My TechDecisions

Search Results: vulnerabilities

Google, Bard

Google’s AI Bard Can Now Help Generate Code in 20 Languages

Bard can now help users with programming and software development tasks, including code generation, debugging and code explanation

April 21, 2023 Zachary Comeau Leave a Comment

As Microsoft continues to integrate its generative AI copilot powered by OpenAI’s GPT-4 throughout its product suite, including a coding assistant in GitHub, Google is also adding coding capabilities to its own generative AI chatbot Bard. According to Google, Bard can now help users with programming and software development tasks, including code generation, debugging and […]

Read More
Cycode Application Security Orchestration and Correlation (ASOC) dashboard

Cycode Launches Application Security Orchestration and Correlation

Cycode's latest ASOC solution helps security teams gain visibility into AppSec tools; streamline vulnerability testing and remediation.

April 21, 2023 Alyssa Borelli Leave a Comment

Cycode, the San Francisco-based software supply chain security solutions provider, is launching of Cycode Application Security Orchestration and Correlation (ASOC) to provide security teams consistent visibility into the various AppSec tools that are used in modern software delivery pipelines. According to the company, full visibility of all AppSec tooling allows for greater control over pipeline […]

Read More
Subdomain Hijacking, http domain concept background

One in Five DNS Records are Susceptible to Subdomain Hijacking

Subdomain hijacking is possible with insufficient cyber hygiene, says CSC; launches first subdomain monitoring solution.

April 18, 2023 TD Staff Leave a Comment

CSC, the enterprise domain name registrar and security threat intelligence providers’ latest report found that over 21% of DNS records point to content that does not resolve; thus, leaving many companies vulnerable to subdomain hijacking. Additionally, over 277,000 (63%) show error status codes such as “404 not found” or “502 bad gateway.” According to Wilmington, […]

Read More
Microsoft Exchange Throttling Blocking

What is Going on With Microsoft Exchange Server Throttling and Blocking?

Microsoft will begin throttling and blocking emails from unsupported, unpatched Exchange servers over the next two months. Here's why.

April 17, 2023 Zachary Comeau Leave a Comment

Microsoft is hoping to address the security issue of emails sent to Exchange online from unsupported and unpatched Exchange Servers by enabling a transport-based enforcement system in Exchange Online that will throttle and then block emails from an unsupported server. The end goal is to encourage Microsoft customers to stop using persistently vulnerable versions of […]

Read More
spear phishing, Phishing bait alert concept on a smartphone screen

Armorblox: BEC Attacks Increased by 72% YOY

BEC attacks surged 72% YoY with companies being targeted by language-based and socially engineered attacks across industries, finds Armorblox.

April 13, 2023 Alyssa Borelli Leave a Comment

Threat researchers at email security firm Armorblox have found that business email compromise (BEC) attacks have increased dramatically by 72% year-over-year. In its second, annual 2023 Email Security Threat Report, the company says it continues to see high volumes of language-based and socially engineered attacks targeting organizations of all sizes and across industries. Vendor compromise […]

Read More
CISA Software Security

Software Manufacturers Urged to Think Security Before Features, Speed to Market

CISA and other cybersecurity agencies are urging tech companies to think more about security of their products.

April 13, 2023 Zachary Comeau Leave a Comment

The U.S. Cybersecurity and Infrastructure Security Agency along with its counterpart agencies from several different countries have published a new guide urging software manufacturers to take steps to ship products that are built with security from the ground up. The guidance, “Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Security-by-Design and -Default, comes […]

Read More
Cybersecurity testing, penetration testing, cyber threats

Is Your Organization Testing Against the Right Cyber Threats?

New research shows that organizations are testing against cyber threats in the headlines rather than attacks they're more likely to face.

April 12, 2023 Zachary Comeau Leave a Comment

Ransomware, supply chain attacks and nation-state threat actors have grabbed mainstream headlines in recent years, and organizations are largely recognizing that they must invest more in cybersecurity to defend against those emerging techniques. However, new research shows that some organizations are prioritizing defending against those trending, newsworthy threats at the expense of the threats actually […]

Read More
June 2023 Patch Tuesday. Patch Tuesday,

April 2023 Patch Tuesday: CLFS Under Active Attack Again; 10-Year-Old Bug Reissued

IT administrators have a busy month with Microsoft alone releasing patches for 100 vulnerabilities, including one under active attack.

April 11, 2023 Zachary Comeau Leave a Comment

IT administrators in Microsoft environments have about 100 patches to apply for the April 2023 Patch Tuesday release, including one in Windows Common Log File System Driver that is being actively exploited and another one from 2013 that is being reissued. The company released patches to fix 97 vulnerabilities in its products, which was in […]

Read More
Security Operations

More than 9 in 10 Organizations Find Security Operations Difficult

Despite 94% of organizations seeing at least one attack in 2022, 93% aren't keeping up with essential security operations, Sophos report finds.

April 10, 2023 Zachary Comeau Leave a Comment

New research from cybersecurity firm Sophos finds that the vast majority of organizations find executing essential security operation tasks challenging, which makes incident response and remediation difficult in the face of an onslaught of attacks. According to the company’s report, “The State of Cybersecurity 2023: The Business Impact of Adversaries,” 94% of global organizations reported […]

Read More