Security News

Styra released a research report which explores how in sync, or misaligned, IT leaders and developers are when it comes to cloud-native technology use and security during their digital transformation journeys. As organizations increase adoption, the report outlines why developers and IT decision-makers need a unified approach in addressing security and compliance.

The survey data reflects that the biggest issue impacting ITOps teams today stems from too few employees being asked to manage too many different endpoints, with little visibility and minimal automation. The challenge of keeping endpoints updated ITOps teams are burdened by disparate endpoint solutions.

Enterprises need to create a more strategic alliance between their application security and cybersecurity teams if they are going to better protect themselves against cyberthreats. Appsec team members tend to be developers and quality assurance pros creating internal applications used within the organization or exposed publicly or privately to customers, while cybersecurity teams' jobs include penetration testing and responding to incidents, he said.

The increased adoption of hybrid work models means security teams are increasingly challenged to keep users connected and networks secure. Securing devices is a growing challenge for organizations now unable to rely on connecting endpoints to campus networks for visibility and pushing updates.

Runecast is a patented enterprise IT platform created for administrators, by administrators, and is tailored to the needs of those teams and enterprise leaders. "There are 'influencers' in the virtualization community who are posting articles or tweeting about specific problems even before they're officially recognized by the vendor," Stanimir Markov, one of the Runecast co-founders and current CEO, told Help Net Security, and pointed out that that is one of the things that allows Runecast to be proactive.

Kali Linux 2022.1 released: New tools, kali-linux-everything, visual changesOffensive Security has released Kali Linux 2022.1, the latest version of its popular open source penetration testing platform. Attackers use Microsoft Teams as launchpad for malwareHackers are starting to realize that Microsoft Teams is a great means of spreading tentacles throughout an organization's systems; since the start of the year, Avanan has been seeing hackers increasingly dropping malware in Teams conversation.

Cyberattack threat: Corporate users infected via Microsoft Teams. Researchers from Avanan, a Check Point company, have announced the discovery of attacks exploiting the Microsoft Teams communication platform to infect corporate users.

Hackers are starting to realize that Microsoft Teams is a great means of spreading tentacles throughout an organization's systems; since the start of the year, Avanan has been seeing hackers increasingly dropping malware in Teams conversation. To be able to use this avenue of attack, hackers need to take control of a Microsoft Teams account.

Threat actors are targeting Microsoft Teams users by planting malicious documents in chat threads that execute Trojans that ultimately can take over end-user machines, researchers have found.In January, researchers at Avanan, a Check Point Company, began tracking the campaign, which drops malicious executable files in Teams conversations that, when clicked on, eventually take over the user's computer, according to a report published Thursday.

Security researchers warn that some attackers are compromising Microsoft Teams accounts to slip into chats and spread malicious executables to participants in the conversation. More than 270 million users are relying on Microsoft Teams every month, many of them trusting the platform implicitly, despite the absence of protections against malicious files.