Organizations should expect to see continued cyberattacks leveraging the Log4Shell vulnerability in 2023, cybersecurity company GreyNoise Intelligence says in a new report. The Washington, D.C.-based internet scanning traffic analysis firm’s recently released report, the 2022 Mass Exploitation Report, dives deep into the most significant threat detection events of the past year, including touching on CISA’s […]
2022 was a very busy year for IT professionals as they grappled with new trends, technologies, tools, workplace models, cyberattacks and more while they helped their organization remain productive and secure. We looked back at our coverage to find common trends in our content to bring you our top 10 stories from this past year. […]
Editor’s note: This article was originally published last year, but the main points are still relevant today as we head into another holiday break. Review these tips and recommendations to keep your organization safe and secure this year. With the holidays approaching, federal officials are again warning organizations of all sizes to be on the […]
New research from vulnerability management software company Tenable finds that nearly three-quarters of organizations remain vulnerable to the Log4Shell vulnerability as of Oct. 1, nearly a full calendar year after the critical bug in the widely used Java logging tool Log4j was discovered. When Log4Shell was discovered in December 2021, Tenable found that one in […]
OpenSSL has released fixes for high-severity vulnerabilities affecting versions 3.0.0 through 3.0.6 that can cause a denial of service or remote code execution and allow attackers to take control of an affected system. However, the bugs are not as severe as once feared. The OpenSSL project, the organization that maintains the general-purpose cryptography and secure […]
The critical vulnerability discovered late last year in the popular Java logger Log4j will be impacting IT environments for years due to the difficulty in finding and remediating vulnerable instances of the tool, according to a new report from the U.S. Department of Homeland Security’s Cyber Safety Review Board. The board—established in the wake of […]
More than six months after the Log4Shell vulnerability was discovered in the widely used Java logger Log4j, cybersecurity agencies are warning of the continued exploitation of the bug in unpatched VMWare Horizon and Unified Access Gateway servers. The U.S. Cybersecurity and Infrastructure Agency (CISA), along with the U.S. Coast Guard Cyber Command (CGCYBER), say malicious […]
In December 2021, the Apache Software Foundation disclosed that the popular Log4j framework contained a critical vulnerability that allowed remote code execution (RCE). It caused a security earthquake, keeping many CISOs up at night. The aftershocks are still felt. The vulnerability, known as Log4Shell, was extremely easy to exploit. Put simply, it allowed any malicious […]
Since the federal government mandate calling for the creation of a software bill of materials (SBOM) to avoid the next SolarWinds or Log4j exposures, software providers have been scrambling to figure out how to create SBOMs that are both effective and dynamic, given that software changes over time. Bills of material have long been standard […]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), along with a coalition of U.S. and foreign security and law enforcement agencies, have released a list of the 15 most exploited vulnerabilities from 2021, calling on both public and private organizations to ensure these critical security bugs are mitigated and systems patched. The list, published in a […]
FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets
View all Guides
Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.
Enter Today!