Security News
Ivanti has disclosed yet another security flaw impacting Endpoint Manager Mobile, formerly known as MobileIron Core, that it said has been weaponized as part of an exploit chain by malicious actors in the wild. "This vulnerability can be used in conjunction with CVE-2023-35078, bypassing administrator authentication and ACLs restrictions."
Syxsense now offers more IT and endpoint management functions, including mobile device management, automation, remediation and zero trust. Syxsense recently unveiled its all-encompassing suite - Syxsense Enterprise, which comes with patch and vulnerability management, MDM, zero trust, automation and orchestration capabilities, and remediation.
The Syxsense Synergy event last week featured a range of analysts, end users and company spokespeople with a central theme of the convergence of endpoint management and security - two areas that have traditionally remained apart. "That's why there is a growing need for the convergence of the security and endpoint management groups within organizations to address attack surface management, vulnerability protection and automated remediation."
Over the last several years, endpoints have played a crucial role in cyberattacks. While there are several steps organizations can take to help mitigate endpoint threats - such as knowing what devices are on a network, quarantining new or returning devices, scanning for threats and vulnerabilities, immediately applying critical patches, etc.
This can leave gaps in an enterprise's ability to identify devices that are accessing the network and in ensuring that those devices are compliant with security policies. As part of the market's need to gain a clearer, real-time picture of their devices and security posture, Syxsense launched its Enterprise platform last year to address the three key elements of endpoint management and security: vulnerabilities, patch, and compliance.
IT and security teams are consolidating management and security functions to help better deliver new applications to end users, improve regulatory compliance, and reduce cyberattacks resulting from poor coordination between endpoint security and management teams, according to Syxsense. A key report finding indicates that unmanaged device usage continues to increase, with most organizations having endpoint security blind spots - only 43% of respondents claim to be actively monitoring 75% or more of endpoints.
Microsoft announced today that it added device isolation support to Microsoft Defender for Endpoint on onboarded Linux devices. Enterprise admins can manually isolate Linux machines enrolled as part of a public preview using the Microsoft 365 Defender portal or via API requests.
"The popularity of hybrid work, and the associated risks, means that companies must prioritise training and education to make remote working safe. Traditional methods of controlling and securing company data aren't as effective when employees are working in remote locations and greater responsibility falls on the individual. Companies must acknowledge the unique risks associated with remote work and activate relevant security management systems, as well as empower employees to deal with a certain level of risk," said Daniel Hofmann, CEO of Hornetsecurity. Hofmann commented: "Increasing remote working cybersecurity measures is particularly important in the current climate, as cybercriminals are becoming smarter and using remote working to their advantage. We've seen an increase in smartphone attacks as hackers understand that both personal and professional data can likely be accessed as people can, and often do, carry out work on personal devices."
Starting now, for just $1, you can get comprehensive agentless and runtime cloud security coverage for all of 2023, covering up to 1,000 eligible assets. Steve Shedlock, Incident Response Team Lead at SEIC, says, "I would not want to do security anywhere without the level of visibility that Uptycs provides."
Over 80% of home-office routers were found to be vulnerable to potential cyberattacks. When it comes to these cyberattacks, malware remains a major concern.