Hacktivism and geopolitically motivated APT groups have become a significant threat to many regions of the world in recent years, damaging infrastructure and important functions of government, business, and society. In late 2022 we predicted that the involvement of hacktivist groups in all major geopolitical conflicts from now on willRead More »Notes of cyber inspector: three clusters of threat in cyberspace
Cybersecurity researchers have discovered two new malware families, including a modular Apple macOS backdoor called CHILLYHELL and a Go-based remote access trojan (RAT) named ZynorRAT that can target both Windows and Linux systems. According to an analysis from Jamf Threat Labs, ChillyHell is written in C++ and is developed forRead More »CHILLYHELL macOS Backdoor and ZynorRAT RAT Threaten macOS, Windows, and Linux Systems
Geordie has developed a platform that gives enterprises deep visibility into AI agents and what they are doing. The post Geordie Emerges From Stealth With $6.5M for AI Agent Security Platform appeared first on SecurityWeek.
The investment will accelerate product innovation and will fuel the security company’s expansion in the US. The post Red Access Raises $17 Million for Agentless Security Platform appeared first on SecurityWeek.
Apple’s new Memory Integrity Enforcement (MIE) brings always-on memory-safety protection covering key attack surfaces — including the kernel and over 70 userland processes. The post Apple Unveils iPhone Memory Protections to Combat Sophisticated Attacks appeared first on SecurityWeek.
Microsoft on Tuesday addressed a set of 80 security flaws in its software, including one vulnerability that has been disclosed as publicly known at the time of release. Of the 80 vulnerabilities, eight are rated Critical and 72 are rated Important in severity. None of the shortcomings has been exploitedRead More »Microsoft Fixes 80 Flaws — Including SMB PrivEsc and Azure CVSS 10.0 Bugs
Tel Aviv–based startup replaces vaults and secrets managers with just-in-time policies, aiming to eliminate credentials entirely. The post Hush Security Emerges Stealth to Eliminate Credential Threats With No-Secrets Platform appeared first on SecurityWeek.
Apple on Tuesday revealed a new security feature called Memory Integrity Enforcement (MIE) that’s built into its newly introduced iPhone models, including iPhone 17 and iPhone Air. MIE, per the tech giant, offers “always-on memory safety protection” across critical attack surfaces such as the kernel and over 70 userland processesRead More »Apple iPhone Air and iPhone 17 Feature A19 Chips With Spyware-Resistant Memory Safety
High-severity vulnerabilities could lead to remote code execution, privilege escalation, information disclosure, and configuration tampering. The post Fortinet, Ivanti, Nvidia Release Security Updates appeared first on SecurityWeek.
Introduction Managed service providers (MSPs) and managed security service providers (MSSPs) are under increasing pressure to deliver strong cybersecurity outcomes in a landscape marked by rising threats and evolving compliance requirements. At the same time, clients want better protection without managing cybersecurity themselves. Service providers must balance these growing demandsRead More »The Time-Saving Guide for Service Providers: Automating vCISO and Compliance Services
