June 27, 2024 at 03:18PM SecurityWeek Network provides cybersecurity news, webcasts, virtual events, and coverage of topics such as malware, cyberwarfare, data breaches, ransomware, and more. It also includes content on security operations, incident response, risk management, and industrial cybersecurity, as well as discussions on CISO strategy and cyber insurance. It seems that the provided … Read more
June 5, 2024 at 10:03AM The global work landscape has shifted due to the COVID-19 pandemic, leading to a rise in remote work. This brings benefits of flexibility and cost savings for employees and employers, but also poses security threats like phishing scams and ransomware. Establishing a robust remote-access policy and cybersecurity strategies is essential … Read more
May 29, 2024 at 10:56AM The BlackSuit ransomware gang, linked to the Royal gang, targets US-based companies in critical sectors with a focus on financial gain. Using advanced methods, the group’s attack tactics include lateral movement, Kerberoasting, FTP exfiltration, and ransomware deployment. Mitigation tactics involve network configuration management and strengthening password encryption to prevent such … Read more
May 29, 2024 at 08:12AM Cigent Technology introduces new endpoint data protection platform focusing on preventing ransomware by safeguarding customer data from encryption and exfiltration. The approach prioritizes data protection to prevent the need for response post-detection. The solution provides user-friendly, automatic encryption and MFA authentication, with flexibility in protecting files and integrating with existing … Read more
May 9, 2024 at 05:18AM The 2024 RSA Conference in San Francisco featured numerous product and service announcements. Highlights from the third day include AuditBoard’s InfoSec Solutions enhancements, Cado Security’s forensic investigations in distroless container environments, and CrowdStrike and NinjaOne’s partnership for endpoint protection. CyberSaint, Cyolo, ForAllSecure, Netcraft, OpenText, SentinelOne, and Skyhigh Security also introduced … Read more
April 16, 2024 at 05:04PM Kaspersky introduced its new flagship product line, Kaspersky Next, offering robust endpoint protection with EDR and XDR capabilities. The product is tailored to different business requirements and IT infrastructures. It provides advanced cybersecurity solutions, deployment flexibility, and automation features. The product comes in three tiers to meet varying security needs. … Read more
April 9, 2024 at 01:59PM The security profession uses preventive and detective controls to reduce risk. Preventive controls aim to lessen potential threats, while detective controls identify security issues post-incident. However, the prevalence of DDoS attacks underscores the need for more emphasis on preventive controls. Steps to enhance DDoS protection include vulnerability checks, staying nondisruptive, … Read more
March 22, 2024 at 07:27AM The ThreatLocker® Zero Trust Endpoint Protection Platform enforces a strict deny-by-default, allow-by-exception security posture to protect organizations from various cyber threats, promoting compliance with multiple frameworks. The platform offers free guidance on implementing compliance best practices, covering 24 technical controls across different compliance frameworks. Download the free guide for more … Read more
March 12, 2024 at 04:11PM Threat actors targeted Ivanti edge devices earlier this year. One-day exploit CVE-2024-21887 in Ivanti Connect Secure and Policy Secure gateways, rated 9.1/10, was quickly capitalized on by “Magnet Goblin.” Known for exploiting one-days in public-facing services, this group deploys malware capable of flying under the radar, emphasizing the need for … Read more
March 10, 2024 at 11:42AM Magnet Goblin, a financially motivated hacking group, exploits 1-day vulnerabilities to breach public-facing servers and deploy custom malware on Windows and Linux systems. They target devices and services like Ivanti Connect Secure, Apache ActiveMQ, ConnectWise ScreenConnect, Qlik Sense, and Magento. Check Point analysts emphasize the importance of timely patching and … Read more