CISA has temporarily removed the Windows vulnerability known as PetitPotam from its Must-Patch list after learning from Microsoft that a recent patch can cause authentication failures. [Read More]
Texas startup Balkan ID banks $5.75 million in seed funding to help organizations find and remediate risky privileges across SaaS and public cloud infrastructure. [Read More]
Microsoft patches at least 73 documented security flaws in the Windows ecosystem and warned that unknown attackers are already launching zero-day man-in-the-middle attacks. [Read More]
Microsoft launched new managed services styled as a combination of technologies, threat intelligence and skilled personnel to help businesses hunt for signs of compromise or outsource the handling of detection and response incidents. [Read More]
By the end of 2023, GitHub will mandate that all code contributors secure their computers with at least one form of two-factor authentication (2FA) account protection. [Read More]
Organizations need to look beyond preventive measures when it comes to dealing with today’s ransomware threats and invest in ransomware response, which improves their ability to prepare and quickly recover endpoints from ransomware attacks.
Many think open source intelligence is just another name for better googling. They are wrong. Good open source and threat intelligence are derived from three core capabilities.
Vendor agnostic technology, married with actionable, globally-sourced, and continually evolving intelligence, augmented by humans, is needed to defend our enterprises.
There are areas where governments can learn from the private sector and vice-versa, which will help both sides adapt more quickly and effectively to a continuously evolving threat environment.
Schools should take measures to identify and secure sensitive data, keep devices up-to-date, and ensure that their endpoint security controls are working.
The rise of social engineering tactics as well as risks associated with embedded vulnerabilities in contractor networks makes keeping this technology confidential and out of the hands of adversaries increasingly difficult.
Cyber resiliency measures (i.e., architectural design, technologies, operational practices) assume that today’s threat actors can achieve a foothold in an organization’s infrastructure and in turn post-exploit activities must be contained and eliminated.