Security Experts:

Virus & Threats
long dotted

NEWS & INDUSTRY UPDATES

AutomationDirect has patched several high-severity vulnerabilities in its PLC and HMI products. [Read More]
The German Green party, which is part of the country’s governing coalition, says its IT system was hit by a cyberattack last month that affected email accounts belonging to Foreign Minister Annalena Baerbock and Economy Minister Robert Habeck. [Read More]
CyberArk shares details on a Windows Remote Desktop Services vulnerability that Microsoft had to patch twice. [Read More]
A critical vulnerability in the Ninja Forms plugin can be exploited to execute arbitrary code without authentication. [Read More]
Disguised as a cryptocurrency miner, Malibot focuses on stealing financial information, cryptocurrency wallets, and personally identifiable information (PII). [Read More]
Big-game malware hunters at Volexity call attention to a sophisticated Chinese APT caught recently exploiting a Sophos firewall zero-day to plant backdoors and launch man-in-the-middle attacks. [Read More]
Microsoft has dismissed reports about June 14 being the last Patch Tuesday, clarifying that the rollout of the Windows Autopatch service seems to be causing some confusion. [Read More]
Impacting both Email Security Appliance (ESA) and Secure Email and Web Manager, the bug could allow a remote attacker to bypass authentication and log in to the web interface of a vulnerable device. [Read More]
The modular surveillanceware is likely developed by Italian vendor RCS Lab, which operates in the same market as Pegasus developer NSO Group Technologies and FinFisher creator Gamma Group. [Read More]
Radian Capital leads a $15 million Series A investment in threat intelligence startup GreyNoise. [Read More]

FEATURES, INSIGHTS // Virus & Threats

rss icon

Keith Ibarguen's picture
Far too many engineers in the trenches don’t take the time to lift their heads to see context, so when good (and bad) things happen, this is a great management opportunity that you should take full advantage of.
Marc Solomon's picture
Enterprises can't rely on Endpoint Protection Platforms (EPP) or Endpoint Detection and Response (EDR) tools to detect suspicious activity on a user’s system to quarantine the system or even to reimage.
Torsten George's picture
As it has become clear that remote/hybrid work is here to stay, IT security practitioners must figure out how to enable a secure and resilient anywhere workforce to minimize their future risk exposure.
Joshua Goldfarb's picture
The question of the importance of the state of a client device is a debate that has been around for a few years in the security field.
Marc Solomon's picture
Evolving our definition of detection to encompass greater breadth and depth of understanding through internal and external data aggregation, correlation and investigation, delivers the information we need to execute faster with confidence.
Keith Ibarguen's picture
Leveraging humans for detection makes it hard for the attackers to predict whether or not their malicious emails will be identified and using technology to automate response provides scale and speed in resolution.
Marc Solomon's picture
If you view XDR as a destination and not a solution, regardless of the path you take, you will need to understand the focus and core competencies of each vendor,
Marc Solomon's picture
Extended Detection and Response (XDR) is the latest buzz word in the security industry and, as with any new technology development, in the early days there is a lot of confusion.
Torsten George's picture
Self-healing cybersecurity systems represent a major security and IT productivity advancement, allowing organizations to streamline the management and protection of today’s highly distributed infrastructures.
Marie Hattar's picture
Security is never static, and networks will always be evolving, so make sure you’re continuously validating your security posture and ready for whatever comes next.