On Tuesday, August 23, an advisory notification was released by VMware, the virtualization technology software firm, announcing a local privilege escalation vulnerability (CVE-2022-31676). Updates are available to remediate this vulnerability in affected VMware products.
Backing up your critical data should be a fundamental part of every data protection strategy. With ransomware breaches and recovery costs nearly doubling over the last year, at 66% up from 37% and $1.85M up from $760K respectively, organizations cited data backups as the #1 method used to restore compromised data.
For years now, multi-factor authentication (MFA) has been at the top of the cybersecurity best practices list. MFA has proven to curb data breaches due to compromised credentials (usernames and passwords), and according to Microsoft, 99.9% of cyber-attacks on company accounts are preventable with properly deployed MFA. This is a statistic no business leader can afford to ignore.
Several cybersecurity research groups have identified and studied the use of a Zero-Day vulnerability found in the Mitel VoIP MiConnect solution, CVE-2022-29499. The vulnerability exists due to improper input validation in the Mitel Service Appliance. A cyberattacker can send a specially crafted HTTP GET request to the application and execute arbitrary Operating System commands on the target system. Successful exploitation of this flaw may result in the complete compromise of the vulnerable system. This vulnerability has been successfully exploited by at least one ransomware group.
Since 2008, Verizon has released its annual Data Breach Investigations Report (DBIR). This is a data-driven report on threats your organization may encounter in regard to cybercrime. The threats identified are the most common tactics used against organizations that resulted in a data breach.
Have you decided to relocate some or all of your organization's infrastructure to a cloud services provider (CSP) such as Microsoft, Google, or Amazon? If so, the next step is to consider who will serve as your cloud migration partner. The right consultant can get you to the cloud securely and cost-effectively while enhancing performance. But ... not all cloud migration partners are created equal.
As many applications now live in the cloud, it’s easy to lose sight of basic network hygiene. One might assume that patching has become less critical now that more data lives in replicated cloud storage environments. You may also think that using the latest cloud security tools, like multi-factor authentication (MFA), is enough to keep you protected from increasing cyberattacks.
