Security News
Despite $4,252,500 of annual budget spent on endpoint protection, an average of 48 percent of devices - or 64,800 per enterprise - are at risk because they are no longer detected by the organization's IT department or the endpoints' operating systems have become outdated. 63 percent of respondents find that the lack of visibility into their endpoints is the most significant barrier to achieving a strong security posture.
Nearly half of enterprise endpoint devices present significant security risks. Device sprawl is becoming a costly security headache with the average enterprise now managing approximately 135,000 endpoint devices, a new report finds.
Unidentified cyber threat actors have started using Brute Ratel C4, an adversary simulation tool similar to Cobalt Strike, to try to avoid detection by endpoint security solutions and gain a foothold on target networks, Palo Alto Networks researchers have found. Their line of attack is apparently successful, as one of the files delivering the Brute Ratel C4 "Badger" - a payload for remote access similar to Cobalt Strike's Beacon - has initially not been flagged as malicious by security tools leveraged by VirusTotal.
Kolide notifies your team via Slack when their devices are insecure and gives them step-by-step instructions on how to solve the problem. For IT admins, Kolide provides a single dashboard that lets you monitor the security of your entire fleet, whether they're running on Mac, Windows, or Linux.
Millions of employees are now working from home or in a hybrid setting. Hackers aren't confined to office walls.
Microsoft says Defender for Endpoint now comes with a new 'troubleshooting mode' that will help Windows admins test Defender Antivirus performance and run compatibility scenarios without getting blocked by tamper protection. The new mode is available in public preview and it enables admins to disable or change the tamper protection setting while diagnosing false-positive application blocks or performing performance troubleshooting.
Attackers have seized on vulnerabilities in these environments, creating more work and larger budgets for security teams. The hybrid workforce reality is causing greater concerns with data leakage, ransomware and attacks through remote access tools and cloud services.
Our workforce has rapidly evolved, with millions of employees permanently working from home or transitioning to a hybrid setting. Hackers aren't confined by office walls.
HP is warning of new critical security vulnerabilities in the Teradici PCoIP client and agent for Windows, Linux, and macOS that impact 15 million endpoints. Teradici PCoIP is a proprietary remote desktop protocol licensed to many virtualization product vendors, acquired by HP in 2021, and used on its own products since then.
Remember the good old days, when the only devices a company had to worry about were the PCs on its own network? Today, security teams must yearn for those times as they struggle to protect endpoint devices everywhere. Darktrace is mirroring the approach it takes to security at the core of the network with an endpoint agent that uses machine learning to protect PCs. "The way we operate our businesses has changed so drastically over the last few years," says Justin Fier, the company's Director of Cyber Intelligence & Analytics.