Security News

Microsoft is investigating an incident where a threat actor submitted malicious drivers for certification through the Windows Hardware Compatibility Program. "We have seen no evidence that the WHCP signing certificate was exposed. The infrastructure was not compromised," Microsoft says.

How can we be sure that threat hunters stay safe, and don't themselves become a threat to the systems they protect? Conducting threat intelligence and incident response from unsecure locations can expose threat hunters to discovery by the very hackers they are chasing and opens up technical, legal and governance challenges.

According to a report released by Honeywell, USB threats that can severely impact business operations increased significantly during a disruptive year when the usage of removable media and network connectivity also grew. USB devices leading to OT critical business disruption.

The new open and extensible platform, built on the company's threat intelligence solution, delivers endpoint detection and response functionality, curated intelligence feeds, threat hunting and collaboration capabilities. EclecticIQ Platform is designed to help customers stay ahead of the rapidly changing threat landscape and vastly expanded attack surface and to alleviate staffing shortages by running cyber threat intelligence and security operations more efficiently.

ECI Software Solutions released a report detailing the findings from a survey examining how SMBs are leveraging technology to respond to the various threats from the past year - including cybercrime - while laying the groundwork for not only a post-pandemic economy but a more secure, resilient future. Cybercrime as one of the top five threats SMBs face.

More than half of IT and cybersecurity professionals noted ransomware or zero-day attacks as the biggest threats to their organization, according to a Deep Instinct survey. The report highlights current and emerging threats, the impact these have on the day-to-day lives of SecOps professionals, and how automation will play a significant role moving forward.

Threat monitoring and identity access management provider FYEO on Wednesday announced that it emerged from stealth mode with the acquisition of threat intelligence company Intelliagg. The company's FEYO DI platform provides end-to-end protection and insights, advanced threat management, domain and credential monitoring, and reporting and benchmarking capabilities.

In this one, we'll dive into operations security threats to the supply chain. How are people threatening the vaccine supply chain?

D3FEND, a framework for cybersecurity professionals to tailor defenses against specific cyber threats is now available through MITRE. NSA funded MITRE's research for D3FEND to improve the cybersecurity of National Security Systems, the Department of Defense, and the Defense Industrial Base. The D3FEND technical knowledge base of defensive countermeasures for common offensive techniques is complementary to MITRE's ATT&CK, a knowledge base of cyber adversary behavior.

Securonix announced a new product for its cloud-native platform: Securonix Open XDR. The new product comes with Securonix Autonomous Threat Sweep and empowers customers with robust threat detection and response capabilities needed to respond swiftly to sophisticated threats across endpoints, networks and hybrid cloud environments. The fully integrated solution delivers out-of-the-box threat detection and response across endpoints, networks and the cloud for rapid time to value.