United States, Australia, Canada, New Zealand and United Kingdom cybersecurity authorities, including the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS), New Zealand National Cyber Security Centre (NZ NCSC) and United Kingdom’s National Cyber Security Centre (NCSC-UK) issued a joint Cybersecurity Advisory yesterday detailing the most exploited technology vulnerabilities from 2021. The advisory provides details on the top 15 Common Vulnerabilities and Exposures (CVEs) routinely exploited by malicious cyber actors in 2021, as well as other CVEs frequently exploited.
U.S., Australian, Canadian, New Zealand, and UK cybersecurity authorities report that malicious cyber actors aggressively targeted newly disclosed critical software vulnerabilities against broad target sets, including public and private sector organizations worldwide in 2021. To a lesser extent, malicious cyber actors continued to exploit publicly known, dated software vulnerabilities across a broad spectrum of targets.
Important to note is that three of the top 15 routinely exploited vulnerabilities were also routinely exploited in 2020. As the agencies note, their continued exploitation indicates that many organizations fail to patch software in a timely manner and remain vulnerable to malicious cyber actors.
Read More
Topics:
cybersecurity,
Cybercrime,
Patching
Innovative Legal Technology News Just as legal professionals were becoming acclimated to the latest public health and economic upheavals, geopolitical tensions emerged to undermine any sense of stability. Proving once again our interdependence and vulnerability to seemingly far-off challenges, the U.S. government has issued repeated warnings over the past months that cybersecurity attacks against Western businesses and organizations could be part of any attack by Russia on Ukraine. Despite little evidence of any widespread success with such attacks against U.S.-based businesses so far, such warnings only further reiterate to legal professionals the necessity of carefully managing their cybersecurity. Read the rest of our advice for legal professionals as they confront continued uncertainty in the Association of Legal Administrators' Legal Management Extra. |
Read More
Topics:
iManage,
cybersecurity,
Newsletter
Apple has released two patches for two zero-day vulnerabilities affecting macOS and iOS. The vulnerabilities could allow threat actors to disrupt or access kernel activity and may be under active exploit.
Read More
Topics:
Alerts,
cybersecurity,
Apple
Law firms, accountancy firms and corporate law departments are bombarded from the outside and the inside by threats every day. Threat management has become a full-time task.
Read More
Topics:
iManage,
DMS,
cybersecurity
With more than two years of a pandemic behind us, many law firms – and many other businesses, for that matter – had expected to be back to the office more fully by now. The latest variant of COVID-19 changed those plans. Now, law firms are facing the fact that they must be prepared to be flexible for the foreseeable future. Indeed, the latest geopolitical disruptions in Eastern Europe demonstrate just how deeply uncertain our world remains. In the face of myriad challenges, how can law firm administrators and IT professionals remain nimble? Let's briefly look at key aspects of accessibility, hardware, software, and data security that will help law firms maintain continual operation in the new reality.
Read More
Topics:
Technology Consulting,
cybersecurity,
Cybercrime,
COVID-19,
Work from Home
Anatomy of a Cyberattack Read CTO Michael Paul's recent dissection of a phishing and ransomware attack in Cybersecurity Law & Strategy. Read now |
Holiday Hours Please note the following holiday hours we will be observing in December 2021: Innovative Computing Systems, Inc. will be closed: 🎇 Friday, December 31, 2021 However, our on-call support will still be available. Should you need support on the above days, please use our 24-hour phone number: 1-800-541-0450. Our support@innovativecomp.com mailbox is not monitored after hours or on holidays. |
Thank you, Cheri! Welcome, Mary! After over a decade with Innovative, Cheri Walker is leaving to enjoy retirement. We thank her for her work and will miss her. We welcome Mary Wands to the Innovative team as Logistics Specialist. Based in Phoenix, Mary has considerable business solutions experience, including project coordination for a managed services provider. Those of you familiar with Cheri will soon enjoy working with Mary. Welcome aboard, Mary! |
Innovative Insights From our blog: |
iManage: More Than Just Document Management Don't miss our latest series of blog posts by engineers Sharee Schuchardt and Elizabeth DeLuna on the many overlooked features of iManage. Read now |
⚠️ Cybersecurity Tip Keep current with the latest cybersecurity news and our most recent technical alerts to clients on our Technical Alerts page. |
Read More
Topics:
cybersecurity,
Articles,
Newsletter
Innovative Computing Systems is aware of the newly discovered critical zero-day vulnerability in Log4j. Log4j is an open-source software utilized by many software vendors. The impact is widespread but only specific software is vulnerable.
Read More
Topics:
Alerts,
cybersecurity
We've been asked to share our expertise and predictions by a number of different media outlets in the past month. Here are a few highlights:
Read More
Topics:
Technology Consulting,
cybersecurity,
Articles
New survey results from 500 IT leaders and 3,000 employees in the United States and United Kingdom reveal 94 percent of organizations have experienced insider data breaches in the last year. Further, almost three-quarters (74 percent) of organizations have been breached because of employees breaking security rules, and 73 percent have been the victim of phishing attacks. The vast majority (84 percent) were caused by human error.
Read More
Topics:
Training,
cybersecurity,
Hacking
Microsoft recently reported the Windows Print Spooler PrintNightmare vulnerability that enables attackers to take over affected servers via remote code execution with system privileges.
Read More
Topics:
Alerts,
cybersecurity,
Microsoft,
Information Security,
Patching
Updated with recording on 7 July 2021:
Join Innovative Computing Systems and cybersecurity partner Sophos for a free webinar to learn how Managed Threat Response enhances your firm's information security.
Read More
Topics:
Webinars,
cybersecurity,
Information Security,
Sophos MTR
Just about anywhere you look these days, there are articles about a company getting hacked or a breach gets reported. As you read through the news story, the author throws around terms and jargon that can get confusing. Let’s go through some of the common terms and how they interact.
Read More
Topics:
cybersecurity,
Information Security
You've heard patching your systems is important, but what does that really mean? In the following, Innovative RMM Administrator Tallon DeHart explains Microsoft's patching schedule and why your firm needs to regularly apply manufacturer updates.
Read More
Topics:
cybersecurity,
Infographic,
Cybersecurity Infographic,
Information Security,
Patching
Innovative Computing Systems has received notice of a vulnerability within specific versions of FortiGate Firewalls' firmware that is currently being exploited by malicious actors. It is recommended that any FortiGate on an affected firmware version be upgraded as soon as possible to mitigate potential risk.
In order to secure your firm’s network and patch this vulnerability, we recommend updating your FortiGate soon. As the update process will take about 30 minutes and require a loss of access to your FortiGate, you should plan to do so after your normal business hours.
If you require our assistance or would like our team to perform the firmware upgrade, please contact us at 1-800-541-0450 or sales@innovativecomp.com to coordinate a date and time to secure your firm's FortiGate against this vulnerability.
Read More
Topics:
Alerts,
cybersecurity,
Fortinet,
FortiGate
Comment on this post