January 5, 2024 at 03:27AM Ivanti has issued security updates for a critical flaw in its Endpoint Manager solution, posing a remote code execution risk. The vulnerability, rated 9.6 on the CVSS scale, affects EPM 2021 and 2022 prior to SU5. Ivanti also addressed multiple security flaws in its Avalanche enterprise mobile device management solution, … Read more
January 4, 2024 at 05:40PM Driven Acquisition Inc, DBA Driven Technologies, a leading cybersecurity and cloud service provider in NY, acquires ieMentor, a Cisco Gold Partner. The acquisition bolsters Driven’s capabilities in Cisco security, networking, collaboration, and data center solutions. This expands the company’s workforce to 85 employees and enhances its service offerings, reinforcing its … Read more
January 3, 2024 at 11:51AM Enter our cybersecurity caption contest by submitting your idea before Jan. 25, 2024. Send your entry to [email protected] with the subject line “The Edge January 2024 Toon,” or via social media on X/Twitter, Facebook, and LinkedIn. Last month’s winner was Scott Dowlen, IT manager at Odessa Separator Inc. Good luck! … Read more
January 3, 2024 at 11:33AM SonicWall acquires San Francisco startup Banyan Security, adding zero-trust network access tech to its offerings. The financial terms weren’t disclosed. Banyan Security, which raised $47M over two rounds, enables secure user-to-application connections and defends against real-time threats. The acquisition expands SonicWall’s portfolio to include SSE and ZTNA technologies, aligning with … Read more
December 27, 2023 at 07:30AM Over 80,000 individuals are being informed by National Amusements about a data breach that compromised their personal information in December 2022. The breach involved access to the company’s network and files containing personal data. While the impacted information includes financial account numbers, National Amusements is offering complimentary credit monitoring services … Read more
December 21, 2023 at 03:27PM Cisco announced the acquisition of Silicon Valley startup Isovalent to bolster its cloud security product portfolio, without disclosing financial terms. Isovalent, which raised $70 million in venture capital, specializes in eBPF open source technology and cloud native solutions for networking and security. The acquisition adds Cilium and Tetragon products to … Read more
December 20, 2023 at 09:03AM Ransomware groups are increasingly using remote encryption in their attacks, targeting unmanaged devices to compromise entire networks. Microsoft revealed that about 60% of ransomware attacks involve remote encryption. This tactic renders process-based remediation measures ineffective, with compromised machines unable to detect malicious activity. Cybercriminals are also engaging with the media … Read more
December 19, 2023 at 06:00PM 35 million customers of Comcast Xfinity have been affected by the CitrixBleed vulnerability, leading to a breach of customer data, including sensitive information. Although Comcast promptly patched and mitigated the vulnerability, attackers were still able to exfiltrate a large amount of data over a three-day period. The ongoing threat of … Read more
December 19, 2023 at 03:05PM “Microsoft urges immediate patching for four Perforce Helix Core Server vulnerabilities, including a critical RCE bug. Perforce Server used in gaming, government, military, and tech sectors. All vulnerabilities fixable by updating to version 2023.1/2513900. Microsoft has not seen exploitation but warns of potential complete system takeover. Additional security measures and … Read more
December 19, 2023 at 08:39AM Threat actors are using GitHub for malicious activities, including hosting malware and delivering malicious commands via secret Gists and git commit messages. The use of legitimate public services allows threat actors to bypass detection tools. These novel methods can blend malicious traffic with genuine communications, making it harder to detect … Read more