Security Experts:

Virus & Threats
long dotted

NEWS & INDUSTRY UPDATES

In this Q&A from the SecurityWeek CISO Forum, venture capital investors discuss the state of cybersecurity investments, business strategies in a confusing economic climate, predictions on hot and not-so-hot product categories, and what happens with all those cybersecurity unicorns. [Read More]
A total of 267 ethical hackers participated in the HackerOne-hosted challenge, including 139 new to the DoD VDP. [Read More]
Microsoft has confirmed that it’s aware of two Exchange Server zero-day vulnerabilities being exploited in targeted attacks. [Read More]
Part of the Cicada group, Witchetty has been observed progressively updating its toolset in recent attacks against Middle Eastern and African targets. [Read More]
Cisco has announced patches for 12 vulnerabilities in its IOS and IOS XE software, including 10 rated ‘high severity’. [Read More]
Researchers report seeing new Microsoft Exchange zero-day being exploited in the wild, but it may just be a variation of the old ProxyShell exploit. [Read More]
Microsoft intercepts a Lazarus sub-group rigging popular open source software utilities to plant dangerous malware implants. [Read More]
The funding frenzy in the software supply chain space now includes Ox Security, an Israeli startup that just raised a whopping $34 million in seed funding. [Read More]
Schneider Electric has released patches for its EcoStruxure platform and Modicon PLCs to address a critical vulnerability that was disclosed more than a year ago. [Read More]
Updates announced for Drupal core address a severe vulnerability in Twig that could lead to the leakage of sensitive information. [Read More]

FEATURES, INSIGHTS // Virus & Threats

rss icon

Torsten George's picture
Unfortunately, there is no such thing as 100 percent protection. Therefore, we cannot solely focus on “Left of Boom” processes, but also have to talk about the “Right of Boom”.
Marc Solomon's picture
Even though things have changed—from SOAR to XDR to CSMA—they have also stayed the same. These new categories are not solutions but really architectures.
Jeff Orloff's picture
Nothing can ever prepare an organization for every ransomware scenario. However, if you train for multiple situations, your team will be able to make decisions more quickly, and react appropriately when an unforeseen incident occurs.
Laurence Pitt's picture
Between the excitement and the comfort of working from home, it can be easy to overlook the risks associated with summer travel, but it’s important to remain careful and vigilant.
Torsten George's picture
When establishing visibility and security controls across endpoints, security practitioners need to understand that each endpoint bears some or all responsibility for its own security.
Torsten George's picture
Digital experience monitoring technology goes beyond the monitoring of resources and applications, allowing for automated remediation and uncompromised user productivity.
Keith Ibarguen's picture
As email security is an ever-changing landscape, focusing on the most relevant issues in the threat landscape is where organizations need to start.
William Lin's picture
Most organizations want to adopt DevSecOps practices, but their current practices are closer to traditional waterfall methodologies than the agile practices described in this DevSecOps manifesto.
Marc Solomon's picture
XDR architecture must be broad and deep so that organizations can get the most value out of their existing best-of-breed security solutions, including their free, open-source tools.
Jeff Orloff's picture
Armed with the right cyber defense strategy, tools, and security controls, organizations can defend themselves against ransomware attacks.