Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
A critical security flaw in HAProxy could lead to HTTP request smuggling attacks, allowing attackers to bypass security controls and access sensitive data without authorization. [Read More]
GitHub has published documentation on seven vulnerabilities in the Node.js packages and warned that exploitation could expose users to code execution attacks. [Read More]
The U.S. government's CISA and OMB are seeking the public’s opinion on draft zero trust strategic and technical documentation. [Read More]
Zoho confirms attacks against an authentication bypass vulnerability in its ADSelfService Plus product. [Read More]
Howard University closed its physical campus and canceled classes this week after experiencing a ransomware attack. [Read More]
The Android Security Bulletin for September 2021 includes patches for a total of 40 vulnerabilities, including seven that are rated critical. [Read More]
The agency's guidance is aimed at three main decision-maker groups and should help reduce overall risks associated with Managed Service Providers (MSPs). [Read More]
The high severity vulnerability could be exploited by malicious actors on the local network to execute code remotely when the user attempts to send an HTTP request. [Read More]
Jenkins confirms the recent Confluence CVE-2021-26084 exploit was used to compromise one of its servers to deploy a cryptocurrency miner. [Read More]
Microsoft’s embattled security response unit is scrambling to deal with another zero-day attack hitting users of its flagship Microsoft Office software suite. [Read More]
FEATURES, INSIGHTS // Endpoint Security
While working from home or even while at work for that matter, follow these steps to avoid behaviors that may let the bad guy in.
Architects and IT security teams are looking for technology evolutions to help them manage real problems in endpoint storage and messaging.
Devon Kerr explains what happened when a municipality inadvertently deployed a brand-new endpoint protection technology across a small part of their production network.
By implementing these measures organizations can limit their exposure to remote access-based cyber threats, while supporting agile business models such as remote work and outsourced IT.
Ninety percent of breaches may begin with an email, but today most of the action happens well after an inbound email has been scanned and delivered.
It is essential to understand exactly what is meant by machine learning so you can quickly differentiate between those solutions that actually provide the technology you need to stay ahead in the cyber war arms race, and those capitalizing on market hype.
With all of our collective focus on machine learning, we simply can’t overlook human learning’s critical role in guarding against attack and protecting the organization.
If a particular product blocks 99% of all threats, that probably means that product fails to detect the most dangerous threat: targeted attacks.
Jack Danahy, co-founder and CTO of Barkly, attempts to clarify what is and what is not machine learning in endpoint security
Endpoint protection will never be able to catch up with “known wolves,” but machine learning and artificial perception can change the rules of engagement with models of “known good.”
Get the Daily Briefing
- Apple Confirms New Zero-Day Attacks on Older iPhones
- Improving Security Posture to Lower Insurance Premiums
- Web Security Provider Jscrambler Raises $15 Million
- Report: Suspected Chinese Hack Targets Indian Media, Gov't
- Apple Deprecates Outdated TLS Protocols in iOS, macOS
- Third-Party Risk Management Firm Panorays Raises $42 Million
- Cisco Patches Critical Vulnerabilities in IOS XE Software
- VMware vCenter Servers in Hacker Crosshairs After Disclosure of New Flaw
- Attacks on Russian Government Orgs Exploit Recent Microsoft Office Zero-Day
- Facebook Ad Business Hit by New Apple Privacy Rules
Copyright © 2021 Wired Business Media. All Rights Reserved. Privacy Policy