Researchers Warn of New Log4Shell-Like Java Vulnerability
Security experts are driving our attention to the Log4Shell vulnerability in Java again. It has been around for several months. Although this new vulnerability known as CVE-2021-42392 has not yet been published in the National Vulnerability Database (NVD), experts are...
Google Docs Comments Exploit Allows for Distribution of Phishing and Malware
From students to corporate executives, workgroups of all types benefit from both Google Docs and the larger Google Workspace platforms. Due to the preponderance of remote work during the pandemic, groups have remained productive thanks to the productivity these...
Patch Log4j Now or Risk Major Fines
Your information security vigilance can never be allowed to flag. Recently, the Federal Trade Commission underscored the importance of that point about the newly discovered Log4 Shell vulnerability. Companies that fail to take preemptive action by installing a patch...
SOC 2 Cost In 2023
With cybersecurity concerns at an all-time high, organizations cannot afford to downsize or procrastinate when it comes to protecting your and your customer's systems and data. Combine these realities with an increase in the use of employee personal devices and remote...
Growing Amount of Phishing Attacks During the Holiday Season
Along with the good cheer and gifts that are hallmarks of the holiday season comes a much less welcome phenomenon: phishing attacks. The vast majority, well over 90 percent, are conducted through a company’s email system. During that high-traffic time between...
TrustNet’s Response to Log4j Vulnerability CVE-2021-44228
On December 9, 2021, TrustNet security officials became aware of a vulnerability in the Log4j logging framework, CVE-2021-44228. Log4j is a frequently used open-source utility distributed under the Apache Software License used within Java applications to generate...
TSA Requires Rail and Airports to Strengthen Cybersecurity
Earlier this year, a ransomware attack on the Colonial pipeline severely interrupted the country’s fuel distribution system. In response, regulations were implemented in May that strengthened the cybersecurity infrastructure of the pipeline system. In light of this...
U.S. Gov Announces Support for ‘Paris Call’ Cybersecurity Effort
On November 10, 2021, U.S. Vice President Kamala Harris re-established the nation's presence on the international stage by formally announcing the country's support of the Paris Call for Trust and Security in Cyberspace. This initiative, first issued in 2018, is a...
Zoom Patches High-Risk Flaws in Meeting Connector, Keybase Client Video Messaging
The use of video conferencing applications skyrocketed throughout the pandemic of 2020 and 2021. Although vendors such as Zoom were lifesavers for businesses and their remote employees, their systems have proven to be vulnerable to attack by cybercriminals. Most...
House Passes Two Bills to Improve Small Business Cybersecurity
The U.S. Congress recently passed two bills aimed at bolstering data security measures for small businesses. These pieces of legislation would strengthen the Small Business Administration's oversight, mitigate vulnerabilities and give entrepreneurs the tools to manage...