Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Security researchers at Proofpoint call attention to the discovery of a commercial red-teaming attack tool called Nighthawk, warning that the command-and-control framework is likely to be abused by threat actors. [Read More]
The cybersecurity powerhouse plans to spend $195 million in cash to acquire Israeli application security startup Cider Security. [Read More]
According to a joint CISA/FBI advisory, Iranian government-sponsored hackers hit at least one Federal Civilian Executive Branch (FCEB) organization with an exploit for a Log4j vulnerability in an unpatched VMware Horizon server. [Read More]
Investors pour $65 million into an early-stage Israeli startup building technology to help businesses manage secrets like credentials, certificates and keys. [Read More]
Bishop Fox has raised more than $154 million in lifetime funding to build and market technology for continuous attack surface management. [Read More]
VMware slapped a critical-severity rating on the bulletin and warned that three of the patched flaws are marked with a CVSS severity score of 9.8/10. [Read More]
Intel and AMD have patched many vulnerabilities in their products, including high-severity flaws, with their Patch Tuesday updates. [Read More]
For the second consecutive month, Microsoft rushed out patches to cover vulnerabilities that were already exploited as zero-day in the wild, including a pair of belated fixes for exploited Microsoft Exchange Server flaws. [Read More]
Redmond warns that China-based nation state threat actors are taking advantage of a one-year-old law to “stockpile” zero-days for use in sustained malware attacks. [Read More]
Managed detection and response provider Binary Defense Systems this week announced it has raised $36 million in its first funding round. [Read More]

FEATURES, INSIGHTS // Endpoint Security

rss icon

Gordon Lawson's picture
Why are zero day exploits so effective, and so highly prized by bad actors? The reason has to do with the way cyber security defenses work.
Torsten George's picture
Unfortunately, there is no such thing as 100 percent protection. Therefore, we cannot solely focus on “Left of Boom” processes, but also have to talk about the “Right of Boom”.
Marc Solomon's picture
Even though things have changed—from SOAR to XDR to CSMA—they have also stayed the same. These new categories are not solutions but really architectures.
Jeff Orloff's picture
Nothing can ever prepare an organization for every ransomware scenario. However, if you train for multiple situations, your team will be able to make decisions more quickly, and react appropriately when an unforeseen incident occurs.
Laurence Pitt's picture
Between the excitement and the comfort of working from home, it can be easy to overlook the risks associated with summer travel, but it’s important to remain careful and vigilant.
Torsten George's picture
When establishing visibility and security controls across endpoints, security practitioners need to understand that each endpoint bears some or all responsibility for its own security.
Torsten George's picture
Digital experience monitoring technology goes beyond the monitoring of resources and applications, allowing for automated remediation and uncompromised user productivity.
Marc Solomon's picture
XDR architecture must be broad and deep so that organizations can get the most value out of their existing best-of-breed security solutions, including their free, open-source tools.
Jeff Orloff's picture
Armed with the right cyber defense strategy, tools, and security controls, organizations can defend themselves against ransomware attacks.
Joshua Goldfarb's picture
The strategies used by attackers and fraudsters to profit from cryptocurrency are not new. Here are five steps end-users can take to protect themselves.