Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

The IPv6 guidance provides federal agencies with information on IPv6 and its security features, along with security considerations on the network protocol. [Read More]
Threat hunters at Kaspersky have spotted a well-known Chinese APT actor using an UEFI implant to maintain stealthy persistence across reboots, disk formatting or disk replacements. [Read More]
Microsoft says the new security mode in Edge browser can keep users safe from zero-day attacks. [Read More]
Google researcher documents a pair of Zoom security defects and chides the company for missing a decades-old anti-exploit mitigation. [Read More]
A vulnerability in Box's implementation of multi-factor authentication (MFA) allowed attackers to take over accounts without needing access to the target's phone. [Read More]
Security researchers document vulnerabilities in AWS CloudFormation and AWS Glue that could be abused to leak sensitive files and access other customer’s data. [Read More]
Federal Communications Commission (FCC) Chairwoman Jessica Rosenworcel proposes strengthening rules around telecom providers’ reporting of data breaches. [Read More]
Apple ships iOS fix for a persistent HomeKit denial-of-service flaw but only after an independent researcher publicly criticized the company for ignoring his discovery. [Read More]
Mozilla fixes multiple high-severity vulnerabilities with the release of Firefox 96, Firefox ESR 91.5, and Thunderbird 91.5. [Read More]
Microsoft’s first batch of patches for 2022 cover at least 97 security flaws, including a critical HTTP Protocol Stack bug described as “wormable.” [Read More]

FEATURES, INSIGHTS // Endpoint Security

rss icon

Marc Solomon's picture
If you are among the growing group of organizations looking to an MDR provider to supplement your security operations with XDR, make sure you consider these three factors.
Marc Solomon's picture
The goal of XDR is detection and response across the infrastructure, across all attack vectors, across different vendors, and across security technologies that are cloud based and on premises.
Laurence Pitt's picture
Cybersecurity Awareness Month is an excellent time to reflect on any changes made, and that might still need to be made since, as for many people hybrid has become the working ‘normal.’
Marc Solomon's picture
Enterprises can't rely on Endpoint Protection Platforms (EPP) or Endpoint Detection and Response (EDR) tools to detect suspicious activity on a user’s system to quarantine the system or even to reimage.
Torsten George's picture
As it has become clear that remote/hybrid work is here to stay, IT security practitioners must figure out how to enable a secure and resilient anywhere workforce to minimize their future risk exposure.
Joshua Goldfarb's picture
The question of the importance of the state of a client device is a debate that has been around for a few years in the security field.
Marc Solomon's picture
Evolving our definition of detection to encompass greater breadth and depth of understanding through internal and external data aggregation, correlation and investigation, delivers the information we need to execute faster with confidence.
Marc Solomon's picture
If you view XDR as a destination and not a solution, regardless of the path you take, you will need to understand the focus and core competencies of each vendor,
Marc Solomon's picture
Extended Detection and Response (XDR) is the latest buzz word in the security industry and, as with any new technology development, in the early days there is a lot of confusion.
Torsten George's picture
Self-healing cybersecurity systems represent a major security and IT productivity advancement, allowing organizations to streamline the management and protection of today’s highly distributed infrastructures.