Security Experts:

Virus & Threats
long dotted

NEWS & INDUSTRY UPDATES

The researchers reverse-engineered Apple’s BootROM and built a software toolkit to explore vulnerabilities in Apple’s systems-on-a-chip (SoC). [Read More]
Drupal developers inform users about patches for five moderately critical CSRF and access bypass vulnerabilities. [Read More]
Microsoft has linked the recently patched MSHTML vulnerability (CVE-2021-40444) exploited via malicious Office documents to known ransomware operators. [Read More]
Microsoft patched one critical and three high-severity issues that can allow attackers to execute code remotely as root or escalate privileges. [Read More]
The German software maker released a total of 17 new security notes along with updates for two other notes. [Read More]
September 2021 ICS Patch Tuesday - Siemens and Schneider Electric release 25 advisories to address a total of more than 40 vulnerabilities. [Read More]
Linux and Windows variants of the payload carry remote access capabilities such as file manipulation and shell command execution. [Read More]
The patch comes exactly one week after the Redmond, Wash. software giant acknowledged the CVE-2021-40444 security defect and confirmed the existence of in-the-wild exploitation via booby-trapped Microsoft Office documents. [Read More]
Apple rushed to patch a major security flaw which allows spyware to be downloaded on an iPhone or iPad without the owner even a button. But how do such "zero-click" attacks work, and can they be stopped? [Read More]
Security researchers worldwide are invited to hunt for vulnerabilities in the e-voting system as part of a bug bounty program on YesWeHack. [Read More]

FEATURES, INSIGHTS // Virus & Threats

rss icon

Marc Solomon's picture
Enterprises can't rely on Endpoint Protection Platforms (EPP) or Endpoint Detection and Response (EDR) tools to detect suspicious activity on a user’s system to quarantine the system or even to reimage.
Torsten George's picture
As it has become clear that remote/hybrid work is here to stay, IT security practitioners must figure out how to enable a secure and resilient anywhere workforce to minimize their future risk exposure.
Joshua Goldfarb's picture
The question of the importance of the state of a client device is a debate that has been around for a few years in the security field.
Marc Solomon's picture
Evolving our definition of detection to encompass greater breadth and depth of understanding through internal and external data aggregation, correlation and investigation, delivers the information we need to execute faster with confidence.
Keith Ibarguen's picture
Leveraging humans for detection makes it hard for the attackers to predict whether or not their malicious emails will be identified and using technology to automate response provides scale and speed in resolution.
Marc Solomon's picture
If you view XDR as a destination and not a solution, regardless of the path you take, you will need to understand the focus and core competencies of each vendor,
Marc Solomon's picture
Extended Detection and Response (XDR) is the latest buzz word in the security industry and, as with any new technology development, in the early days there is a lot of confusion.
Torsten George's picture
Self-healing cybersecurity systems represent a major security and IT productivity advancement, allowing organizations to streamline the management and protection of today’s highly distributed infrastructures.
Marie Hattar's picture
Security is never static, and networks will always be evolving, so make sure you’re continuously validating your security posture and ready for whatever comes next.
Idan Aharoni's picture
SPF, DMARC and DKIM are three email security methods that work together to prevent unauthorized third parties from sending emails on behalf of a domain.