Whitepapers | Cybersecurity News, Insights and Analysis

Beating Ransomware With Advanced Backup and Data Defense Technologies

LATEST SECURITY NEWS HEADLINES

Researchers: Oracle Took 6 Months to Patch 'Mega' Vulnerability Affecting Many Systems

CrowdStrike: Ransomware Actor Caught Exploiting Mitel VOIP Zero-Day

Black Basta Ransomware Becomes Major Threat in Two Months

Hadrian Raises $11 Million for Offensive Security Platform

Codesys Patches 11 Flaws Likely Affecting Controllers From Several ICS Vendors

NEWS & INDUSTRY UPDATES

Mandiant Attributes Ghostwriter APT Attacks to Belarus

Mandiant researchers says narratives used in the Ghostwriter information operations campaign are aligned with Belarusian government interests, suggesting at least partial involvement. [Read More]

GitHub Confirms Another Major NPM Security Defect

Microsoft-owned GitHub warns that a pair of newly discovered vulnerabilities continue to expose the soft underbelly of the open-source software supply chain. [Read More]

SolarWinds Outlines 'Triple Build' Software Development Model to Secure Supply Chain

SolarWinds describes a new triple build model designed to ensure that software builds can never again be compromised in the way that Nobelium injected the Sunburst malware into its Orion software. [Read More]

Mozilla Blocks Malicious Firefox Add-Ons Abusing Proxy API

Mozilla says it blocked a series of malicious Firefox add-ons that misused the proxy API that extensions use to proxy web requests. [Read More]

Endpoint Security Platform Kolide Banks $17 Million Investment

Endpoint security platform Kolide gets a fresh round of capital from venture capital investors. [Read More]

CISA, FBI Warn of Increase in Ransomware Attacks on Holidays

The two agencies warn of a noticeable increase in ransomware attacks on holidays and weekends, when offices are closed. [Read More]

New iOS Zero-Click Exploit Defeats Apple 'BlastDoor' Sandbox

The University of Toronto's Citizen Lab finds a new iOS zero-click exploit in an iPhone surveillance campaign targeting bloggers, activists and dissidents in Bahrain. [Read More]

Report: Iranian APT Hexane Targets Israeli Companies

A report from ClearSky documents a threat actor has been targeting multiple organizations in Israel using supply chain tools and impersonating known companies. [Read More]

Microsoft Confirms 'PrintNightmare' is New Windows Security Flaw

Microsoft confirms a new unpatched Windows Print Spooler security vulnerability is major code execution threat. [Read More]

Windows Admins Scrambling to Contain 'PrintNightmare' Flaw Exposure

Demo exploit code for a nasty Windows Print Spooler vulnerability is published online, prompting questions about the effectiveness of Microsoft's recent security update. [Read More]