A great piece on what it will take to improve the safety of the connected world. Read it here.
Extended detection and response (XDR) captures threat data from previously isolated security tools throughout the organizations tech stack to enable easier, faster triage and efficacy in investigation, threat hunting, and accurately responding to...
Organizations are increasingly considering response capabilities within NDR solutions for dealing with threats detected through network traffic analytics tools, which are mostly focused on only detecting threats, and are largely focused around the...
A new malware kit to compromise ISC (Industrial Control Systems) is detailed in this whitepaper by Dragos.
Towards the end of November, a researcher from Alibaba discovered a fault (CVE-2021-44228) in a well known open-source logging library called Log4j. The researcher responsibly disclosed his finding to Log4j’s Apache Software Foundation...
This is a developing story and the why is still a mystery. We starting to know the how.
CISA and NSA have released best practices documents on how to harden your virtual private network.
Apple has released a patch for ‘zero-click vulnerability. What is a ‘zero-click’? It is a flaw which lets hackers access devices through the iMessage service even if users do not click on a link or file. One can imagine the power...
This is a very serious leak as VPN (Virtual Private Network) username and passwords could undoubtedly allow the bad actors to access a network to perform all manner of activities including stealing date (data exfiltration), install hidden malware or...
A report from Citizen Lab about two zero iMessage vulnerabilities/exploit which require zero click, in spyware sold by the cyberweapons NSO Group. iMessage is the the default messaging app of Apple iPhone. It appears these attacks do not...