Closing the Loop: The Future of Automated Vulnerability Remediation
Alan catches up with Eran Livne, senior director of endpoint remediation at Qualys, to discuss how organizations are evolving...
endpoint
October Patch Tuesday Fails Hard — Windows Update Considered Harmful?
Showstopper bugs with security certificates—plus failing USB keyboards and mice—cause QA questions.Microsoft’s Windows security update rollup is badly buggy this...
Suspected Chinese Hackers Spent a Year-Plus Inside F5 Systems: Report
The Chinese state-sponsored threat actors believed to be behind the high-profile hack of F5’s corporate networks reportedly infiltrated the security...
China’s Flax Typhoon Exploits ArcGIS App for Year-Long Persistence
A China-backed threat group exploited what ReliaQuest researchers called a “common security blind spot” to maintain persistence in a widely...
The Endpoint Has Moved to the Browser — Your Security Tools Haven’t
Your users aren’t downloading files to their desktops anymore. They’re not running local applications. They’re working in Google Docs, Salesforce,...
Shift left, stay ahead: The case for early threat prevention
Cybersecurity strategies today often focus on what happens after an attacker gains entry or how to respond once malicious activity...
#Pixnapping: Android Timing Attack Sends Google Back to the Drawing Board
Researchers discover a new way to steal secrets from Android apps.Anything any Android app can display is vulnerable to the Pixnapping...
Rethinking Microsoft Security: Why Identity is Your First Line of Defense
Microsoft Identity systems sit at the core of nearly every enterprise. Active Directory, Entra ID, Microsoft 365, Intune and Teams...
Cl0p Ransomware Group Exploited in a Zero-Day in Oracle EBS Attacks
The Cl0p ransomware group that over the last week has been sending extortion emails to executives with companies it’s stolen...
Hacker Stole Sensitive Data From FEMA, Border Patrol: Reports
An assessment by DHS found that hackers were able to access FEMA servers by exploiting the CitrixBleed 2 vulnerability and...
African Authorities Arrest 260 Suspects in Romance, Sextortion Scams
More than 260 suspects were arrested and 1,235 electronic devices – including USB drives and SIM cards – seized in a...
Digital Threat Modeling Under Authoritarianism
Today’s world requires us to make complex and nuanced decisions about our digital security. Evaluating when to use a secure...
Secret Service Shuts Down Sprawling Hidden Telecom Network in NY
Federal investigators have dismantled a massive telecom network hidden throughout the New York area that they said could have...
Chinese-Made Villager AI Pentest Tool Raises Cobalt Strike-Like Concerns
Villager is being pitched as a legitimate AI-powered pentest tool for red teams, but the platform, made by Chinese company...
Not all Endpoint protection is created equal
If you’re evaluating endpoint protection, you’ve likely noticed something: Everything starts to sound the same. “AI-powered.” “Next-gen.” “Integrated.” These claims...
