Security News

Detectree, developed by WithSecure, is a detection visualization tool for cyber security defense teams. "Time is always working against incident responders. And looking through rows of text data and making connections between them and the suspicious activity under investigation is time spent not remediating the problem, which is a real waste when you're under pressure to stop an attack."

What initially started like a minor Microsoft Teams outage has also taken down multiple Microsoft 365 services with Teams integration, including Exchange Online, Windows 365, and Office Online."We've received reports of users being unable to access Microsoft Teams or leverage any features," the company revealed on its official Microsoft 365 Status Twitter account more than 8 hours ago.

Companies with small security teams continue to face a number of distinctive challenges that place these organizations at greater risk than larger enterprises, according to Cynet. The Cynet survey analyzed responses from 200 CISOs at SMEs with five or fewer security staff members and cybersecurity budgets of $1 million or less.

ShiftLeft released its second annual AppSec Progress Report documenting critical trends in application security and how organizations are shifting security left to deal with the ever-rising volume of attacks and disclosed vulnerabilities. By identifying and prioritizing OSS vulns that are actually attackable, AppSec teams and developers fix what matters, ship code faster and actually improve security with fewer, better fixes.

In the traditional vulnerability management process, the definition of a vulnerability is straightforward, "A CVE or a Software Vulnerability." CVEs are important to be managed; however, it is not sufficient to deal with the complex attack surface. Advanced Vulnerability Management provides a broader approach to vulnerabilities and addresses different security risks in the IT vulnerability landscape.

An ongoing outage affects multiple Microsoft 365 services, with customers worldwide reporting delays, sign-in failures, and issues accessing their accounts. The affected services include the Exchange Online hosted email platform for businesses and the Microsoft Teams communication platform, as well as SharePoint Online, the Graph API, and Universal Print.

Simply put: XDR extends visibility across the environment and exposes threats that could be easily overlooked when relying on point security solutions. This new approach to cybersecurity often comes at a cost and requires resources and headcount that small security teams can't afford.

A newcomer on the ransomware scene has coopted a 14-year-old malware variant to help it maintain persistence on a targeted network in a recent attack, researchers have found. Black Basta, a ransomware group that emerged in April, leveraged Qbot,, to move laterally on a compromised network, researchers from security consulting firm NCC Group wrote in a blog post published this week.

During the first day of Pwn2Own Vancouver 2022, contestants won $800,000 after successfully exploiting 16 zero-day bugs to hack multiple products, including Microsoft's Windows 11 operating system and the Teams communication platform. The first to fall was Microsoft Teams in the enterprise communications category after Hector Peralta exploited an improper configuration flaw.

According to a Splashtop's report, that has come at a cost as 65% of IT help desk teams throughout the U.S are reporting an increase in the number of team members reporting unsustainable levels of stress. "With many employees working remotely on a regular basis, IT and help desk staff face higher ticket volumes, more diverse set of devices to support, and greater security challenges," said Philip Sheu, CTO at Splashtop.