McAfee Enterprise announced that MVISION Cloud, part of its secure access service edge (SASE) offering – MVISION Unified Cloud Edge (UCE), now provides enhanced security coverage for Microsoft Dynamics 365, a line of enterprise resource planning and customer relationship management software applications.Read More…
In early 2019, Mandiant began identifying and responding to intrusions in the Middle East by Chinese espionage group UNC215. These intrusions exploited a Microsoft SharePoint vulnerability to install webshells and FOCUSFJORD payloads at targets in the Middle East and Central Asia. In addition to data from Mandiant Incident Response andRead More…
According to Gartner “by 2023, 90% of web-enabled applications will have more surface area for attack in the form of exposed APIs rather than the user interface (UI), up from 50% in 2020. By 2022, API abuses will move from an infrequent to the most frequent attack vector, resulting inRead More…
Sophos, a global leader in next-generation cybersecurity, has published new research, “Trash Panda as a Service: Raccoon Stealer Steals Cookies, Cryptocoins and More,” detailing how a stealer disguised as pirated software grabs cryptocurrencies and information while dropping malicious content, such as cryptominers, on targeted systems.Read More…
BeyondTrust, the worldwide leader in Privileged Access Management, has announced the release of BeyondTrust Password Safe 21.2 and BeyondInsight 21.2, with increased flexibility to manage privileged custom applications and previously unsupported systems. The new features and capabilities improve security and enable IT operations and security teams to intuitively manage privilegedRead More…
ESET researchers have discovered a set of 10 previously undocumented malware families, implemented as malicious extensions for Internet Information Services (IIS) web server software. Targeting both government mailboxes and e-commerce credit card transactions, as well as aiding in malware distribution, this diverse class of threats operates by eavesdropping on andRead More…
SentinelOne, an autonomous cybersecurity platform company, unveiled SentinelOne Storyline Active Response (STAR), its cloud-based automated hunting, detection, and response engine. Integrated with SentinelOne’s ActiveEDR, STAR empowers security teams to create custom detection and response rules and deploy them in real time to the entire network or desired subset, to proactivelyRead More…
Check Point Research (CPR) found security flaws in Amazon Kindle, the world’s most popular e-reader. If exploited, the flaws would have enabled a threat actor to take full control over a user’s Kindle, resulting in the possible theft of Amazon device token, or other sensitive information stored on the device.Read More…
