Security News

Simply put: XDR extends visibility across the environment and exposes threats that could be easily overlooked when relying on point security solutions. This new approach to cybersecurity often comes at a cost and requires resources and headcount that small security teams can't afford.

A newcomer on the ransomware scene has coopted a 14-year-old malware variant to help it maintain persistence on a targeted network in a recent attack, researchers have found. Black Basta, a ransomware group that emerged in April, leveraged Qbot,, to move laterally on a compromised network, researchers from security consulting firm NCC Group wrote in a blog post published this week.

During the first day of Pwn2Own Vancouver 2022, contestants won $800,000 after successfully exploiting 16 zero-day bugs to hack multiple products, including Microsoft's Windows 11 operating system and the Teams communication platform. The first to fall was Microsoft Teams in the enterprise communications category after Hector Peralta exploited an improper configuration flaw.

According to a Splashtop's report, that has come at a cost as 65% of IT help desk teams throughout the U.S are reporting an increase in the number of team members reporting unsustainable levels of stress. "With many employees working remotely on a regular basis, IT and help desk staff face higher ticket volumes, more diverse set of devices to support, and greater security challenges," said Philip Sheu, CTO at Splashtop.

Calling TA410 an umbrella group comprised of three teams dubbed FlowingFrog, LookingFrog and JollyFrog, Slovak cybersecurity firm ESET assessed that "These subgroups operate somewhat independently, but that they may share intelligence requirements, an access team that runs their spear-phishing campaigns, and also the team that deploys network infrastructure." TA410 - said to share behavioral and tooling overlaps with APT10 - has a history of targeting U.S-based organizations in the utilities sector as well as diplomatic entities in the Middle East and Africa.

As security professionals, we aren't known for our levity. Why do many employees dislike their colleagues in the cybersecurity function? Because the first and often only experience of interacting with security is being told they're doing something wrong, and that it will take extra work to resolve.

This comprehensive study of nearly 700 technologists, now in its fourth year, explored the most urgent challenges development teams face when building applications with open source. It also reveals new insights into how confident technologists are in their organizations' current open source management practices, and in the open source components and languages they use more generally.

Tech teams worry about protecting intellectual property in addition to managing costs and ensuring reliability when selecting a cloud service provider, according to a new report. It's not an either/or situation with 20% of companies that use a smaller cloud provider also use a hyperscaler.

A new survey from the Cloud Security Alliance found that IT teams don't have a complete picture of SaaS in use by business units. Too many departments with access to SaaS security settings: 35%. Lack of visibility into changes into the SaaS security settings: 34%. Forty percent of respondents said that business departments, such as legal, marketing and sales, have access to security settings.

Cynet, a cybersecurity company, is hosting an upcoming webinar in partnership with Enterprise Strategy Group that will explore how choosing the right XDR can be impactful for companies lean security teams. How Cynet 360 AutoXDR™ is purpose-built to enhance and simplify cybersecurity for lean security teams with limited budgets, people and skills.