Security News

Cisco flagged threats like Kovter, Poweliks, Divergent and LemonDuck as the most common fileless malware. Another prevalent critical threat to endpoints in the first half was dual-use tools that are typically leveraged for both exploitation and post-exploitation tasks.

Elastic announced the first major beta milestone for Elastic in delivering comprehensive endpoint security fully integrated into the Elastic Stack, centrally managed under a unified agent and enabled with one click. Elastic Security also now offers expanded out-of-the-box protections for cloud security monitoring, as well as a new integration with IBM Security's security orchestration, automation, and response platform, IBM Security Resilient.

Trend Micro announced its upcoming Mobile Network Security solution, which will accelerate digital innovation at the network edge by offering comprehensive network and endpoint protection for a new era of IoT and 5G private networks. "From shopping malls to airports and smart factories to enterprise campuses, private networks are emerging as an increasingly popular way to deliver business-critical applications at the network edge. However, the sheer complexity involved can create dangerous security gaps," said Akihiko Omikawa, executive vice president of IoT security for Trend Micro.

CIOs are prioritizing identity and access management over endpoint security and security awareness training in 2020, according to a Hitachi ID survey. Their goals reflect these new priorities: 86% said they're aiming to improve security standards across their environment, while 80% are making their tech stack more flexible for remote and on-premise users.

Citrix today released patches for multiple new security vulnerabilities affecting its Citrix Endpoint Management, also known as XenMobile, a product made for enterprises to help companies manage and secure their employees' mobile devices remotely. Citrix Endpoint Management offers businesses mobile device management and mobile application management capabilities.

To select an appropriate endpoint protection solution for your business, you need to think about a variety of factors. As malicious actors target endpoints with new types of attacks designed to evade traditional endpoint prevention tools, organizations must seek out advanced endpoint detection and response solutions.

Qualys today announced Qualys Multi-Vector EDR. Taking a new multi-vector approach to Endpoint Detection and Response, Qualys now brings the unifying power of its highly scalable cloud platform to EDR. Traditional EDR solutions singularly focus on endpoints' malicious activities to hunt and investigate cyberattacks. Multi-Vector EDR enables security teams to unify multiple context vectors like asset and software inventory, end-of-life visibility, vulnerabilities and exploits, misconfigurations, network traffic summary, MITRE ATT&CK tactics and techniques, malware, endpoint telemetry, and network reachability by leveraging the Qualys backend to correlate with threat intelligence for accurate detection, investigation and response - ALL, in a single, cloud-based app with a single lightweight agent.

Attivo Networks introduced new capabilities to its Endpoint Detection Net solution that prevent attackers from fingerprinting an endpoint to identify security weaknesses and from conducting reconnaissance. Attackers use fingerprinting to identify targets, decide which vulnerabilities to exploit, and determine how to successfully interact with them.

A 2019 study found that most companies allow mobile devices to access between 1/3 and 3/4 of their most business-critical information. Cybercriminals know that mobile devices are less secure, so it's no surprise that last year Verizon found that 4 in 10 companies were breached through a mobile device.

There's a massive amount of complexity plaguing today's enterprise endpoint environments. The number of agents piling up on enterprise endpoint devices - up on average - is hindering IT and security's ability to maintain foundational security hygiene practices, such as patching critical vulnerabilities, which may actually weaken endpoint security defenses, Absolute reveals.