Security News > 2022 > May

To help you pick one of the best endpoint detection and response tools, we compare two popular EDR software solutions: CrowdStrike and FireEye. CrowdStrike vs FireEye: Feature Comparison FeatureCrowdStrikeFireEye Automated detectionYesYes ContainmentYesYes Terminate malicious activityYesNo Cloud compatibilityYesYes Behavioral analyticsYesNo Alert management workflowNoYes MDR availabilityYesNo Head-to-head comparison: CrowdStrike vs. FireEye Range of function.

So why bother with World Password Day when we're soon going to have a great big World Password Bonfire. We suspect, though we'd love to be wrong, that we'll take delivery of our Permanent Password Replacement Device at the same time that we get the personal jetpacks, the flying cars and the self-ironing shirts that everyone was promised back in the day.

The National Institute of Standards and Technology has released updated guidance on securing the supply chain against cyberattacks. Since 2020, NIST has released two draft documents on how the enterprise can better defend itself from supply-chain attacks.

The Federal Trade Commission today proposed an order requiring Connecticut-based internet service provider Frontier Communications to stop "Lying" to its customers and support its high-speed internet claims. "Today's proposed order requires Frontier to back up its high-speed claims. It also arms customers lured in by Frontier's lies with free, easy options for dropping their slow service."

It's one of the more flexible and powerful terminal applications on the Linux market and it has a rather pleasant, SSH-centric surprise for you an SSH Manager plugin. Figure B. How to use the SSH Manager plugin.

Today, Microsoft, Apple, and Google announced plans to support a common passwordless sign-in standard developed by the World Wide Web Consortium and the FIDO Alliance. "These multi-device FIDO credentials, sometimes referred to as passkeys, represent a monumental step toward a world without passwords," added Microsoft Identity Division Vice President Alex Simons.

Google has released the second part of the May security patch for Android, including a fix for an actively exploited Linux kernel vulnerability. As Android uses a modified Linux kernel, the vulnerability also affects the operating system.

A new malware framework known as NetDooka has been discovered being distributed through the PrivateLoader pay-per-install malware distribution service, allowing threat actors full access to an infected device. The fact that it's being distributed through the PrivateLoader malware distribution service reflects this potency, as its authors deemed the malware ready for large-scale deployment.

Google, Apple, Microsoft promise end to passwords, courtesy of your mobile phone. A future without passwords may be closer than we think, at least when a new initiative to enlist your smartphone as a mobile authenticator gets off the ground.

A new report from Mandiant reveals details about an ongoing cyberespionage operation run by a threat actor dubbed UNC3524, monitored by Mandiant since December 2019. While such targeting may suggest financial motivations, Mandiant believes it's instead motivated by espionage, because the threat actor maintains its access and remains undetected for an order of magnitude longer than the average dwell time of 21 days.