News, Trends, and Insights for IT & Managed Services Providers
News, Trends, and Insights for IT & Managed Services Providers
Business of Tech | Federal Agency Compromise: A Wake Up Call for Patching and Security Vigilance

What’s old is new again in our security focus today.

According to research by Veracode, nearly 4,000 businesses globally are still vulnerable to Log4j exploits, with 2.8% using versions with the original Log4Shell vulnerability and 3.8% running Log4j 2.17.0 that still contains a vulnerability allowing remote control exploits. The study also found that around 32% of applications were using Log4j2 1.2x, which no longer receives security updates. The research highlights the failure to regularly update Log4j versions and the prevalence of at-risk applications due to teams patching the initial vulnerability but not remaining vigilant.

An unidentified threat actor gained access to two public-facing Web servers at a US federal government agency by exploiting a previously patched vulnerability in Adobe ColdFusion. The intrusions were likely part of a reconnaissance attempt, with no evidence of data exfiltration or lateral movement. The vulnerability, CVE-2023-26360, enables remote code execution and affects multiple ColdFusion versions.  CISA stated that the hackers conducted a reconnaissance effort, and it is unclear if any data was exfiltrated. Microsoft Defender for Endpoint alerted the agency to the exploitation and quarantined the hackers’ activities. CISA ordered all federal agencies to patch the known vulnerability in Adobe ColdFusion.

According to a report by the Government Accountability Office (GAO), only three out of the 23 civilian Chief Financial Officer Act agencies have met the cyber event logging standards set by President Joe Biden’s cybersecurity executive order and an Office of Management and Budget memo. The Department of Agriculture, the National Science Foundation, and the Small Business Administration have reached advanced (tier 3) status for logging, while the remaining agencies still need to make progress.

WatchGuard Technologies has released its latest Internet Security Report, highlighting the increasing instances of remote access software abuse, the rise of cyber adversaries using password-stealers and info-stealers, and the pivot from script-based attacks to other living-off-the-land techniques. The report also reveals a surge in the Medusa ransomware variant and a decline in malware arriving over encrypted connections. Network attacks saw a 16% increase, with ProxyLogon being the top vulnerability targeted.

According to Cycode’s State of ASPM 2024 report, CISOs consider software supply chain security a bigger blind spot for application security than Gen AI or open source. The report highlights the challenges of managing AppSec attack surfaces, improving relationships between security and development teams, and consolidating AppSec tools into a single platform.

Why do we care?

The fact that many applications still use Log4j2 1.2x, which no longer receives security updates, raises concerns about legacy systems and their maintenance. This highlights the service offering for adopt a more proactive approach to software updates and vulnerability management, and should justify managed services.  Layer the ColdFusion example there too.  

Choose your upgrade:

Get the full benefits of Business of Tech Plus

Insider Access

$12/month

Perfect for MSPs and ITSPs that want full interviews, early access, and ad-free listening

  • Programmatic Ad-free private podcast feedSame show, little interruptions
  • Channel Chatter previews1–2 topics with light insights
  • Early access to interview episodesHear it days before public release
  • Monthly Insider BriefTighter analysis you can share internally
  • Extra audio segmentsCut interviews, behind-the-scenes commentary, quick competitive notes
  • Become an Insider for $12/month

    Leadership Access

    $149/month

    Perfect for MSPs and Vendors that run a team and need the extended tactics, executive summaries, and weekly alignment brief

  • All Insider Access benefits plus . . .
  • Invite your teamIncludes access for 5 team members with option to add more
  • Vendor Strategy BriefsThe entire library, plus new analysis every month
  • Channel ChatterAll topics, full insights, complete vendor discussion + sentiment list
  • Quarterly State of the Channel Briefing
  • Monthly AMA submission priorityAsk Dave direct questions, and skip the line
  • Get the Leadership Edge for $149/month

    Vendor Partner

    $500/month

    Perfect for channel companies or vendors looking to deepen their engagement with the show.

  • All Leadership Access benefits plus . . .
  • Get highlighted as a show sponsor You'll get placement in the show notes, throughout the website, and on our dedicated sponsors page.
  • Enjoy regular shout outs You'll be featured in a rotating format during the show
  • Become a show sponsor for $500/month

    Search all stories