Security News

The research found that AppSec chaos reigns, with 78% of CISOs responding that today's AppSec attack surfaces are unmanageable and 90% of responders confirmed relationships between their security and development teams need to improve. 85% of CISOs acknowledge dev teams suffer from vulnerability noise and alert fatigue, which strains the relationship between security and dev teams.

In the ever-evolving cybersecurity landscape, the game-changers are those who adapt and innovate swiftly. Pen test solutions not only supercharge productivity but also provide a crucial layer of...

Nine out of 10 security teams are automating at least some of their work, and 93% of respondents believe that more automation would improve their work-life balance. According to the research, overall job satisfaction in the SOC remains high - security teams love the work they do.

A new, redesigned, and faster Microsoft Teams application is generally available for all Windows and macOS users starting today. As revealed when the new Teams was made available as a preview release in March, the new client will launch three times faster, enabling users to switch between chats and channels up to 1.7 times faster than the Classic Teams app.

Microsoft released emergency security updates for Edge, Teams, and Skype to patch two zero-day vulnerabilities in open-source libraries used by the three products. The libwebp library is used by a large number of projects for encoding and decoding images in the WebP format, including modern web browsers like Safari, Mozilla Firefox, Microsoft Edge, Opera, and the native Android web browsers, as well as popular apps like 1Password and Signal.

In this Help Net Security interview, Okey Obudulu, CISO at Skillsoft, talks about the increasing complexity of the CISO role and challenges they face. With the increasing complexity of the CISO role, what are the top three challenges you believe they face, and how can they best address these?

Security teams need easily replicable techniques to emulate threat scenarios to test their defense skills against the skill level of cyber-attackers. At least yearly, there should be a full red team assessment; the red team is made up of offensive security professionals whose role is to exploit the company's vulnerabilities and overcome cybersecurity controls.

Get technical details about how this new attack campaign is delivered via Microsoft Teams and how to protect your company from this loader malware. A new report from global cybersecurity company Truesec reveals a new attack campaign leveraging Microsoft Teams to infect companies' users.

Microsoft is investigating an ongoing outage preventing customers from sending or receiving messages using the company's Microsoft Teams communication platform. Microsoft confirmed the outage in a tweet published via its official Microsoft 365 status account, saying that more details can be found under TM675041 in the admin center.

Microsoft is warning of a new phishing campaign undertaken by an initial access broker that involves using Teams messages as lures to infiltrate corporate networks. "Beginning in July 2023, Storm-0324 was observed distributing payloads using an open-source tool to send phishing lures through Microsoft Teams chats," the company said, adding the development marks a shift from using email-based initial infection vectors for initial access.