Security News

Security specialist ESET's latest Threat Report warns of a massive increase in attacks on Remote Desktop Protocol endpoints - and new activity from the Nobelium gang against European government organisations. ESET's figures show attacks on RDP servers having gone up 103.9 per cent since its T1 report in June - it publishes three a year - representing a total of 55 billion detected brute-force attacks, thanks in no small part to a campaign focused on Spanish targets.

Zero Trust deployment - moving all your apps and data to the cloud and assuming no user or device is trustworthy until proven otherwise in order to gain access - has been rapidly introduced as a result of the pandemic. Most attempts at achieving Zero Trust access today are a patchwork of disparate products from different vendors connected to virtual private networks, with rudimentary on-off access controls based on limited visibility.

To protect businesses from such devastating threats, IT security teams need the right tools to monitor endpoints and identify threats before they can escalate. Your EDR software should be able to prioritize these alerts for your security team and make sure they respond to the most pressing issues first.

Digital Guardian announced new enhancements to its endpoint DLP visibility and security controls specifically to secure a hybrid work model. "According to a recent Gallup polli, seven in 10 U.S. white-collar workers are still working remotely and many organizations have turned to Secure Access Service Edge to secure those employees, despite some clear gaps in those solutions," said Mordecai Rosen, Digital Guardian CEO. "Our new endpoint DLP features are purpose-built to address those SASE gaps and the market is responding as evidenced by Digital Guardian's record year over year new business sales bookings and revenue growth."

Syxsense released two new solutions built to facilitate the remediation of the current rash of malware. "While threat and misconfiguration detection is critical in today's IT environment, on their own they're no better than watching the approach of a speeding train," said Ashley Leonard, Syxsense founder and CEO. "With Syxsense Secure you can immediately remediate the threat, in essence, avoiding the train's path entirely."

SafeBreach announced the addition of new advanced attacks to the Microsoft Defender for Endpoint evaluation lab, providing seamless access to SafeBreach's continuous security validation platform, to allow users to test their environment and device configurations. These built-in SafeBreach attacks markedly improve the capabilities of the lab; they enable PoCs to clearly demonstrate the effectiveness of various Microsoft Defender for Endpoint configurations and empower security teams to closely observe and review prevention, detection, and remediation features in action.

Datto is a global provider of cloud-based software and security solutions purpose-built for delivery by MSPs. "Due to the highly sophisticated nature of today's threat landscape which is constantly changing, MSPs are being challenged to stay one step ahead of cybercriminals." Malwarebytes OneView is a managed service provider console, providing organizations with easy access to best-in-class endpoint security services that exceed the constantly evolving needs of today's cybersecurity customers.

Register for this upcoming webinar to learn how to reduce risk with integrated endpoint-to-cloud security. Currently, security from endpoints to the cloud involves multiple standalone tools that solve specific problems.

Securonix announced a new product for its cloud-native platform: Securonix Open XDR. The new product comes with Securonix Autonomous Threat Sweep and empowers customers with robust threat detection and response capabilities needed to respond swiftly to sophisticated threats across endpoints, networks and hybrid cloud environments. The fully integrated solution delivers out-of-the-box threat detection and response across endpoints, networks and the cloud for rapid time to value.

Microsoft has announced new and improved capabilities for enterprise security teams that use Microsoft Defender for Endpoint on Android and iOS and Microsoft threat and vulnerability management APIs. Microsoft Defender for Endpoint - a cloud-powered enterprise endpoint security platform designed to help enterprise networks prevent, detect, investigate, and respond to advanced threats - now has a new mobile app that makes it easier for users to see whether their Microsoft Tunnel VPN connection is operational, web protection is on, and the apps on their mobile devices are potentially dangerous.