Security News

Giving employees the flexibility to be fully productive while working remotely makes it critical that businesses have endpoint security measures in place to prevent, detect and respond to the growing threat landscape while allowing employees the flexibility to work remotely. Dell endpoint protection spans the enterprise to include multi-cloud data protection solutions that can be delivered as software-defined and/or appliance-based solutions, and above all, enables users to remain highly productive by defeating increasingly sophisticated attacks in the new remote work paradigm.

Security researchers from Onapsis - the security firm that specializes in security for SAP, Oracle, Salesforce, and other software-as-a-service platforms and that discovered the bugs - joined SAP in coordinating the release of a Threat Report describing the critical vulnerabilities onTuesday. As of Tuesday, Onapsis Research Labs had estimated that there were tens of thousands - approximately 40,000 - SAP customers running more than 10,000 potentially affected, internet-exposed SAP applications.

Menlo Security announced it has identified a surge in cyberthreats, termed Highly Evasive Adaptive Threats, that bypass traditional security defenses. HEAT attacks are a class of cyber threats targeting web browsers as the attack vector and employs techniques to evade detection by multiple layers in current security stacks including firewalls, Secure Web Gateways, sandbox analysis, URL Reputation, and phishing detection.

Google is adding a new defensive layer to protect enterprise workloads running in Google Cloud. It's called Virtual Machine Threat Detection, and will help select Security Command Center customers detect cryptomining malware inside their virtual machines.

WhiteSource released a threat report based on malicious activity found in npm, the most popular JavaScript package manager used by developers worldwide. The report is based on findings from more than 1,300 malicious npm packages identified in 2021.

Reblaze announced the results of a Global Surveyz survey of 300 security professionals, to better understand how organizations are approaching web security as we enter a new year. "Unfortunately, it seems that many organizations have fallen behind in maintaining effective defenses. For example, although attack bots are used in multiple types of cyberattacks, half of the security professionals that were surveyed admitted that they didn't know the extent of bot activity in their applications, and of the remaining respondents, most of them underestimated the scope of the threat."

Ransomware remains the number one threat for most organisations. This report comprehensively examines the adversary's ongoing innovation and evolution of tried-and-true TTPs like ransomware, business email compromise, zero-day threats, espionage, and more.

The Secureworks Counter Threat Unit™ research team analyses security threats and helps organizations protect their systems. During September and October 2021, CTU researchers observed notable developments in threat behaviours, the global threat landscape, and security trends, and identified lessons to consider.

Microsoft Sentinel now comes with support for continuous GitHub threat monitoring, which helps keep track of potentially malicious events after ingesting GitHub enterprise repository logs. "Today, together with Microsoft Sentinel, you can connect your enterprise-licensed GitHub repository environment to the Microsoft Sentinel workspace and ingest the GitHub audit log - tracking events such as new repository creation or deletion, counting the number of repository clones, and more," Microsoft explained.

We hear about the need for better visibility in the cybersecurity space - detecting threats earlier and more accurately. A new solution overview document provides insights on how XDR provider Cynet tackles the difficult problem of greatly improving threat visibility.