Endpoint Security

Palo Alto Networks Completes Acquisition of Talon

Acquisition, Endpoint Security, Funding/M&A, Palo Alto Networks /

Palo Alto Networks Completes Acquisition of Talon 2023-12-28 at 19:18 By SecurityWeek News Palo Alto Networks completed the acquisition of Talon Cyber Security, an Israeli startup selling a secure browser technology to enterprise customers. The post Palo Alto Networks Completes Acquisition of Talon appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS […]

React to this headline:

Loading spinner

Palo Alto Networks Completes Acquisition of Talon Read More »

ESET Patches High-Severity Vulnerability in Secure Traffic Scanning Feature

Endpoint Security, ESET, security product vulnerability, vulnerability /

ESET Patches High-Severity Vulnerability in Secure Traffic Scanning Feature 21/12/2023 at 16:31 By Eduard Kovacs ESET has patched CVE-2023-5594, a high-severity vulnerability that can cause a browser to trust websites that should not be trusted. The post ESET Patches High-Severity Vulnerability in Secure Traffic Scanning Feature appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

ESET Patches High-Severity Vulnerability in Secure Traffic Scanning Feature Read More »

“Pool Party” process injection techniques evade EDRs

CrowdStrike, Cybereason, Don't miss, Endpoint Security, Hot stuff, Microsoft, News, Palo Alto Networks, PoC, research, SafeBreach, SentinelOne, threat detection, XDR /

“Pool Party” process injection techniques evade EDRs 12/12/2023 at 14:01 By Zeljka Zorz SafeBreach researchers have discovered eight new process injection techniques that can be used to covertly execute malicious code on Windows systems. Dubbed “Pool Party” because they (ab)use Windows thread pools, these process injection techniques work across all processes and, according to the

React to this headline:

Loading spinner

“Pool Party” process injection techniques evade EDRs Read More »

New ‘Pool Party’ Process Injection Techniques Undetected by EDR Solutions

EDR, Endpoint, Endpoint Security, process injection /

New ‘Pool Party’ Process Injection Techniques Undetected by EDR Solutions 07/12/2023 at 17:01 By Ionut Arghire Pool Party is a new set of eight Windows process injection techniques that evade endpoint detection and response solutions. The post New ‘Pool Party’ Process Injection Techniques Undetected by EDR Solutions appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

New ‘Pool Party’ Process Injection Techniques Undetected by EDR Solutions Read More »

Enterprise, Consumer Devices Exposed to Attacks via Malicious UEFI Logo Images

Endpoint Security, UEFI, Vulnerabilities, vulnerability /

Enterprise, Consumer Devices Exposed to Attacks via Malicious UEFI Logo Images 06/12/2023 at 19:03 By Eduard Kovacs LogoFAIL is an UEFI image parser attack allowing hackers to compromise consumer and enterprise devices using malicious logo images. The post Enterprise, Consumer Devices Exposed to Attacks via Malicious UEFI Logo Images appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Enterprise, Consumer Devices Exposed to Attacks via Malicious UEFI Logo Images Read More »

Apple Patches WebKit Flaws Exploited on Older iPhones

apple, CVE-2023-42916, CVE-2023-42917, Endpoint Security, Featured, iOS, macOS, Malware & Threats, Vulnerabilities /

Apple Patches WebKit Flaws Exploited on Older iPhones 30/11/2023 at 23:02 By Ryan Naraine Apple’s security response team warns that flaws CVE-2023-42916 and CVE-2023-42917 were already exploited against versions of iOS before iOS 16.7.1. The post Apple Patches WebKit Flaws Exploited on Older iPhones appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Apple Patches WebKit Flaws Exploited on Older iPhones Read More »

Critical ownCloud Flaws Lead to Sensitive Information Disclosure, Authentication Bypass

CVSS 10, Data Protection, Endpoint Security, GraphAPI, ownCloud, Vulnerabilities /

Critical ownCloud Flaws Lead to Sensitive Information Disclosure, Authentication Bypass 27/11/2023 at 19:46 By Ionut Arghire Three critical vulnerabilities in ownCloud could lead to sensitive information disclosure and authentication and validation bypass. The post Critical ownCloud Flaws Lead to Sensitive Information Disclosure, Authentication Bypass appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Critical ownCloud Flaws Lead to Sensitive Information Disclosure, Authentication Bypass Read More »

Windows Hello Fingerprint Authentication Bypassed on Popular Laptops

biometric, bypass, Endpoint Security, Fingerprint /

Windows Hello Fingerprint Authentication Bypassed on Popular Laptops 22/11/2023 at 17:17 By Eduard Kovacs Researchers have tested the fingerprint sensors used for Windows Hello on three popular laptops and managed to bypass them. The post Windows Hello Fingerprint Authentication Bypassed on Popular Laptops appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Windows Hello Fingerprint Authentication Bypassed on Popular Laptops Read More »

New Intel CPU Vulnerability ‘Reptar’ Can Allow DoS Attacks, Privilege Escalation

Endpoint Security /

New Intel CPU Vulnerability ‘Reptar’ Can Allow DoS Attacks, Privilege Escalation 15/11/2023 at 13:17 By Eduard Kovacs A new Intel CPU vulnerability tracked as Reptar and CVE-2023-23583 can be exploited for DoS attacks and possibly privilege escalation. The post New Intel CPU Vulnerability ‘Reptar’ Can Allow DoS Attacks, Privilege Escalation appeared first on SecurityWeek. This

React to this headline:

Loading spinner

New Intel CPU Vulnerability ‘Reptar’ Can Allow DoS Attacks, Privilege Escalation Read More »

Chipmaker Patch Tuesday: Intel, AMD Address Over 130 Vulnerabilities

Amd, CPU vulnerability, Endpoint Security, Intel, Vulnerabilities /

Chipmaker Patch Tuesday: Intel, AMD Address Over 130 Vulnerabilities 15/11/2023 at 13:17 By Eduard Kovacs Intel and AMD have informed their customers about a total of more than 130 vulnerabilities found in their products. The post Chipmaker Patch Tuesday: Intel, AMD Address Over 130 Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Chipmaker Patch Tuesday: Intel, AMD Address Over 130 Vulnerabilities Read More »

Intel Sued Over ‘Downfall’ CPU Vulnerability 

Endpoint Security, Featured, Intel, lawsuit /

Intel Sued Over ‘Downfall’ CPU Vulnerability  10/11/2023 at 17:47 By Eduard Kovacs A class action lawsuit has been filed against Intel over its handling of CPU speculative execution vulnerabilities, with a focus on Downfall. The post Intel Sued Over ‘Downfall’ CPU Vulnerability  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Intel Sued Over ‘Downfall’ CPU Vulnerability  Read More »

Critical Vulnerabilities Expose Veeam ONE Software to Code Execution

CVE-2023-38547, CVE-2023-38548, Endpoint Security, Network Security, Veeam, Veeam ONE, Vulnerabilities /

Critical Vulnerabilities Expose Veeam ONE Software to Code Execution 07/11/2023 at 19:46 By Ionut Arghire Veeam Software has rolled out patches to cover code execution vulnerabilities in its Veeam ONE IT monitoring product. The post Critical Vulnerabilities Expose Veeam ONE Software to Code Execution appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Critical Vulnerabilities Expose Veeam ONE Software to Code Execution Read More »

Dozens of Kernel Drivers Allow Attackers to Alter Firmware, Escalate Privileges

Endpoint Security /

Dozens of Kernel Drivers Allow Attackers to Alter Firmware, Escalate Privileges 01/11/2023 at 18:47 By Eduard Kovacs VMware’s Threat Analysis Unit finds 34 new vulnerable kernel drivers that can be exploited to alter or erase firmware and escalate privileges. The post Dozens of Kernel Drivers Allow Attackers to Alter Firmware, Escalate Privileges appeared first on

React to this headline:

Loading spinner

Dozens of Kernel Drivers Allow Attackers to Alter Firmware, Escalate Privileges Read More »

Apple Ships Major iOS, macOS Security Updates

apple, Endpoint Security, iOS, macOS, Malware & Threats, Mobile & Wireless, Vulnerabilities, WebKit /

Apple Ships Major iOS, macOS Security Updates 25/10/2023 at 23:01 By Ryan Naraine Apple patches dozens of serious security flaws in its macOS and iOS platforms, warning that hackers could launch code execution exploits. The post Apple Ships Major iOS, macOS Security Updates appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Apple Ships Major iOS, macOS Security Updates Read More »

Lost and Stolen Devices: A Gateway to Data Breaches and Leaks

Data Protection, Encryption, Endpoint, Endpoint Security /

Lost and Stolen Devices: A Gateway to Data Breaches and Leaks 18/10/2023 at 15:49 By Torsten George By implementing strong security practices,, organizations can significantly reduce the risks associated with lost and stolen computers and safeguard their sensitive information. The post Lost and Stolen Devices: A Gateway to Data Breaches and Leaks appeared first on

React to this headline:

Loading spinner

Lost and Stolen Devices: A Gateway to Data Breaches and Leaks Read More »

Microsoft Defender can automatically contain compromised user accounts

automation, BEC scams, Don't miss, Endpoint Security, enterprise, Hot stuff, Microsoft, Microsoft Defender, MITM, News, privileged accounts, Ransomware, XDR /

Microsoft Defender can automatically contain compromised user accounts 12/10/2023 at 15:32 By Helga Labus The “contain user” feature select Microsoft Defender for Endpoint customers have been trying out since November 2022 is now available to a wider pool of organizations, Microsoft has announced. The feature aims to help organizations disrupt human-operated attacks like ransomware, business

React to this headline:

Loading spinner

Microsoft Defender can automatically contain compromised user accounts Read More »

Endpoint malware attacks decline as campaigns spread wider

attacks, cybersecurity, Encryption, Endpoint Security, extortion, Malware, News, Ransomware, report, SSL/TLS, threats, WatchGuard /

Endpoint malware attacks decline as campaigns spread wider 11/10/2023 at 06:31 By Help Net Security In Q2 2023, 95% of malware now arrives over encrypted connections, endpoint malware volumes are decreasing despite campaigns growing more widespread, ransomware detections are declining amid a rise in double-extortion attacks, and older software vulnerabilities persist as popular targets for

React to this headline:

Loading spinner

Endpoint malware attacks decline as campaigns spread wider Read More »

BlackBerry to Split Cybersecurity, IoT Business Units

BlackBerry, Cylance, Endpoint Security, ICS/OT, IoT Security /

BlackBerry to Split Cybersecurity, IoT Business Units 05/10/2023 at 19:02 By Ryan Naraine BlackBerry plans to split its cybersecurity and IOT (Internet of Things) businesses and pursue an IPO for the IOT unit early next year. The post BlackBerry to Split Cybersecurity, IoT Business Units appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

BlackBerry to Split Cybersecurity, IoT Business Units Read More »

New Supermicro BMC Vulnerabilities Could Expose Many Servers to Remote Attacks

Endpoint Security, Vulnerabilities /

New Supermicro BMC Vulnerabilities Could Expose Many Servers to Remote Attacks 04/10/2023 at 18:16 By Ionut Arghire Supermicro has released BMC IPMI firmware updates to address multiple vulnerabilities impacting select motherboard models. The post New Supermicro BMC Vulnerabilities Could Expose Many Servers to Remote Attacks appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

New Supermicro BMC Vulnerabilities Could Expose Many Servers to Remote Attacks Read More »

New GPU Side-Channel Attack Allows Malicious Websites to Steal Data

Endpoint Security, GPU, side-channel attack /

New GPU Side-Channel Attack Allows Malicious Websites to Steal Data 27/09/2023 at 12:32 By Eduard Kovacs GPUs from AMD, Apple, Arm, Intel, Nvidia and Qualcomm are vulnerable to a new type of side-channel attack named GPU.zip. The post New GPU Side-Channel Attack Allows Malicious Websites to Steal Data appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

New GPU Side-Channel Attack Allows Malicious Websites to Steal Data Read More »

Scroll to Top