Recent Windows updates break Microsoft Connected Cache delivery

April 5, 2024 at 06:33PM Microsoft has reported that recent Windows 10 updates are causing issues with Microsoft Connected Cache (MCC) node discovery on enterprise networks. This problem affects systems running Windows 10 21H2 and 22H2 configured to find MCC endpoints using DHCP Option 235. Microsoft is working on a solution, and temporary workarounds are … Read more

Is XDR Enough? The Hidden Gaps in Your Security Net

February 28, 2024 at 07:45AM Enterprise networks have evolved significantly, with data and applications now spanning a complex array of multi-cloud, on-premises, and legacy infrastructures. Traditional security tools struggle to provide complete visibility amidst this complexity. Extended detection and response (XDR) aims to address these challenges by offering consolidated visibility and advanced threat detection mechanisms, … Read more

Fostering Collaboration for Standardized Threat Investigation & Response

February 23, 2024 at 10:06AM Summary: The Open Cybersecurity Schema Framework (OCSF) aims to address data interoperability issues in security by providing a standard for collecting and managing security data across different tools. To achieve widespread adoption, industry collaboration, customer engagement, vendor cooperation, federal support, and promotion of enterprise use cases are essential. This initiative … Read more

New Wi-Fi Authentication Bypass Flaws Expose Home, Enterprise Networks

February 15, 2024 at 09:51AM New Wi-Fi authentication bypass vulnerabilities in open source software discovered by Mathy Vanhoef and Heloise Gollier pose threats to enterprise and home networks. The flaws affect Wpa_supplicant and Intel’s iNet Wireless Daemon (IWD) software. Exploitation could lead to traffic interception and unauthorized access to Wi-Fi networks. Vendors have been notified … Read more

MOVEit Hackers Pivot to SysAid Zero-Day in Ransomware Attacks

November 9, 2023 at 06:09PM A new zero-day exploit has been discovered that uses a vulnerability in on-premises deployments of SysAid IT Support software to deploy Clop ransomware. Microsoft has announced the flaw and SysAid has issued a patch. The threat actor behind the exploit is Lace Tempest, known for deploying Clop ransomware. Enterprise teams … Read more