Security Experts:

Virus & Threats
long dotted

NEWS & INDUSTRY UPDATES

Threat actors could gain access to a user’s account by leveraging a new type of technique that involves pre-hijacking an account before it’s actually registered by the victim. [Read More]
Researchers have spotted fake PoC exploits that are likely meant to deliver malware to members of the cybersecurity community. [Read More]
The Conti ransomware operation has seen some significant organizational structure changes after the brand became toxic due to its affiliation with the Russian government. [Read More]
Over $1.15 million was awarded at Pwn2Own Vancouver 2022 for exploits targeting Tesla Model 3, Windows 11, Ubuntu, Microsoft Teams, Safari, Firefox and Oracle VirtualBox. [Read More]
Cisco has warned users that it’s aware of in-the-wild exploitation attempts targeting CVE-2022-20821, a new vulnerability affecting its IOS XR software. [Read More]
IBM analyzes 13 crypters employed by the cybercrime group operating TrickBot, Conti, and several other malware families. [Read More]
The attackers use sqlps.exe, a utility for running SQL-built cmdlets, to achieve fileless persistence on poorly secured SQL servers. [Read More]
A new software supply chain hack combines typosquatting and the impersonation of a known Rust developer to plant malware aimed directly at infecting GitLab Continuous Integration (CI) pipelines. [Read More]
CISA has issued a warning for recent and newly patched VMware vulnerabilities — the agency believes the new flaws will quickly be exploited by threat actors. [Read More]
Hackers earned $800,000 on the first day of Pwn2Own 2022, including $450,000 for three exploits targeting Microsoft Teams. [Read More]

FEATURES, INSIGHTS // Virus & Threats

rss icon

Keith Ibarguen's picture
As email security is an ever-changing landscape, focusing on the most relevant issues in the threat landscape is where organizations need to start.
William Lin's picture
Most organizations want to adopt DevSecOps practices, but their current practices are closer to traditional waterfall methodologies than the agile practices described in this DevSecOps manifesto.
Marc Solomon's picture
XDR architecture must be broad and deep so that organizations can get the most value out of their existing best-of-breed security solutions, including their free, open-source tools.
Jeff Orloff's picture
Armed with the right cyber defense strategy, tools, and security controls, organizations can defend themselves against ransomware attacks.
Joshua Goldfarb's picture
The strategies used by attackers and fraudsters to profit from cryptocurrency are not new. Here are five steps end-users can take to protect themselves.
Marc Solomon's picture
If you are among the growing group of organizations looking to an MDR provider to supplement your security operations with XDR, make sure you consider these three factors.
Keith Ibarguen's picture
Leverage the power of the collective - the network effect – for its ever-evolving intelligence wherever possible to keep your employees free of all the bad stuff that has made it to their inboxes.
Marc Solomon's picture
The goal of XDR is detection and response across the infrastructure, across all attack vectors, across different vendors, and across security technologies that are cloud based and on premises.
Laurence Pitt's picture
Cybersecurity Awareness Month is an excellent time to reflect on any changes made, and that might still need to be made since, as for many people hybrid has become the working ‘normal.’
Keith Ibarguen's picture
Far too many engineers in the trenches don’t take the time to lift their heads to see context, so when good (and bad) things happen, this is a great management opportunity that you should take full advantage of.