Articles of interest from the week of December 13, 2021

Second Log4j Vulnerability (CVE-2021-45046) Discovered — New Patch Released

The Apache Software Foundation (ASF) has pushed out a new fix for the Log4j logging utility after the previous patch for the recently disclosed Log4Shell exploit was deemed

13 Dec 2021
Read More

Articles of interest from the week of November 29, 2021

MFA Lulls Businesses Into A False Sense Of Security

Despite the technology’s generally sound design and widespread takeup, however, ongoing reports of MFA hacks confirm that it is far from invulnerable — and that security executives mustn’t rest on

03 Dec 2021
Read More

Articles of interest from the week of November 15, 2021

FBI: FatPipe VPN Zero-Day Exploited by APT for 6 Months

A threat actor has been exploiting a zero-day vulnerability in FatPipe’s virtual private network (VPN) devices as a way to breach companies and gain access to their internal networks, since at

15 Nov 2021
Read More

Articles of interest from the week of November 1, 2021

‘Tis the Season for the Wayward Package Phish

The holiday shopping season always means big business for phishers, who tend to find increased success this time of year with a lure about a wayward package that needs redelivery. Here’s a look at a

05 Nov 2021
Read More

Articles of interest from the week of October 18, 2021

Attack Surface Larger Than Ever As Organizations Shift to Remote and Hybrid Work

With end-users working from anywhere – in some cases using personal devices to access cloud apps and corporate resources – the attack surface is larger than it has ever

18 Oct 2021
Read More

Articles of interest from the week of October 4, 2021

6 Minimum Security Practices To Implement Before Working on Best Practices

We all want to abide by security best practices, but who decides what is best? If something is best for one firm, it is best for all? Too often we do not take the time to

04 Oct 2021
Read More