Advertisement

A user reviews data and statistical models. [analytics / analysis / tracking / monitoring / logging]

LiveAction adds new SOC-focused features to ThreatEye NDR platform

A SOC-specific user interface that supports analyst workflows and enhanced predicative threat intelligence capabilities are among the new features.


Digital bugs amid binary code. [security threats / malware / breach / hack / attack]

11 old software bugs that took way too long to squash

As these examples show, vulnerabilities can lurk within production code for years or decades—and attacks can come at any time.


backdoor / abstract security circuits, locks and data blocks

Cyberespionage group developed backdoors tailored for VMware ESXi hypervisors

A possibly new threat actor packaged and deployed backdoors as vSphere Installation Bundles, gaining remote code execution and persistence capabilities.


Advertisement

teamwork / developers / programmers / collaboration / conversation, discussion, gesturing

Enterprises embrace devsecops practices against supply chain attacks

Healthy developer-team culture and adherence to devsecops best practices to protect against supply chain attacks are surprisingly commonplace in today’s security environment, according to a report from Google and Chainguard


CSO Security Summit

Pullman on the Park, Melbourne

According to Security Priorities Research commissioned by CSO Australia, 90% of security leaders are currently falling short in addressing cyber risk. Some are doubling budgets, and others are outsourcing more security functions than ever before. Either way, a clear direction of travel is emerging with CISOs re-evaluating how they manage risk and secure data in the workforce. The CSO Security Summit 2022 will document the new strategies required to mitigate rising threat levels in a remote and hybrid enterprise, outlining emerging cyber challenges, and key areas of business focus in the months ahead.

cso security malware breach hack alert gettyimages 1144604134 by solarseven 2400x1600px

Malware builder uses fresh tactics to hit victims with Agent Tesla RAT

A new malware campaign uses the recently discovered Quantum Builder and sophisticated tactics to deliver malicious payload.


Security threat [illustration]  >  A hacker with black hat, mask, and crowbar breaks into a laptop.

Most hackers need 5 hours or less to break into enterprise environments

A new survey of 300 ethical hackers provides insight into not only the most common means of initial access but how a complete end-to-end attack happens.


eliminate insider threats 1

Recent cases highlight need for insider threat awareness and action

Insider threats can have a devastating impact even if the harm is unintentional. Here's advice to identify and mitigate insider threat risk.


international flags / global business discussion

22 notable government cybersecurity initiatives in 2022

Countries across the globe are taking on cybersecurity threats. Here are the most notable initiatives they've introduced in 2022.


post 3 image how hardened vms can help with cloud security 1

Cryptojacking, DDoS attacks increase in container-based cloud systems

Victims lose $53 for every $1 cryptojackers gain, according to a new report from Sysdig.


Advertisement

abstract collage of money with wall street finance

16 Wall Street firms fined $1.8B for using private text apps, lying about it

The banks and brokerages were fined because employees were messaging and texting with clients without recording the communications, as required. And some of the firms' execs lied about it and deleted messages.


Cyber warfare  >  Russian missile launcher / Russian flag / binary code

UK organizations, Ukraine's allies warned of potential "massive" cyberattacks by Russia

UK National Cyber Security Centre CEO Lindy Cameron reflects on Russia’s recent cyber activity as Ukraine warns its allies to prepare for cyberattacks targeting critical infrastructure.


hacker linkedin scam romance scam on social media phishing heart

How cybercriminals use public online and offline data to target employees

A LinkedIn post about getting a new job turned into a potential phishing scam. Similar incidents are more common than you might think.


windows 11 logo bloom

What are the new Windows 11 22H2 security features?

The September Windows 11 update add protections against malicious applications and drivers, phishing, credential misuse, and more.


security audit - risk assessment - network analysis

Zoho ManageEngine flaw is actively exploited, CISA warns

Threat actors are exploiting unpatched ManageEngine instances. CISA adds the vulnerability to its catalog and Zoho urges customers to check their deployments.