, web app security and visibility into cloud-based tools. The Columbia, Md.-based vulnerability management software provider’s research team is conducting ongoing experimentation with generative AI applications such as ChatGPT, and researchers have made them publicly available to […]

Read More
Microsoft Defender for APIs

Microsoft Introduces Defender for APIs

Microsoft is rolling out a public preview of Defender for APIs, a new offering as part of the Defender for Cloud platform.

April 24, 2023 Zachary Comeau Leave a Comment

In response to the increasing usage of APIs by threat actors to breach data from cloud applications, Microsoft is rolling out a public preview of Defender for APIs, a new offering part of Microsoft’s Defender for Cloud platform. Through an integration of Defender for APIs with Azure API management, security teams can use the Defender […]

Read More
Google Chrome Security

Google Adds new DLP, Extension Security Features in Chrome

Google is adding enchanted DLP and extension protection in Google Chrome to help organizations protect their company and users.

April 24, 2023 Zachary Comeau Leave a Comment

Google is adding enchanted DLP and extension protection in Google Chrome to help organizations protect their company and users. The new security features are designed to better secure Chrome and help prevent data theft as organizations increasingly rely upon the web browser for work. According to Google, new data loss prevention (DLP) features are being […]

Read More