February 13, 2024 at 03:16PM Microsoft issued a patch for CVE-2024-21412, a zero-day SmartScreen vulnerability used by the Water Hydra APT group to target financial market traders. Trend Micro protects customers from this, emphasizing the importance of proactive cybersecurity measures and a dedicated bug bounty program. Trend customers have been protected since January 17 via … Read more
February 1, 2024 at 10:09AM The Department of Defense’s Cybersecurity Maturity Model Certification (CMMC) is a significant nudge for companies in the defense industrial base and critical infrastructure to enhance cybersecurity. However, achieving CMMC compliance alone may not safeguard against sophisticated threats such as China’s PLA Unit 61398. To truly protect against cyber threats, companies … Read more
January 12, 2024 at 12:11AM Trend Micro’s Zero Day Initiative (ZDI) disclosed 1,913 bugs in 2023 with 74% rated as Critical/High risk. The program identified vulnerabilities in attacks using zero-day exploits and provided early virtual patches to protect customers. ZDI also contributed 20% of bugs to Microsoft and 78% to Adobe, supporting both vendors in … Read more
January 8, 2024 at 08:36AM Security professionals are prioritizing use cases such as incident response, alert triage, vulnerability management, spear phishing, and threat intelligence for technology investments. Automation adoption is driven by the need for efficiency, with top use cases varying by industry. A standardized, data-driven and extensible platform is key for successful security automation … Read more
November 30, 2023 at 04:28PM Emsisoft offers a 20% discount on its Enterprise Security EDR solution’s 1-year licenses until December 17, 2023. This cloud-managed protection features multi-layer security, built-in EDR, AI threat hunting, behavior blocking, ransomware rollback, and easy management. The promotion is in partnership with BleepingComputer. Meeting Takeaways: 1. Emsisoft Promotion: – Emsisoft is … Read more
October 25, 2023 at 08:04AM Around 60% of corporate data is stored in the cloud, with Amazon S3 being a popular choice. However, S3 remains vulnerable to ransomware attacks as leaked access keys can be used to compromise sensitive data. To combat these threats, organizations need visibility into their S3 environment through CloudTrail and Server … Read more
October 20, 2023 at 05:48PM Okta, an identity and access management services provider, has disclosed a recent compromise of its customer support case management system. Sensitive customer data, including cookies and session tokens, was exposed, potentially allowing attackers to impersonate valid users. The incident only affected customers with recent support cases, and Okta has taken … Read more