News
Cloud-native TACACS+ access solution launched by Portnox
New product aims to make network authentication, authorization, and accounting technology more attractive to mid-sized companies.
Nebulon bakes bare-metal Linux ransomware protection into the bootloader
The newest releases of Nebulon’s ImmutableBoot and TimeJump backup systems boast 'reboot-to-recover' functionality for Linux systems.
New peer-to-peer botnet Panchan hijacks Linux servers
The botnet built by the platform-independent worm malware currently enables cryptomining.
Ransomware attacks are increasing with more dangerous hybrids ahead
The re-emergence of REvil and anticipated convergence with business email compromise actors are among reasons why ransomware gangs are still dangerous.
![A hand controls a small marionette. [control / manipulation / social engineering]](https://images.idgesg.net/images/article/2020/09/hand_controls_small_marionette_puppet_control_manipulation_social_engineering_by_spiffyj_gettyimages-1182246224_2400x1600-100858607-small.3x2.jpg?auto=webp&quality=85,70)
Threat actors becoming more creative exploiting the human factor
Remote work, supply chains, commercial clouds offer threat actors opportunities to trick people into doing their bidding.
GitHub open sources Entitlements IAM sytem, built as a Git repository
The company behind one of the most important open source projects in the world is providing a new way to use its framework for IAM (identity and access management) this week.
Leading cybersecurity vendors join Mandiant's new Cyber Alliance Program
The alliance aims to develop integrated security systems and share threat intelligence, and lists partners including Google, Cloudflare, CrowdStrike, SentinelOne and Microsoft as founding members.
Snowflake offers cybersecurity data platform with security app integrations
Snowflake's cybersecurity workload integrates the company's data cloud, storage and query features with tools from cybersecurity vendors, for enhanced threat detection, investigation and alerts.
Hackers using stealthy Linux backdoor Symbiote to steal credentials
Symbiote is deployed as a shared object that can inject itself into existing processes, making it difficult to detect.
Software supply chain security fixes gain prominence at RSA
Attendees are urged to improve asset management, use SBOMs, and collaborate with government cybersecurity agencies to better ensure software integrity.
ConcealBrowse isolates malicious software before it can work its mischief
Agent-based solution screens code to prevent browser-borne attacks on the enterprise.
RSA: Intel reference design to accelerate SASE, other security tasks
Intel says its reference design will enable accelerator cards to offload security processing from server CPUs without requiring more rack space.
Virtru launches open-source project OpenTDF
The company hopes OpenTDF will establish a standard for safe, private data sharing.
Zero-day flaw in Atlassian Confluence exploited in the wild since May
Atlassian has issued emergency patches for the vulnerability, which could allow attackers to perform remote code execution.
Qualys upgrades vulnerability management solution
VMDR 2.0 offers better insight into risk posture, faster fix times for critical vulnerabilities.
Dragos launches info portal to fill security gaps in critical infrastructure
OT-CERT provides free resources to under-served ICS/OT community members and beefs up threat and vulnerability coordination.
![Tech Spotlight > Cloud [CSO] > Conceptual image of laptop users with cloud security overlay.](https://images.idgesg.net/images/idge/imported/imageapi/2022/05/16/16/spot_cloud_3x2_03_cso_laptop_users_with_ccloud_security_overlay__by_metamorworks_gettyimages-1132912672_b-100891925-small.3x2-100928038-small.3x2.jpg?auto=webp&quality=85,70)
RSA: Cisco launches SASE, offers roadmap for other cloud-based services
New Cisco services aim to simplify security operations with new as-a-service offerings.
SSO explained: Single sign-on definition, examples, and terminology
Single sign-on (SSO) is a user authentication service that allows a user to access multiple applications with one set of login credentials. Password fatigue, cloud sprawl and developer simplicity are pushing the rise of SSO.
Cybercriminals look to exploit Intel ME vulnerabilities for highly persistent implants
Leaked Conti information show the ransomware gang likely completed a proof of concept to exploit Intel ME and rewrite its firmware.
![A hand controls a small marionette. [control / manipulation / social engineering]](https://images.idgesg.net/images/article/2020/09/hand_controls_small_marionette_puppet_control_manipulation_social_engineering_by_spiffyj_gettyimages-1182246224_2400x1600-100858607-medium.3x2.jpg?auto=webp&quality=85,70)