enterprise

PoC for Splunk Enterprise RCE flaw released (CVE-2023-46214)

data analytics, Don't miss, enterprise, Hot stuff, News, PoC, Splunk, vulnerability /

PoC for Splunk Enterprise RCE flaw released (CVE-2023-46214) 27/11/2023 at 13:47 By Zeljka Zorz A proof-of-concept (PoC) exploit for a high-severity flaw in Splunk Enterprise (CVE-2023-46214) that can lead to remote code execution has been made public. Users are advised to implement the provided patches or workarounds quickly. About CVE-2023-46214 Splunk Enterprise is a solution […]

PoC for Splunk Enterprise RCE flaw released (CVE-2023-46214) Read More »

Sophos Web Appliance vulnerability exploited in the wild (CVE-2023-1671)

CISA, Don't miss, enterprise, exploit, Hot stuff, News, PoC, Sophos, vulnerability /

Sophos Web Appliance vulnerability exploited in the wild (CVE-2023-1671) 20/11/2023 at 14:47 By Helga Labus CISA has added three vulnerabilities to its Known Exploited Vulnerabilities catalog, among them a critical vulnerability (CVE-2023-1671) in Sophos Web Appliance that has been patched by the company in April 2023. About CVE-2023-1671 CVE-2023-1671 is a pre-auth command injection vulnerability

Sophos Web Appliance vulnerability exploited in the wild (CVE-2023-1671) Read More »

From PKI to PQC: Devising a strategy for the transition

DigiCert, Don't miss, Encryption, enterprise, Features, News, Ponemon Institute, quantum computing, strategy /

From PKI to PQC: Devising a strategy for the transition 16/11/2023 at 09:31 By Zeljka Zorz Quantum computers capable of breaking currently used encryption algorithms are an inevitability. And since the US, China and Europe are sprinting to win that arms race, we know that day is coming sooner rather than later. Will organizations be

From PKI to PQC: Devising a strategy for the transition Read More »

Juniper networking devices under attack

CISA, Don't miss, enterprise, exploit, firewall, Hot stuff, Juniper Networks, News, vulnerability, WatchTowr /

Juniper networking devices under attack 14/11/2023 at 16:46 By Zeljka Zorz CISA has ordered US federal agencies to patch five vulnerabilities used by attackers to compromise Juniper networking devices, and to do so by Friday. Most of these bugs are not particularly severe by themselves, but they can be – and have been – chained

Juniper networking devices under attack Read More »

Microsoft introduces new access policies in Entra to boost MFA usage

access management, Don't miss, enterprise, Hot stuff, identity protection, MFA, Microsoft, Microsoft Entra ID, News, policy /

Microsoft introduces new access policies in Entra to boost MFA usage 07/11/2023 at 18:17 By Helga Labus As part of a broader initiative to strengthen security, Microsoft is rolling out Microsoft-managed Conditional Access policies in Entra ID (formerly Azure Active Directory) to increase the use of multifactor authentication (MFA) for enterprise accounts. Microsoft Entra Conditional

Microsoft introduces new access policies in Entra to boost MFA usage Read More »

F5 BIG-IP vulnerabilities leveraged by attackers: What to do?

Don't miss, enterprise, F5 Networks, Hot stuff, News, patch, PoC, Praetorian, Project Discovery, SQL injection, traffic monitoring, vulnerability /

F5 BIG-IP vulnerabilities leveraged by attackers: What to do? 02/11/2023 at 14:01 By Zeljka Zorz The two BIG-IP vulnerabilities (CVE-2023-46747, CVE-2023-46748) F5 Networks has recently released hotfixes for are being exploited by attackers in the wild, the company has confirmed. “It is important to note that not all exploited systems may show the same indicators,

F5 BIG-IP vulnerabilities leveraged by attackers: What to do? Read More »

MITRE ATT&CK v14 released

Don't miss, enterprise, framework, Hot stuff, MITRE, MITRE ATT&CK, News /

MITRE ATT&CK v14 released 02/11/2023 at 12:16 By Zeljka Zorz MITRE has released MITRE ATT&CK v14, the newest iteration of its popular investigation framework / knowledge base of tactics and techniques employed by cyber attackers. MITRE ATT&CK v14 ATT&CK’s goal is to catalog and categorize behaviors of cyber adversaries in real-world attacks. The framework is

MITRE ATT&CK v14 released Read More »

F5 fixes critical BIG-IP vulnerability (CVE-2023-46747)

Don't miss, enterprise, F5 Networks, Hot stuff, News, patch, Praetorian, traffic monitoring, vulnerability /

F5 fixes critical BIG-IP vulnerability (CVE-2023-46747) 30/10/2023 at 18:46 By Helga Labus F5 Networks has released hotfixes for three vulnerabilities affecting its BIG-IP multi-purpose networking devices/modules, including a critical authentication bypass vulnerability (CVE-2023-46747) that could lead to unauthenticated remote code execution (RCE). About CVE-2023-46747 Discovered and reported by Thomas Hendrickson and Michael Weber of Praetorian

F5 fixes critical BIG-IP vulnerability (CVE-2023-46747) Read More »

Quishing: Tricks to look out for

consumer, Darktrace, Don't miss, enterprise, Hot stuff, Hoxhunt, Kaspersky, Malwarebytes, News, phishing, QR codes, tips /

Quishing: Tricks to look out for 26/10/2023 at 11:01 By Zeljka Zorz QR code phishing – aka “quishing” – is on the rise, according to HP, Darktrace, Malwarebytes, AusCERT, and many others. What are QR codes? QR codes are two-dimensional matrix barcodes used for tracking products, identifying items, simplifying actions such as connecting to a

Quishing: Tricks to look out for Read More »

Microsoft announces wider availability of AI-powered Security Copilot

Artificial Intelligence, Don't miss, enterprise, Hot stuff, machine learning, malware analysis, Microsoft, News, threat hunting /

Microsoft announces wider availability of AI-powered Security Copilot 23/10/2023 at 15:04 By Helga Labus Microsoft Security Copilot has been made available to a larger number of enterprise customers, via an invitation-only Early Access Program. What is Microsoft Security Copilot? “Security Copilot is an AI assistant for security teams that builds on the latest in large

Microsoft announces wider availability of AI-powered Security Copilot Read More »

Settlements giant DTTC acquires blockchain infrastructure developer Securrency

Digital Asset, enterprise, security /

Settlements giant DTTC acquires blockchain infrastructure developer Securrency 20/10/2023 at 02:02 By Cointelegraph By Derek Andersen Securrency will help DTTC increase its role in developing digital asset clearance options. DTTC settled $2.5 quadrillion worth of securities transactions in 2022. This article is an excerpt from Cointelegraph.com News View Original Source

Settlements giant DTTC acquires blockchain infrastructure developer Securrency Read More »

Google ads for KeePass, Notepad++ lead to malware

consumer, Don't miss, enterprise, Google Search, Hot stuff, KeePass, malvertising, Malware, Malwarebytes, News, search engine, SMBs /

Google ads for KeePass, Notepad++ lead to malware 19/10/2023 at 12:16 By Zeljka Zorz Users using Google to search for and download the KeePass password manager and the Notepad++ text editor may have inadvertently gotten saddled with malware, says Jérôme Segura, Director of Threat Intelligence at Malwarebytes. Malvertising via search engine ads is a constant,

Google ads for KeePass, Notepad++ lead to malware Read More »

Researchers warn of increased malware delivery via fake browser updates

consumer, Don't miss, enterprise, Hot stuff, Malware, News, Proofpoint, Sekoia.io, WordPress /

Researchers warn of increased malware delivery via fake browser updates 17/10/2023 at 13:32 By Zeljka Zorz ClearFake, a recently documented threat leveraging compromised WordPress sites to push malicious fake browser updates, is likely operated by the threat group behind the SocGholish “malware delivery via fake browser updates” campaigns, Sekoia researchers have concluded. About ClearFake ClearFake

Researchers warn of increased malware delivery via fake browser updates Read More »

Microsoft Defender can automatically contain compromised user accounts

automation, BEC scams, Don't miss, Endpoint Security, enterprise, Hot stuff, Microsoft, Microsoft Defender, MITM, News, privileged accounts, Ransomware, XDR /

Microsoft Defender can automatically contain compromised user accounts 12/10/2023 at 15:32 By Helga Labus The “contain user” feature select Microsoft Defender for Endpoint customers have been trying out since November 2022 is now available to a wider pool of organizations, Microsoft has announced. The feature aims to help organizations disrupt human-operated attacks like ransomware, business

Microsoft Defender can automatically contain compromised user accounts Read More »

Microsoft 365 email senders urged to implement SPF, DKIM and DMARC

DMARC, Don't miss, Email, enterprise, Hot stuff, Microsoft, Microsoft 365, News, spam /

Microsoft 365 email senders urged to implement SPF, DKIM and DMARC 09/10/2023 at 13:32 By Helga Labus In the wake of Google’s announcement of new rules for bulk senders, Microsoft is urging Microsoft 365 email senders to implement SPF, DKIM and DMARC email authentication methods. “These Domain Name Service (DNS) email authentication records verify that

Microsoft 365 email senders urged to implement SPF, DKIM and DMARC Read More »

Critical Trend Micro vulnerability exploited in the wild (CVE-2023-41179)

Don't miss, Endpoint Security, enterprise, Hot stuff, News, patch, security update, Trend Micro, vulnerability /

Critical Trend Micro vulnerability exploited in the wild (CVE-2023-41179) 21/09/2023 at 11:46 By Zeljka Zorz Trend Micro has fixed a critical zero-day vulnerability (CVE-2023-41179) in several of its endpoint security products for enterprises that has been spotted being exploited in the wild. About CVE-2023-41179 The nature of the flaw hasn’t been revealed, but we know

Critical Trend Micro vulnerability exploited in the wild (CVE-2023-41179) Read More »

Shadow IT: Security policies may be a problem

Don't miss, enterprise, Hot stuff, Kolide, News, policy, shadow IT, survey, training /

Shadow IT: Security policies may be a problem 20/09/2023 at 08:23 By Zeljka Zorz 3 out of 4 workers use personal (and often unmanaged) phones and laptops for work and nearly half of companies let unmanaged devices access protected resources, a recent report by Kolide and Dimensional Research has revealed. When asked why they use

Shadow IT: Security policies may be a problem Read More »

Attackers use fallback ransomware if LockBit gets blocked

Don't miss, enterprise, Hot stuff, News, Ransomware, Symantec /

Attackers use fallback ransomware if LockBit gets blocked 14/09/2023 at 13:15 By Zeljka Zorz Your security solutions might stave off a LockBit infection, but you might still end up with encrypted files: according to Symantec’s threat researchers, some affiliates are using the 3AM ransomware as a fallback option in case LockBit gets flagged and blocked.

Attackers use fallback ransomware if LockBit gets blocked Read More »

Scroll to Top