Cybersecurity firm Fortinet is warning organizations of a critical vulnerability in its FortiGate SSL-VPN devices, continuing a string of recent exploitations of vulnerabilities in similar devices due to their internet-facing nature and access to a victim’s network. The vulnerability–tracked as CVE-2023-27997–is a heap-based overflow flaw that could allow a remote attacker to execute arbitrary code […]
Cybersecurity firms are reporting widespread exploitation of the MOVEit Transfer vulnerability across a wide range of organizations large and small, with some publicly confirming that known ransomware groups are leveraging the flaw. That includes Microsoft, which is attributing the attacks exploiting the bug, tracked as CVE-2023-34362, to a group it calls “Lace Tempest,” which is […]
Security vulnerability management software provider Tenable is launching an integration between its Tenable One Exposure Management Platform with its Security Center 6.1 solution, thus adding support for on-premises and hybrid deployments. According to the company, this integration is designed to streamline exposure management for hybrid vulnerability management deployments and can help on-premises organizations transition to […]
Microsoft is hoping to address the security issue of emails sent to Exchange online from unsupported and unpatched Exchange Servers by enabling a transport-based enforcement system in Exchange Online that will throttle and then block emails from an unsupported server. The end goal is to encourage Microsoft customers to stop using persistently vulnerable versions of […]
Ransomware, supply chain attacks and nation-state threat actors have grabbed mainstream headlines in recent years, and organizations are largely recognizing that they must invest more in cybersecurity to defend against those emerging techniques. However, new research shows that some organizations are prioritizing defending against those trending, newsworthy threats at the expense of the threats actually […]
IT administrators in Microsoft environments have about 100 patches to apply for the April 2023 Patch Tuesday release, including one in Windows Common Log File System Driver that is being actively exploited and another one from 2013 that is being reissued. The company released patches to fix 97 vulnerabilities in its products, which was in […]
The U.S. Cybersecurity and Infrastructure Security Agency has been keeping an updated list of Known Exploited Vulnerabilities (KEV) that currently includes more than 900 security bugs, with the goal of helping inform organizations about vulnerabilities that should be prioritized. Despite that awareness campaign and emphasis on vulnerabilities that have been exploited in the wild, new […]
Vulnerability management software provider Tenable is adding a new Cyber Insurance Report within its Tenable Vulnerability Management solution designed to summarize exposure information relevant to cyber insurance providers to help streamline the policy underwriting process for insurers and customers. According to Tenable, the Cyber Insurance Report will enable insurers, for the first time, to measure […]
Organizations should expect to see continued cyberattacks leveraging the Log4Shell vulnerability in 2023, cybersecurity company GreyNoise Intelligence says in a new report. The Washington, D.C.-based internet scanning traffic analysis firm’s recently released report, the 2022 Mass Exploitation Report, dives deep into the most significant threat detection events of the past year, including touching on CISA’s […]
Microsoft says it has uncovered a vulnerability in macOS that could allow attackers to bypass restrictions imposed by Apple’s Gatekeeper security mechanism, which is designed to ensure that only trusted apps run on the company’s devices. According to Microsoft’s Security Threat Intelligence team, the vulnerability, it calls Achilles, could allow attackers to bypass Gatekeeper and […]
FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets
View all Guides
Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.
Enter Today!