ITS Services

We partner with our customers and private sector companies to optimize the use of information technology resources for enhanced delivery of government services. ITS understands technology is the driving force behind your daily operations and we offer a full range of solutions designed to put technology to work for you.

CYBERSECURITY NEWS

News Briefs

The links below are news articles regarding state and local cybersecurity. These links ar​e provided for informational purposes only and as a service to our visitors. It is the responsibility of the visitor to evaluate the content and usefulness of information obtained from these external sites. Once a visitor leaves the Mississippi Department of ITS web site and links to an external site, our web site policies are no longer applicable and the visitor will be subject to the new site's policies. Any problems, concerns or issues with these external sites should be directed to the site administrator or webmaster of those sites.

September 2022
Article Date Article Title
09/16/2022 Hackers Targeting WebLogic Servers and Docker APIs for Mining Cryptocurrencies
09/16/2022 How to improve public sector's security strategy
09/16/2022 Business Application Compromise & the Evolving Art of Social Engineering
09/13/2022 Attackers Can Compromise Most Cloud Data in Just 3 Steps
09/09/2022 LockBit, ALPHV & Other Ransomware Gang Leak Sits Hit by DDoS Attacks
09/08/2022 Cybersecurity - the More Things Change, the More They Are The Same
09/08/2022 Vulnerability Exploits, Not Phishing, Are the Top Cyberattack Vector for Initial Compromise
09/06/2022 EvilProxy phishing-as-a-service with MFA bypass emerged on the dark web
August 2022
Article Date Article Title
08/26/2022 How complicated access management protocols have impacted cloud security
08/25/2022 We need to think about ransomware differently
08/25/2022 Fake Internet Download Manager Extension for Google Chrome has Over 200,000 Users
08/23/2022 Firewall bug Under Active Attack Triggers CISA Warning
08/22/2022 "As Nasty as Dirty Pipe" - 8 Year Old Linus Kernel Vulnerability Uncovered
08/20/2022 CISA Adds 7 New Actively Exploited Vulnerabilities to Catalog
08/19/2022 Exploiting stolen session cookies to bypass multi-factor authentication (MFA)
08/18/2022 IoT: The huge cybersecurity blind spot that's costing millions
08/18/2022 China's APT41 Embraces Baffling Approach for Dropping Cobalt Strike Payload
08/17/2022 'DarkTortilla' Malware Wraps in Sophistication for High-Volume RAT Infections
08/12/2022 Feds: Zeppelin Ransomware Resurfaces with New Compromise, Encryption Tactics
08/12/2022 25% of employees don't care enough about cybersecurity to report a security incident
08/12/2022 The impact of exploitable misconfigurations on network security
08/11/2022 Cisco Confirms Data Breach, Hacked Files Leaked
08/11/2022 Onyx Ransomware Overwrites Files Large than 2MB Instead of Encrypting Them
08/11/2022 Microsoft: We Don't Want to Zero-Day Our Customers
08/05/2022 Over 60% of Organizations Expose SSH to the Internet
08/05/2022 A Ransomware Explosion Fosters Thriving Dark Web Ecosystem
08/04/2022 Cyberattackers Increasingly Target Cloud IAM as a Weak Link
08/03/2022 How to minimize your exposure to supply chain attacks
08/03/2022 Phishers use custom phishing kit to hijack MFA - protected enterprise Microsoft accounts
08/01/2022 Securing Your Move to the Hybrid Cloud
July 2022
Article Date Article Title
07/29/2022 Security Teams Overwhelmed With Bugs, Bitten by Patch Prioritization 
07/29/2022 Why there is no quick fix for cyber attacks
07/28/2022 In a Post-Macro World, Container Files Emerge as Malware-Delivery Replacement
07/28/2022 Vulnerabilities are Beyond What You Think
07/21/2022 Hackers for Hire: Adversaries Employ 'Cyber Mercenaries'
07/15/2022 Outsourcing security is the only solution for many smaller teams
07/14/2022 Businesses are adding more endpoints, but can't manage them all
07/14/2022 Data Breaches Linked to Ransomware Declined in Q2 2022
07/14/2022 DHS Review Board Deems Log4j an 'Endemic' Cyber Threat
07/11/2022 New Phishing Attacks Shame, Scare Victims into Surrendering Twitter, Discord Credentials
07/08/2022 54% of SMBs do not implement MFA
07/08/2022 Why 80% of companies are looking to switch their managed service provider
07/07/2022 Stealthy Cyber-Campaign Ditches Cobalt Strike for Rival 'Brute Ratel' Pent Test Tool
07/06/2022 Cloud Misconfig Exposes 3TB of Sensitive Airport Data in Amazon S3 Bucket: 'Lives at Stake'
07/01/2022 The challenges and advantages of building behavior-based threat detection
June 2022
Article Date Article Title
06/30/2022 Evolving online habits have paved the way for fraud. What can we do about it?
06/30/2022 18 Zero-Days Exploited So Far in 2022
06/29/2022 Patchable and Preventable Security Issues Lead Causes of Q1 Attacks
06/28/2022 Top Six Security Bad Habits, and How to Break Them
06/24/2022 How companies are prioritizing infosec and compliance
06/23/2022 How APTs Are Achieving Persistence Through IoT, OT, and Network Devices
06/21/2022 Office 365 Config Loophole Opens OneDrive, SharePoint Data to Ransomware Attack
06/21/2022 Modern IT Security Teams' Inevitable Need for Advanced Vulnerability Management
06/13/2022 CISA Recommends Organizations Update to the Latest Version of Google Chrome
06/10/2022 Researchers unearth highly evasive "parasitic" Linux malware
06/10/2022 Potent Emotet Variant Spreads Via Stolen Email Credentials
06/09/2022 Why AIs Will Become Hackers
06/08/2022 Taming the Digital Asset Tsunami
06/03/2022 Why are many businesses still not using a password manager?
06/03/2022 49% of enterprises don't include business-critical systems in their cybersecurity monitoring 
06/02/2022 Intel Chipset Firmware Actively Targeted by Conti Group
06/02/2022 Cybercriminals Expand Attack Radius and Ransomware Pain Points
06/01/2022 12K Misconfigured Elasticsearch Buckets Ravaged by Extortionists
May 2022
Article Date Article Title
05/26/2022 Why are current cybersecurity incident response efforts failing?
05/25/2022 Elevation of Privilege is the #1 Microsoft vulnerability category
05/25/2022 Zoom Patches 'Zero-Click' RCE Bug
05/20/2022 Record level of bad bot traffic contributing to rise of online fraud
05/19/2022 Prioritize patching vulnerabilities associated with ransomware
05/19/2022 Phishing Attacks for Initial Access Surged 54% in Q1
05/18/2022 CISA to Federal Agencies: Patch VMware Products Now or Take Them Offline
05/16/2022 iPhones Open to Attack Even When Off, Researchers Say
05/13/2022 The SaaS-to-SaaS supply chain is a wild, wild mess
05/12/2022 You Can't Eliminate Cyberattacks, So Focus on Reducing the Blast Radius
05/12/2022 5 Years That Altered the Ransomware Landscape
05/11/2022 Top 6 Security Threats Targeting Remote Workers
05/11/2022 Researchers uncover URL spoofing flaws on Zoom, Box, Google Docs
05/06/2022 Nothing personal: Training employees to identify a spear phishing attack
05/06/2022 NIST updates guidance for cybersecurity supply chain risk management
05/05/2022 A Third of Americans Use Easy-to-Guess Pet Passwords
05/04/2022 What Star Wars Teaches Us About Threats
05/03/2022 How to Create a Cybersecurity Mentorship Program
05/02/2022 Bad Actors Are Maximizing Remote Everything
April 2022
Article Date Article Title
04/08/2022 Network intrusion detections skyrocketing
04/08/2022 The importance of understanding cloud native security risks
04/08/2022 April 2022 Patch Tuesday forecast: Spring is in the air (and vulnerable)
04/07/2022 SeeMetrics to Help CISOs Measure Security Success
04/06/2022 Nearly 40% of Macs Left Exposed to 2 Zero-Day Exploits
March 2022
Article Date Article Title
03/25/2022 How the cloud skills gap is hindering business development
03/24/2022 What's holding back zero trust implementation for device access?
03/24/2022 How will recent risk trends shape the future of GRC
03/24/2022 The biggest security threats to today's businesses
03/24/2022 Strengthening third-party vendor programs in times of crisis and beyond
03/24/2022 Ransomware Payments, Demands Rose Dramatically in 2021
03/18/2022 The problem with multiple cloud security tools: Alert fatigue and burnout
03/18/2022 Why EDR is not sufficient to protect your organization
03/17/2022 How to plan for increased security risks resulting from the Great Registration
03/17/2022 6 Reasons Not to Pay Ransomware Attackers
03/16/2022 Microsoft the No. 1 Most-Spoofed Brand in Phishing Attacks
03/11/2022 Organizations need to evolve their data management strategy
03/10/2022 Over 40% of Log4J Downloads Are Vulnerable Versions of the Software
03/09/2022 Russian APTs Furiously Phish Ukraine - Google
03/09/2022 Most ServiceNow Instances Misconfigured, Exposed
03/09/2022 APT41 Spies Broke Into 6 US State Networks via a Livestock App
03/07/2022 Every business is a cybersecurity business
03/07/2022 IT leaders confident in their ability to manage a ransomware attack: They should know better
03/04/2022 Most Cybersecurity Vendors at Risk Due to Internet-Exposed IT Assets
03/03/2022 Accelerated Ransomware Attacks Pressure Targeted Companies to Speed Response
03/03/2022 Phishing Campaign Targeted Those Aiding Ukraine Refugees
February 2022
Article Date Article Title
02/25/2022 Password Reset: Claiming Control of Credentials to Stop Attacks
02/25/2022 Cybercriminals seeking more than just ransomware payment
02/24/2022 Fears Rise of Potential Russian Cyberattaks on US, Allies Over Sanctions
02/24/2022 SaaS in the Enterprise: The Good, the Bad, and the Unknown
02/24/2022 Cyberattackers Leverage DocuSign to Steal Microsoft Outlook Logins
02/18/2022 Even when warned, businesses ignore critical vulnerabilities and hope for the best
02/17/2022 Microsoft Teams Targeted With Takeover Trojans
02/17/2022 Attackers Hone Their Playbooks, Become More Agile
02/16/2022 Supply chain shortages create a cybersecurity nightmare
02/16/2022 Russian Actors Targeting US Defense Contractors in Cyber Espionage Campaign, CISA Warns
02/14/2022 4 Golden Rules of Linux Security Webinar
02/14/2022 Password Reset: Claiming Control of Credentials to Stop Attacks Webinar
02/10/2022 Credential-Stuffing Attacks on Remote Windows Systems Took Off in 2021
02/09/2022 Linux Malware on the Rise
02/02/2022 Conti, DeadBolt Ransomwares Target Delta, QNAP
January 2022
Article Date Article Title
01/28/2022 Conti, DeadBolt Ransomwares Target Delta, QNAP
01/27/2022 With Cloud the Norm, Insiders Are Everywhere - and Pose Greater Risk
01/27/2022 Phishing Simulation Study Shows Why These Attacks Remain Pervasive
01/26/2022 New Year, New Threats: 4 Tips to Activate Your Best Cyber-Defense
01/25/2022 Strong security starts with the strengthening of the weakest link: passwords
01/20/2022 Microsoft: Attackers Tried to Login to SolarWinds Serv-U Via Log4j Bug
01/20/2022 Researchers Discover Dangerous Firmware-Level Rootkit
01/19/2022 Box 2FA Bypass Opens User Accounts to Attack
01/13/2022 New Vulnerabilities Highlight Risks of Trust in Public Cloud
01/13/2022 Phishers are targeting Office 365 users by exploiting Adobe Cloud
01/13/2022 New Vulnerabilities Highlight Risks of Trust in Public Cloud
01/13/2022 Microsoft RDP Bug Enables Data Theft, Smart-Card Hijacking
01/12/2022 Amazon, Azure Clouds Host RAT-ty Trio in Info Stealing Campaign
01/10/2022 The FTC Wants Companies to Find Log4j Fast. It Won't Be Easy
01/06/2022 Heap-overflow Vulnerability Affects Multiple VMware Products
December 2021
Article Date Article Title
12/17/2021 Why is a well thought-out approach to cloud migration imperative?
12/15/2021 Relentless Log4j Attacks Include State Actors, Possible Worm
12/13/2021 40% of Corporate Networks Targeted by Attackers Seeking to Exploit Log4j
12/14/2021 Enterprise email encryption without friction? Yes, it's possible
12/12/2021 How to Guard Against Smishing Attacks on Your Phone
12/10/2021 December 2021 Patch Tuesday forecast: How do you stack up? 
12/09/2021 One-Third of Phishing Pages Active Less Than a Day
12/09/2021 Organizations Losing Trust in Security Vendors Amid Rising Cyberattacks
12/09/2021 Emotet Is Back and More Dangerous Than Before
12/08/2021 AWS Among 12 Cloud Services Affected by Flaws in Eltima SDK
12/03/2021 Omicron Phishing Campaign Hits User Inboxes
12/02/2021 The importance of vulnerability management for your organization
12/02/2021 Key Characteristics of Malicious Domains: Report
12/01/2021 New Ransomware Variant Could Become Next Big Threat
November 2021
Article Date Article Title
11/19/2021 52% of SMBs have experienced a cyberattack in the last year
11/18/2021 The six most common threats against the device that knows you best
11/18/2021 Cyber complexity negatively impacts a company's ability to respond to threats
11/18/2021 Microsoft Exchange Server Flaws Now Exploited for BEC Attacks
11/18/2021 'PerSwaysion' Phishing Campaign Still Ongoing, and Pervasive
11/12/2021 Millions of Routers, IoT Devices at Risk from New Open-Source Malware
11/11/2021 Third-Party Software Risks Grow, but So Do Solutions
11/11/2021 Invest in These 3 Key Security Technologies to Fight Ransomware
11/11/2021 Tiny Font Size Fools Email Filters in BEC Phishing
11/04/2021 Password Reset: Claiming Control of Credentials to Stop Attacks
11/04/2021 Trojan Source - A new method Let Hackers inject vulnerabilities into the source code
11/04/2021 Critical Linus Kernel Bug Allows Remote Takeover
11/02/2021 The Increasing Need for Application Security During COVID-19

ALL NEWS