Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
AutomationDirect has patched several high-severity vulnerabilities in its PLC and HMI products. [Read More]
The German Green party, which is part of the country’s governing coalition, says its IT system was hit by a cyberattack last month that affected email accounts belonging to Foreign Minister Annalena Baerbock and Economy Minister Robert Habeck. [Read More]
CyberArk shares details on a Windows Remote Desktop Services vulnerability that Microsoft had to patch twice. [Read More]
A critical vulnerability in the Ninja Forms plugin can be exploited to execute arbitrary code without authentication. [Read More]
Disguised as a cryptocurrency miner, Malibot focuses on stealing financial information, cryptocurrency wallets, and personally identifiable information (PII). [Read More]
Big-game malware hunters at Volexity call attention to a sophisticated Chinese APT caught recently exploiting a Sophos firewall zero-day to plant backdoors and launch man-in-the-middle attacks. [Read More]
Microsoft has dismissed reports about June 14 being the last Patch Tuesday, clarifying that the rollout of the Windows Autopatch service seems to be causing some confusion. [Read More]
Impacting both Email Security Appliance (ESA) and Secure Email and Web Manager, the bug could allow a remote attacker to bypass authentication and log in to the web interface of a vulnerable device. [Read More]
The modular surveillanceware is likely developed by Italian vendor RCS Lab, which operates in the same market as Pegasus developer NSO Group Technologies and FinFisher creator Gamma Group. [Read More]
Radian Capital leads a $15 million Series A investment in threat intelligence startup GreyNoise. [Read More]
FEATURES, INSIGHTS // Virus & Threats
Far too many engineers in the trenches don’t take the time to lift their heads to see context, so when good (and bad) things happen, this is a great management opportunity that you should take full advantage of.
Enterprises can't rely on Endpoint Protection Platforms (EPP) or Endpoint Detection and Response (EDR) tools to detect suspicious activity on a user’s system to quarantine the system or even to reimage.
As it has become clear that remote/hybrid work is here to stay, IT security practitioners must figure out how to enable a secure and resilient anywhere workforce to minimize their future risk exposure.
The question of the importance of the state of a client device is a debate that has been around for a few years in the security field.
Evolving our definition of detection to encompass greater breadth and depth of understanding through internal and external data aggregation, correlation and investigation, delivers the information we need to execute faster with confidence.
Leveraging humans for detection makes it hard for the attackers to predict whether or not their malicious emails will be identified and using technology to automate response provides scale and speed in resolution.
If you view XDR as a destination and not a solution, regardless of the path you take, you will need to understand the focus and core competencies of each vendor,
Extended Detection and Response (XDR) is the latest buzz word in the security industry and, as with any new technology development, in the early days there is a lot of confusion.
Self-healing cybersecurity systems represent a major security and IT productivity advancement, allowing organizations to streamline the management and protection of today’s highly distributed infrastructures.
Security is never static, and networks will always be evolving, so make sure you’re continuously validating your security posture and ready for whatever comes next.
Get the Daily Briefing
- Researchers: Oracle Took 6 Months to Patch 'Mega' Vulnerability Affecting Many Systems
- CrowdStrike: Ransomware Actor Caught Exploiting Mitel VOIP Zero-Day
- Black Basta Ransomware Becomes Major Threat in Two Months
- Hadrian Raises $11 Million for Offensive Security Platform
- Codesys Patches 11 Flaws Likely Affecting Controllers From Several ICS Vendors
- US Agencies Warn Organizations of Log4Shell Attacks Against VMware Products
- US, UK, New Zealand Issue PowerShell Security Guidance
- Apple, Android Phones Targeted by Italian Spyware: Google
- A Year After Death, McAfee's Corpse Still in Spanish Morgue
- Biden Signs Two Cybersecurity Bills Into Law
Copyright © 2022 Wired Business Media. All Rights Reserved. Privacy Policy