Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
VMware releases an urgent security patch for a flaw in its vCenter Server product and warned users to expect public exploit code within minutes of disclosure. [Read More]
Cisco Talos researchers say the backdoor is installed as a service and constantly contacts its command and control (C&C) to receive commands. [Read More]
Microsoft says it has been seeing various attempts to exploit the remote code execution vulnerability in the Open Management Infrastructure (OMI) framework. [Read More]
The iOS 15 makeover also includes patches for at least 22 documented security vulnerabilities, some serious enough to expose iPhone and iPad users to arbitrary code execution attacks. [Read More]
Limited in scope, the incidents abuse the Windows Subsystem for Linux (WSL) feature to cross the boundaries between operating systems and avoid detection. [Read More]
The Mirai botnet has started exploiting the OMIGOD vulnerability just as Microsoft released more guidance on protections. [Read More]
Endpoint security platform Kolide gets a fresh round of capital from venture capital investors. [Read More]
Google announced plans to support the Open Source Technology Improvement Fund in launching its Managed Audit Program to review critical open source projects. [Read More]
Microsoft has linked the recently patched MSHTML vulnerability (CVE-2021-40444) exploited via malicious Office documents to known ransomware operators. [Read More]
Linux and Windows variants of the payload carry remote access capabilities such as file manipulation and shell command execution. [Read More]
- 1 of 273
- ››
FEATURES, INSIGHTS // Malware
How can organizations fight ransomware? The best solution is always prevention. Here are three tactics toward that goal.
The fact that so many large and high-profile enterprises fall prey to ransomware attacks that in many cases does not pose any new technical challenge suggests that there are still many gaps that needs to be closed.
Threat hunting must be non-attributable, while maintaining a clear audit trail to satisfy legal and governance requirements.
Each side of the public-private collaboration has resources and capabilities that shore up the other and increase effectiveness in combatting cybercrime.
The ransomware threat could still become more pervasive over the next two to three years, not because ransomware is effective in and of itself but because of other players in the game continue to fan the flames.
2020 has taught us to revisit the practice of inspecting encrypted traffic. These are all standard security protocols to step up in light of what cybercriminals are doing now.
Playing whack-a-mole with malicious code infections, phishing sites, and compromised credentials won’t help an enterprise reduce losses due to fraud.
Ransomware is just one of many tactics, techniques, and procedures (TTPs) that threat actors are using to attack organizations by compromising remote user devices.
Intent-based segmentation, deception technology, and an integrated security fabric are essential tools in beating malware designed to avoid detection and analysis.
The origin story of Mimikatz — a post-exploitation module that has enabled criminals to steal millions of passwords around the world — reads like an over-the-top spy thriller.
- 1 of 14
- ››
Get the Daily Briefing
- SonicWall Patches Critical Vulnerability in SMA Appliances
- LG to Acquire Vehicle Cybersecurity Firm Cybellum
- CISA Opens IPv6 Guidance to Public Feedback
- Port of Houston Target of Suspected Nation-State Hack
- F5 to Acquire Threat Stack for $68 Million in Cash
- Working Securely From Anywhere With Zero Trust
- Apple Confirms New Zero-Day Attacks on Older iPhones
- Improving Security Posture to Lower Insurance Premiums
- Web Security Provider Jscrambler Raises $15 Million
- Report: Suspected Chinese Hack Targets Indian Media, Gov't
Copyright © 2021 Wired Business Media. All Rights Reserved. Privacy Policy