Security Experts:
LATEST SECURITY NEWS HEADLINES
NEWS & INDUSTRY UPDATES
Google has released Chrome 106 to the stable channel with patches for 20 vulnerabilities, including 16 externally reported bugs. [Read More]
SentinelLabs researchers are kick-starting a crowdsourced effort to understand a new mysterious APT hitting hitting telcos, ISPs and universities in the Middle East and Africa. [Read More]
Security researchers are warning of a new information stealer named Erbium being distributed as Malware-as-a-Service (MaaS). [Read More]
WhatsApp updates patch two critical and high-severity remote code execution vulnerabilities related to video calls and video files. [Read More]
The Ukrainian government is proactively warning that Russia is planning “massive cyberattacks” against critical infrastructure targets in the energy sector. [Read More]
American Airlines discovered it was breached after receiving reports of employee email accounts being used in phishing attacks. [Read More]
Hacktivists might not know a lot about ICS, but they’re well aware of the potential implications of hacking these devices, and some groups have been targeting ICS to draw attention to their cause. [Read More]
A new Sophos firewall zero-day vulnerability tracked as CVE-2022-3236 has been exploited in attacks aimed at organizations in South Asia. [Read More]
Endpoint security firm SentinelOne (NYSE: S) announced a $100 million venture fund that the company will use to invest other security startups. [Read More]
Microsoft has released an out-of-band security update for Endpoint Configuration Manager to patch a vulnerability that could be useful to malicious actors for moving around in a network. [Read More]
FEATURES, INSIGHTS // Virus & Threats
The strategies used by attackers and fraudsters to profit from cryptocurrency are not new. Here are five steps end-users can take to protect themselves.
If you are among the growing group of organizations looking to an MDR provider to supplement your security operations with XDR, make sure you consider these three factors.
Leverage the power of the collective - the network effect – for its ever-evolving intelligence wherever possible to keep your employees free of all the bad stuff that has made it to their inboxes.
The goal of XDR is detection and response across the infrastructure, across all attack vectors, across different vendors, and across security technologies that are cloud based and on premises.
Cybersecurity Awareness Month is an excellent time to reflect on any changes made, and that might still need to be made since, as for many people hybrid has become the working ‘normal.’
Far too many engineers in the trenches don’t take the time to lift their heads to see context, so when good (and bad) things happen, this is a great management opportunity that you should take full advantage of.
Enterprises can't rely on Endpoint Protection Platforms (EPP) or Endpoint Detection and Response (EDR) tools to detect suspicious activity on a user’s system to quarantine the system or even to reimage.
As it has become clear that remote/hybrid work is here to stay, IT security practitioners must figure out how to enable a secure and resilient anywhere workforce to minimize their future risk exposure.
The question of the importance of the state of a client device is a debate that has been around for a few years in the security field.
Evolving our definition of detection to encompass greater breadth and depth of understanding through internal and external data aggregation, correlation and investigation, delivers the information we need to execute faster with confidence.
Get the Daily Briefing
- Canon Medical Product Vulnerabilities Expose Patient Information
- What's Going on With Cybersecurity VC Investments?
- CISA Issues Guidance on Transitioning to TLP 2.0
- DoD Announces Final Results of 'Hack US' Bug Bounty Program
- Microsoft Confirms Exploitation of Two Exchange Server Zero-Days
- Chinese Cyberespionage Group 'Witchetty' Updates Toolset in Recent Attacks
- Cisco Patches High-Severity Vulnerabilities in Networking Software
- Microsoft Exchange Attacks: Zero-Day or New ProxyShell Exploit?
- NSA Cyber Specialist, Army Doctor Charged in US Spying Cases
- North Korean Gov Hackers Caught Rigging Legit Software
Copyright © 2022 Wired Business Media. All Rights Reserved. Privacy Policy