Stop Ransomware with Microsoft Security digital event presents threat intelligence in action

One of the biggest challenges in security today is visibility. And by visibility, I don’t just mean keeping an eye on ever-evolving cyberthreats, but also seeing your own security environment clearly—especially where you’re vulnerable. For defenders who are working hard to manage threats across...

Stop Ransomware with Microsoft Security digital event presents threat intelligence in action

One of the biggest challenges in security today is visibility. And by visibility, I don’t just mean keeping an eye on ever-evolving cyberthreats, but also seeing your own security environment clearly—especially where you’re vulnerable. For defenders who are working hard to manage threats across...

Microsoft Security highlights from Black Hat USA 2022

Black Hat USA 2022 marked the twenty-fifth year that security researchers, security architects, and other security professionals have gathered to share the latest research, developments, and trends. Microsoft was among the companies participating in the conference, which was from August 6 to 11,...

Microsoft Security highlights from Black Hat USA 2022

Black Hat USA 2022 marked the twenty-fifth year that security researchers, security architects, and other security professionals have gathered to share the latest research, developments, and trends. Microsoft was among the companies participating in the conference, which was from August 6 to 11,...

The Race to Secure eBPF for Windows

The Race to Secure eBPF for Windows By Trellix · August 11, 2022 This blog was written by Douglas McKee Innovation often improves functionality and even security; however, adoption starts slow. Adoption often doesn’t increase at a linear rate but at an exponential rate leaving behind attack...

A Secure Access Service Edge (SASE ) Guide for Leaders

Discover the benefits of SASE in adopting modern security architectures to reduce cyber risk across the attack surface...

Introducing CyberSecurity Asset Management 2.0 with Natively Integrated External Attack Surface Management

Qualys is introducing Qualys CyberSecurity Asset Management 2.0, which now delivers natively integrated External Attack Surface Management EASM to enable Cybersecurity teams to identify any and all assets visible on the internet, including previously unknown assets and any potential security...

Microsoft announces new solutions for threat intelligence and attack surface management

Uncover adversaries with new Microsoft Defender threat intelligence products The threat landscape is more sophisticated than ever and damages have soared—the Federal Bureau of Investigations 2021 IC3 report found that the cost of cybercrime now totals more than USD6.9 billion.1 To counter these...

Microsoft announces new solutions for threat intelligence and attack surface management

Uncover adversaries with new Microsoft Defender threat intelligence products The threat landscape is more sophisticated than ever and damages have soared—the Federal Bureau of Investigations 2021 IC3 report found that the cost of cybercrime now totals more than USD6.9 billion.1 To counter these...

Vulnerability Spotlight: How misusing properly serialized data opened TCL LinkHub Mesh Wi-Fi system to 17 vulnerabilities

By Carl Hurd. The TCL LinkHub Mesh Wi-Fi system is a multi-device Wi-Fi system that allows users to expand access to their network over a large physical area. What makes the LInkHub system unique is the lack of a network interface to manage the devices individually or in the mesh. Instead, a phon...

Hive Pro Welcomes Pierre Noel as New Chief Information Security Officer

New CISO to Support Growth Milpitas, California, July 28, 2022 -- Hive Pro, a cyber security company specializing in Cyber Threat Exposure Management, has appointed Pierre Noel as its new Chief Information Security Officer CISO. He has been hired with the vision of supporting growth in the compan...

Attack Surface Management: a Critical Pillar of Cybersecurity Asset Management

In their recent Innovation Insight for Attack Surface Management report, Gartner calls Attack Surface Management or “ASM”, for short the first pillar in a broader Exposure Management strategy. According to Gartner, ASM addresses the questions: What does my organization look like from an attacker’...

Join Qualys at Black Hat USA 2022!

Need to get more security? As a Titanium Sponsor of Black Hat USA 2022 Qualys will be located front and center in Booth 1320 on the show floor. Stop by and visit us to learn about our latest techniques, best practices, and solutions for risk-based vulnerability management, external attack surface...

4 Steps the Financial Industry Can Take to Cope With Their Growing Attack Surface

The financial services industry has always been at the forefront of technology adoption, but the 2020 pandemic accelerated the widespread use of mobile banking apps, chat-based customer service, and other digital tools. Adobe's 2022 FIS Trends Report, for instance, found that more than half of th...

Apple’s Lockdown Mode

I havent written about Apples Lockdown Mode yet, mostly because I havent delved into the details. This is how Apple describes it: Lockdown Mode offers an extreme, optional level of security for the very few users who, because of who they are or what they do, may be personally targeted by some of...

Bpflock - eBPF Driven Security For Locking And Auditing Linux Machines

bpflock - eBPF driven security for locking and auditing Linux machines. Note: bpflock is currently in experimental stage , it may break, options and security semantics may change, some BPF programs will be updated to use Cilium ebpf library. 1. Introduction bpflock uses eBPF to strength Linux...

Gimme! Gimme! Gimme! (More Data): What Security Pros Are Saying

Eight in 10 organizations collect, process, and analyze security operations data from more than 10 sources, ESG identified in a new ebook SOC Modernization and the Role of XDR, sponsored by Rapid7. Security professionals believe that the most important sources are endpoint security data 24%, thre...

Attack Surface Discovery

Binary data domaindiscovery.nbin...

Design/Logic Flaw

The client in Northern.tech Mender 3.2.0, 3.2.1, and 3.2.2 has Incorrect Access Control. It listens on a random, unprivileged TCP port and exposes an HTTP proxy to facilitate API calls from additional client components running on the device. However, it listens on all network interfaces instead o...

CVE-2022-32290

The client in Northern.tech Mender 3.2.0, 3.2.1, and 3.2.2 has Incorrect Access Control. It listens on a random, unprivileged TCP port and exposes an HTTP proxy to facilitate API calls from additional client components running on the device. However, it listens on all network interfaces instead o...