Security Experts:

WRITE FOR US

LATEST SECURITY NEWS HEADLINES

rss icon

Microsoft Open-Sources 'CyberBattleSim' Enterprise Environment Simulator
CISA Releases Tool to Detect Microsoft 365 Compromise
Security Automation Firm Tines Raises $26 Million at $300 Million Valuation
LG Promises Three Years of OS Updates for Premium Android Smartphones
Pwn2Own 2021 Participants Earn Over $1.2 Million for Their Exploits
long dotted

NEWS & INDUSTRY UPDATES

Threat Actors Quick to Target (Patched) SAP Vulnerabilities
A joint report from SAP and Onapsis warns that advanced threat actors are targeting new vulnerabilities in SAP applications within days after the availability of security patches. [Read More]
APT Group Using Voice Changing Software in Spear-Phishing Campaign
Researchers report that a subgroup of the Molerats APT is employing voice changing software in attacks targeting regional adversaries and political opponents. [Read More]
US DoD Launches Vuln Disclosure Program for Contractor Networks
In a new pilot program, the U.S. DoD invites the HackerOne community to remotely test the participating DoD contractors’ assets and report on any identified vulnerabilities. [Read More]
China-Linked 'Cycldek' Hackers Target Vietnamese Government, Military
Kaspersky researchers warn that China-linked APT group Cycldek using custom malware in a series of recent attacks targeting government and military entities in Vietnam. [Read More]
CISA, FBI Warn of Attacks Targeting Fortinet FortiOS
The U.S. government's Cybersecurity and Infrastructure Security Agency (CISA) warns that APT actors are exploiting Fortinet FortiOS vulnerabilities in attacks targeting commercial, government, and technology services networks. [Read More]
VMware Patches Critical Flaw in Carbon Black Cloud Workload
VMWare fixes a serious URL-handling vulnerability in the Carbon Black administrative interface and warns of authentication bypass and potential code execution risks. [Read More]
SecureDrop Workstation Gets Post-Audit Security Refresh
A third-party audit financed by the New York Times discovers a high-risk vulnerability but overall gives Securedrop Workstation a positive security bill of health. [Read More]
DHS Gives Federal Agencies 5 Days to Identify Vulnerable MS Exchange Servers
The U.S. Department of Homeland Security's CISA is directing federal agencies to scan their Microsoft Exchange environments for four weeks and report if they find any compromised servers. [Read More]
Unpatched RCE Flaws Affect Tens of Thousands of QNAP SOHO NAS Devices
Researchers warns that tens of thousands of QNAP SOHO NAS devices potentially impacted by unpatched remote code execution flaws. [Read More]
Kansas Man Charged with Tampering with Public Water System
The U.S. Department of Justice this week announced official charges against Wyatt A. Travnichek, a Kansas man accused of accessing and tampering with a public water system. [Read More]

FEATURES, INSIGHTS // Endpoint Security

rss icon

Torsten George's picture
The Often-Overlooked Element of a Hack: Endpoints
Torsten George - Endpoint Security
Understanding not just the tail end of the cyber-attack kill chain, but also focusing on initial attack vectors like endpoints provides a roadmap for aligning preventive measures with today’s threats.
Read full story
Tim Bandos's picture
COVID-19 Is Requiring Us to Implement Cyber Distancing (Part 2)
Tim Bandos - Endpoint Security
While working from home or even while at work for that matter, follow these steps to avoid behaviors that may let the bad guy in.
Read full story
David Holmes's picture
Endpoint Security Evolving Against Airport Searches, GDPR
David Holmes - Endpoint Security
Architects and IT security teams are looking for technology evolutions to help them manage real problems in endpoint storage and messaging.
Read full story
Devon Kerr's picture
Tales From the SOC: Municipal Edition
Devon Kerr - Endpoint Security
Devon Kerr explains what happened when a municipality inadvertently deployed a brand-new endpoint protection technology across a small part of their production network.
Read full story
Torsten George's picture
Remote Access: The Hidden Weak Spot for Cyberattacks
Torsten George - Endpoint Security
By implementing these measures organizations can limit their exposure to remote access-based cyber threats, while supporting agile business models such as remote work and outsourced IT.
Read full story
Siggi Stefnisson's picture
Cross-Vector Threats: The Web Begins Where Email Ends
Siggi Stefnisson - Endpoint Security
Ninety percent of breaches may begin with an email, but today most of the action happens well after an inbound email has been scanned and delivered.
Read full story
John Maddison's picture
Winning the Cyber Arms Race with Machine Learning
John Maddison - Endpoint Security
It is essential to understand exactly what is meant by machine learning so you can quickly differentiate between those solutions that actually provide the technology you need to stay ahead in the cyber war arms race, and those capitalizing on market hype.
Read full story
Jack Danahy's picture
Machine Learning & Security: Making Users Part of the Equation
Jack Danahy - Endpoint Security
With all of our collective focus on machine learning, we simply can’t overlook human learning’s critical role in guarding against attack and protecting the organization.
Read full story
Markus Jakobsson's picture
The Challenge of Training AI to Detect Unique Threats
Markus Jakobsson - Endpoint Security
If a particular product blocks 99% of all threats, that probably means that product fails to detect the most dangerous threat: targeted attacks.
Read full story
Jack Danahy's picture
Demystifying Machine Learning: Turning the Buzzword Into Benefits for Endpoint Security
Jack Danahy - Endpoint Security
Jack Danahy, co-founder and CTO of Barkly, attempts to clarify what is and what is not machine learning in endpoint security
Read full story