• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Subscribe
  • Project of the Week
  • About Us
    SEARCH

Vulnerability

Google, Gmail client-side encryption

Google: Update Chrome Now To Fix Zero Day Bug

September 6, 2022 Zachary Comeau Leave a Comment

Users of Google Chrome are again being urged to download a latest update to patch a high-severity security bug that is currently being exploited in the wild. The vulnerability, CVE-2022-3075, is described as an insufficient data validation flaw in Mojo, a collection of runtime libraries that Google says provides “a platform-agnostic abstraction of common IPC […]

Read More

Digital Workflow

How to Win at Cybersecurity: Become a “Sneaker” CISO

August 4, 2022 Tony Carothers Leave a Comment

To protect against cybercrime, every organization needs to build a culture of information security. To do that, infosec leaders need to become “sneaker CISOs.” There are three elements to security: Technology, people and processes. Sneaker CISOs are more focused on people and process than on technology. Too many security professionals today are so deep into […]

Read More

Log4j, Log4Shell, GreyNoise

Log4Shell Exploitation Continues, Agencies Warn

June 24, 2022 Zachary Comeau Leave a Comment

More than six months after the Log4Shell vulnerability was discovered in the widely used Java logger Log4j, cybersecurity agencies are warning of the continued exploitation of the bug in unpatched VMWare Horizon and Unified Access Gateway servers. The U.S. Cybersecurity and Infrastructure Agency (CISA), along with the U.S. Coast Guard Cyber Command (CGCYBER), say malicious […]

Read More

Atlassian Confluence,

Take Action Now: Critical Zero Day Discovered in Atlassian Confluence

June 6, 2022 Zachary Comeau Leave a Comment

Editor’s note: This post has been modified with an updated security advisory and mitigation tips from Atlassian following a critical vulnerability first reported on June 3, 2022.  Security researchers say a new critical zero-day vulnerability in all supported versions of Atlassian Confluence is being actively exploited to deploy webshells, and admins are being urged to […]

Read More

Microsoft ChatGPT

Microsoft, Researchers Warn Of New Office Security Bug Being Exploited

May 31, 2022 Zachary Comeau Leave a Comment

Microsoft is urging administrators to apply a workaround for a remote code execution vulnerability in Microsoft Support Diagnostic Tool (MSDT) that exists when the tool is called using the URL protocol from a calling application such as Microsoft Word. According to Microsoft, attackers who successfully exploit the bug, tracked as CVE-2022-30190, can run arbitrary code […]

Read More

Malware file types, HP Wolf security

Spring4Shell Being Exploited To Spread Mirai Botnet

April 11, 2022 Zachary Comeau Leave a Comment

Security researchers with cybersecurity firms say hackers are actively exploiting the Spring4Shell vulnerability to deploy the Mirai botnet malware. In a research report detailing the exploits, Tokyo-based cybersecurity firm Trend Micro says it has observed the exploitation since the start of this month after the remote code execution bug (CVE-2022-22965) in the Spring Framework was […]

Read More

OpenSSL

What We Know So Far About Spring4Shell

April 5, 2022 Zachary Comeau Leave a Comment

The information technology and cybersecurity communities are still assessing the impact of Spring4Shell, a remote code execution vulnerability recently disclosed in the Spring Framework for Java that could allow for remote code execution in vulnerable installations. While exploit attempts have not yet been widespread, there is a simmering concern that this bug could be nearly […]

Read More

Log4Shell, Log4j, CVE-2021-44228

VMware Horizon Servers Still Under Log4Shell Attacks

March 29, 2022 Zachary Comeau Leave a Comment

Hackers are continuing to leverage the Log4Shell vulnerability to attack VMware Horizon servers and deploy cryptocurrency mining malware and backdoors, with a large wave of such attacks from mid-January still ongoing, according to cybersecurity firm Sophos. In a new report, Sophos says the attempts to leverage Horizon continued and grew in number throughout January and […]

Read More

Threat Detection Trends

Surfshark Releases Data Vulnerability Thermometer

February 11, 2022 Zachary Comeau Leave a Comment

VPN provider Surfshark has released what it calls the world’s first data vulnerability thermometer designed to inform users of their personal risk scores in data breaches. According to Surfshark, the company’s Data Vulnerability Thermometer combines open-sourced FBI information and research algorithms to give users their personal risk score, possible specific cybercrimes and prevention tactics on […]

Read More

Microsoft Apple macOS bug

Apple: Apply These iPhone, iPad and Mac Patches Now

February 10, 2022 Zachary Comeau Leave a Comment

Organizations with iPhones, iPads in their IT environment should apply a new Apple security update that fixes a new zero day code execution vulnerability that has been exploited in the wild. In an advisory, Apple said the issue impacts a wide range of devices, including: iPhone 6s and later, iPad Pro (all models), iPad Air […]

Read More

  • Go to page 1
  • Go to page 2
  • Go to page 3
  • Go to Next Page »

Primary Sidebar

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial Integrator Security Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Subscribe to the Newsletter
  • Contact Us
  • Media Solutions & Advertising
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSTERMS OF USEPRIVACY POLICY

© 2023 Emerald X, LLC. All rights reserved.