Patch Log4j Now or Risk Major Fines
Your information security vigilance can never be allowed to flag. Recently, the Federal Trade Commission underscored the importance of that point about the newly discovered Log4 Shell vulnerability. Companies that fail to take preemptive action by installing a patch...
Growing Amount of Phishing Attacks During the Holiday Season
Along with the good cheer and gifts that are hallmarks of the holiday season comes a much less welcome phenomenon: phishing attacks. The vast majority, well over 90 percent, are conducted through a company’s email system. During that high-traffic time between...
TrustNet’s Response to Log4j Vulnerability CVE-2021-44228
On December 9, 2021, TrustNet security officials became aware of a vulnerability in the Log4j logging framework, CVE-2021-44228. Log4j is a frequently used open-source utility distributed under the Apache Software License used within Java applications to generate...
TSA Requires Rail and Airports to Strengthen Cybersecurity
Earlier this year, a ransomware attack on the Colonial pipeline severely interrupted the country’s fuel distribution system. In response, regulations were implemented in May that strengthened the cybersecurity infrastructure of the pipeline system. In light of this...
U.S. Gov Announces Support for ‘Paris Call’ Cybersecurity Effort
On November 10, 2021, U.S. Vice President Kamala Harris re-established the nation’s presence on the international stage by formally announcing the country’s support of the Paris Call for Trust and Security in Cyberspace. This initiative, first issued in...
Zoom Patches High-Risk Flaws in Meeting Connector, Keybase Client Video Messaging
The use of video conferencing applications skyrocketed throughout the pandemic of 2020 and 2021. Although vendors such as Zoom were lifesavers for businesses and their remote employees, their systems have proven to be vulnerable to attack by cybercriminals. Most...
House Passes Two Bills to Improve Small Business Cybersecurity
The U.S. Congress recently passed two bills aimed at bolstering data security measures for small businesses. These pieces of legislation would strengthen the Small Business Administration’s oversight, mitigate vulnerabilities and give entrepreneurs the tools to...
Basic Security Lapses Pave the Way for Ransomware Attacks in 2021
On the surface, ransomware attacks seem sophisticated and complex. Seemingly out of nowhere, criminals gain access to a company’s or institution’s data or systems, locking the rightful owners out unless and until they pay a hefty price. Due to their random...
Sun Tzu’s ‘The Art of War’ Applied to Cybersecurity
In roughly the 5th century BC, the Chinese strategist Sun Tzu wrote a treatise that has long been one of the most famous military classics in the entire world. Its themes have profoundly affected not only Asian warfare but also have expanded to influence legal...
Shades of SolarWinds Attack Malware Found in New ‘Tomiris’ Backdoor
Just when it seemed like the furor around the supply attack on SolarWinds by a Russian-affiliated threat actor, Dark Halo had died down, sobering new allegations came to the fore. Researchers at Kaspersky revealed that they believe there to be a new backdoor (named...