• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • COVID-19 Update
  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Subscribe
  • Project of the Week
  • Latest News
  • About Us
    SEARCH

Vulnerability

Daxin Malware

Spring4Shell Being Exploited To Spread Mirai Botnet

April 11, 2022 Zachary Comeau Leave a Comment

Security researchers with cybersecurity firms say hackers are actively exploiting the Spring4Shell vulnerability to deploy the Mirai botnet malware. In a research report detailing the exploits, Tokyo-based cybersecurity firm Trend Micro says it has observed the exploitation since the start of this month after the remote code execution bug (CVE-2022-22965) in the Spring Framework was […]

Read More

Spring4Shell

What We Know So Far About Spring4Shell

April 5, 2022 Zachary Comeau Leave a Comment

The information technology and cybersecurity communities are still assessing the impact of Spring4Shell, a remote code execution vulnerability recently disclosed in the Spring Framework for Java that could allow for remote code execution in vulnerable installations. While exploit attempts have not yet been widespread, there is a simmering concern that this bug could be nearly […]

Read More

Log4Shell, CVE-2021-44228

VMware Horizon Servers Still Under Log4Shell Attacks

March 29, 2022 Zachary Comeau Leave a Comment

Hackers are continuing to leverage the Log4Shell vulnerability to attack VMware Horizon servers and deploy cryptocurrency mining malware and backdoors, with a large wave of such attacks from mid-January still ongoing, according to cybersecurity firm Sophos. In a new report, Sophos says the attempts to leverage Horizon continued and grew in number throughout January and […]

Read More

Threat Detection Trends

Surfshark Releases Data Vulnerability Thermometer

February 11, 2022 Zachary Comeau Leave a Comment

VPN provider Surfshark has released what it calls the world’s first data vulnerability thermometer designed to inform users of their personal risk scores in data breaches. According to Surfshark, the company’s Data Vulnerability Thermometer combines open-sourced FBI information and research algorithms to give users their personal risk score, possible specific cybercrimes and prevention tactics on […]

Read More

Apple Patches

Apple: Apply These iPhone, iPad and Mac Patches Now

February 10, 2022 Zachary Comeau Leave a Comment

Organizations with iPhones, iPads in their IT environment should apply a new Apple security update that fixes a new zero day code execution vulnerability that has been exploited in the wild. In an advisory, Apple said the issue impacts a wide range of devices, including: iPhone 6s and later, iPad Pro (all models), iPad Air […]

Read More

XorDdos, Linux DDoS Trojan

Microsoft Temporarily Disables Exploited MSIX Protocol Handler

February 7, 2022 Zachary Comeau Leave a Comment

Microsoft says that it has disabled the MSIX ms-appinstaller protocol and is working on a fix after a security bug was discovered that allows an attacker to spoof App Installer. According to a Microsoft Tech Community blog, an attacker could spoof App Installer to install a package that a user did not intend to install. […]

Read More

MIcrosoft Okta Lapsus$

Patch Now: RCE Vulnerability Found in Samba

February 2, 2022 Zachary Comeau Leave a Comment

Researchers have discovered an Out-of-Bounds Heap Read/Write vulnerability in Samba that could allow unauthenticated remote attackers to execute arbitrary code on affected installations of the free software. The bug, tracked as CVE-2021-44142, was initially discovered at the Pwn2Own event in Austin, and researchers with Trend Micro’s Zero Day Initiative discovered additional variants of the bug […]

Read More

Log4Shell, CVE-2021-44228

Use These Free, Publicly Available Log4j Scanning Tools

December 29, 2021 Zachary Comeau Leave a Comment

Just in time for the holidays, the Log4j vulnerabilities sent IT and security teams into a panic earlier this month. The Apache Foundation has since fixed the bugs and issued patches, so the onus is now on software developers and administrators to patch software and apply the fixes. Since Log4j is a hugely popular Java […]

Read More

Log4j, Most Exploited Vulnerabilities

Which Products Are Impacted By the Log4j Vulnerability?

December 15, 2021 Zachary Comeau Leave a Comment

Multiple governments have released a long list of IT vendors and their products that are impacted by the Log4j vulnerability, including the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Dutch National Cyber Security Centrum (NCSC) The two agencies are maintaining running lists of vendors impacted by the vulnerability on their respective GitHub repositories, […]

Read More

December Microsoft Patches

Prioritize These December Microsoft Patches

December 14, 2021 Zachary Comeau Leave a Comment

As system administrators, cybersecurity experts and other IT professionals work around the clock to address the Log4j vulnerability, Microsoft, Google, Apple, Adobe released a slew of security patches this week that address significant software flaws. Microsoft and Adobe followed the typical patch Tuesday cycle, releasing a total of 78 patches across products from the two […]

Read More

  • Go to page 1
  • Go to page 2
  • Go to Next Page »

Primary Sidebar

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial Integrator Security Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Subscribe to the Newsletter
  • Contact Us
  • Media Solutions & Advertising
  • Comment Guidelines
  • RSS Feeds
  • Terms of Use
  • Privacy Policy
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!

© 2022 Emerald X, LLC. All rights reserved.