Microsoft patches at least 73 documented security flaws in the Windows ecosystem and warned that unknown attackers are already launching zero-day man-in-the-middle attacks. [Read More]
Adobe ships patches for at least 18 serious security defects in multiple enterprise-facing products and warned that unpatched systems are at risk of remote code execution attacks [Read More]
By the end of 2023, GitHub will mandate that all code contributors secure their computers with at least one form of two-factor authentication (2FA) account protection. [Read More]
The U.S. government is barreling ahead with plans to mitigate future threats from quantum computing with a new White House memo directing federal agencies to jumpstart an all-hands-on-deck approach to migrating to quantum-resistant technologies. [Read More]
SentinelOne researchers discover two high-severity vulnerabilities in Avast and AVG antiviruses that put millions of devices at risk in the past decade. [Read More]
Threat hunters at Kaspersky find a malicious campaign that abuses Windows event logs to store fileless last stage Trojans and keep them hidden in the file system. [Read More]
Hubble Technology banks $9 million in venture capital funding to build an “agentless technology asset visibility” aimed at disrupting the asset management space. [Read More]
Mandiant warns that a new threat actor is using backdoors to remain undetected for "an order of magnitude longer than the average dwell time of 21 days in 2021." [Read More]
Traceable AI, a startup building technology to reduce attack surfaces in APIs, has banked a new $60 million funding round that values the company at $450 million. [Read More]
XDR architecture must be broad and deep so that organizations can get the most value out of their existing best-of-breed security solutions, including their free, open-source tools.
The strategies used by attackers and fraudsters to profit from cryptocurrency are not new. Here are five steps end-users can take to protect themselves.
If you are among the growing group of organizations looking to an MDR provider to supplement your security operations with XDR, make sure you consider these three factors.
The goal of XDR is detection and response across the infrastructure, across all attack vectors, across different vendors, and across security technologies that are cloud based and on premises.
Cybersecurity Awareness Month is an excellent time to reflect on any changes made, and that might still need to be made since, as for many people hybrid has become the working ‘normal.’
Enterprises can't rely on Endpoint Protection Platforms (EPP) or Endpoint Detection and Response (EDR) tools to detect suspicious activity on a user’s system to quarantine the system or even to reimage.
As it has become clear that remote/hybrid work is here to stay, IT security practitioners must figure out how to enable a secure and resilient anywhere workforce to minimize their future risk exposure.
Evolving our definition of detection to encompass greater breadth and depth of understanding through internal and external data aggregation, correlation and investigation, delivers the information we need to execute faster with confidence.