Security News

The Raspberry Robin worm is becoming an access-as-a-service malware for deploying other payloads, including IcedID, Bumblebee, TrueBot, and Clop ransomware. MSTIC is keeping tabs on the activity group behind the USB-based Raspberry Robin infections as DEV-0856, adding it's aware of at least four confirmed entry points that all have the likely end goal of deploying ransomware.

Microsoft says tamper protection will soon be turned on by default for all enterprise customers in Microsoft Defender for Endpoint for better defense against ransomware attacks.Once toggled on, it locks Microsoft Defender Antivirus to secure default values and will prevent any security settings changes.

Any discussion about device management would not be complete without talking about unified endpoint management solutions. Apple Business Manager or ABM helps configure and deploy Apple devices, so why should you spend more resources upgrading to a dedicated UEM? To put it simply, the access to capabilities that a UEM provides is unrivaled.

AT&T cybersecurity researchers have discovered a sneaky piece of malware targeting Linux endpoints and IoT devices in the hopes of gaining persistent access and turning victims into crypto-mining drones. Popular adventure clothing brand The North Face and shoe company Vans, subsidiaries of the same parent company, have admitted to a credential stuffing attack that netted its attacker 194,905 user's worth of PII. Most every piece of PII stored on the two websites were compromised, with the exception of credit card numbers, which the brands' parent company VF Outdoors said it doesn't store on its sites.

Endpoint security solutions range from signature-based endpoint protection platform or antivirus solutions to extended detection and response platforms that tie multiple security solutions together. Organizations that are evaluating endpoint detection and response solutions need to ensure that the products they are considering will meet their needs in the areas.

49% of respondents to a recent Twitter poll carried out by Osirium Technologies describe endpoint management security within their organization as non-existent. This Help Net Security video highlights why so many organizations lack endpoint security strategy.

While this Global Threat Landscape Report is filled with information, charts, and graphs, one area of interest to security leaders is Figure 3 titled "Comparing CVEs by IPS activity and endpoint detections." CVE stands for "Common Vulnerabilities and Exposures" and it is a list of publicly disclosed computer security flaws. These vulnerabilities could well be attacked next and should be patched before other less-likely vulnerabilities are.

The tamper protection feature in Microsoft Defender for Endpoint for macOS is getting rolled out to all customers, the company has announced on Monday. "While in Audit mode, TP signals can be viewed via Advanced Hunting and in local on-device logs. No tampering alerts are raised in the Security Center while in Audit mode. Alerts are raised in the portal only in block mode," explained Camilla Sophie Djamalov, a Program Manager Intern at Microsoft.

If you're considering a third-party audit like SOC 2 or ISO 27001, you should be prepared to answer some tough questions about endpoint security. If you're not sure how you'll answer those questions, then you need Kolide.

49% of respondents to a recent Twitter poll carried out by Osirium Technologies describe endpoint management security within their organization as non-existent. Endpoint management allows IT teams to identify, monitor and control end-users' access to corporate networks and systems.