Geek-Guy.com

73 search results for "Endpoint security"

Enhancing Security with Advanced Threat Protection and Zero Trust Security

As technology continues to advance, so do the threats to our online security. Cybersecurity is a critical issue that affects individuals, businesses, and governments alike. In order to protect against the latest security exploits and advanced threats, it is essential to implement a comprehensive security strategy that includes elements such as zero trust security, authentication,…

Malware targets Mac users by using Apple’s security tool

A variant of the Banshee macOS infostealer was seen duping detection systems with new string encryption copied from Apple’s in-house algorithm. A Check Point research, which caught the variant after two months of successful evasion, said threat actors distributed Banshee using phishing websites and fake GitHub repositories, often impersonating popular software like Google Chrome, Telegram,…

China-linked hackers target Japan’s national security and high-tech industries

Japan’s National Police Agency (NPA) and the National Center of Incident Readiness and Strategy for Cybersecurity (NISC) have exposed a long-running cyber espionage campaign, “MirrorFace” (also known as Earth Kasha), allegedly linked to China. The campaign, operational since 2019, has targeted Japanese organizations, businesses, and individuals, primarily to exfiltrate sensitive data related to national security…

SOAR buyer’s guide: 11 security orchestration, automation, and response products — and how to choose

Security orchestration, automation, and response (SOAR) has undergone a major transformation in the past few years. Features in each of the words in its description that were once exclusive to SOAR have bled into other tools. For example, responses can be found now in endpoint detection and response (EDR) tools. Orchestration is now a joint…

Enhancing Cybersecurity with Zero Trust Security

Cybersecurity has become an increasingly pressing issue in today’s digital age, with advanced threats and the latest security exploits constantly posing risks to organizations and individuals. As such, implementing a robust security strategy is essential to safeguarding sensitive information and preventing cyber attacks. One approach that has gained traction in recent years is the concept…

Cross-Domain Attacks: A Growing Threat to Modern Security and How to Combat Them

In the past year, cross-domain attacks have gained prominence as an emerging tactic among adversaries. These operations exploit weak points across multiple domains – including endpoints, identity systems and cloud environments – so the adversary can infiltrate organizations, move laterally and evade detection. eCrime groups like SCATTERED SPIDER and North Korea-nexus adversaries such as FAMOUS

Top ~100 Open Source Security Tools

Explore the ultimate guide to the top 100 open-source security tools on Geek-Guy.com! Whether you’re a cybersecurity professional or an enthusiast, this comprehensive list offers powerful tools to enhance your digital defenses. Dive into detailed reviews, features, and expert insights to fortify your cybersecurity arsenal with the best open-source software available. Stay ahead of threats…

Understanding the Fundamentals of Zero Trust Security in Cybersecurity

With the increasing prevalence of advanced threats and the constant evolution of security exploits, organizations are facing unprecedented challenges in safeguarding their digital assets. In today’s digital landscape, traditional security measures such as firewalls and encryption are no longer sufficient to protect against the sophisticated tactics employed by cybercriminals. This has led to the rise…

Understanding the Latest Trends in Cybersecurity

As technology continues to advance at a rapid pace, the need for robust cybersecurity measures has become more critical than ever before. In today’s digital landscape, organizations are constantly facing advanced threats and security exploits that can compromise their sensitive data and systems. It is essential for businesses to stay ahead of the curve and…

Understanding Advanced Threats in Cybersecurity: The Importance of Zero Trust Security

In today’s digital age, security threats are constantly evolving and becoming more sophisticated. From the latest security exploits to advanced malware and ransomware attacks, organizations are facing a growing number of challenges when it comes to protecting their sensitive data and systems. One approach that is gaining traction in the cybersecurity world is the concept…

Vectra AI, Lumifi Partner to Enhance XDR Security and SOC Operations

Vectra AI, a vendor of AI-driven extended detection and response (XDR) has partnered with managed detection and response (MDR) provider Lumifi to bring Vectra AI’s platform to Lumifi customers. Randy Schirman, channel chief of Vectra AI, and David Norlin, CTO at Lumifi spoke with Channel Insider to share more about why and how their partnership…

Top 10 cybersecurity misconfigurations: Nail the setup to avoid attacks

While cybersecurity headlines are often dominated by the latest zero-day or notable vulnerability in a vendor’s software/product or open-source software library, the reality is that many significant data breaches have been and will continue to be due to misconfigurations. To underscore the serious of this issue, the US National Security Agency (NSA) and the Cybersecurity…

Cloud Access Security Broker – ein Kaufratgeber

Lesen Sie, worauf es bei der Wahl eines Cloud Access Security Broker ankommt – und welche Anbieter was genau zu bieten haben. Jack the sparow | shutterstock.com Ein Cloud Access Security Broker (CASB) sitzt zwischen Enterprise-Endpunkten und Cloud-Ressourcen und fungiert dabei als eine Art Monitoring-Gateway. Eine CASB-Lösung: gewährt Einblicke in Benutzeraktivitäten in der Cloud, setzt…

API Security is Not a Problem You Can Solve at the Edge

In today’s interconnected digital ecosystems, traditional security mechanisms like Web Application Firewalls (WAFs), API gateways, and Content Delivery Networks (CDNs) act as enforcement points. Think of them as bouncers at the entrance of a high-profile nightclub—they decide who gets in and who doesn’t. However, relying solely on these edge solutions to secure APIs is like…

API Security is Not a Problem You Can Solve at the Edge

In today’s interconnected digital ecosystems, traditional security mechanisms like Web Application Firewalls (WAFs), API gateways, and Content Delivery Networks (CDNs) act as enforcement points. Think of them as bouncers at the entrance of a high-profile nightclub—they decide who gets in and who doesn’t. However, relying solely on these edge solutions to secure APIs is like…

API Security is Not a Problem You Can Solve at the Edge

In today’s interconnected digital ecosystems, traditional security mechanisms like Web Application Firewalls (WAFs), API gateways, and Content Delivery Networks (CDNs) act as enforcement points. Think of them as bouncers at the entrance of a high-profile nightclub—they decide who gets in and who doesn’t. However, relying solely on these edge solutions to secure APIs is like…

Cybersecurity Risks of Rushing into Digital Transformation

Digital transformation is the buzzword of the decade. Businesses are racing to modernize their operations, adopt cloud technologies, and embrace automation. It’s an exciting time, no doubt, but in the rush to stay ahead, have you considered the cybersecurity risks that come with it? While digital transformation offers numerous benefits—efficiency, scalability, and improved customer experiences—rushing…

People’s Republic of China (PRC) Ministry of State Security APT40 Tradecraft in Action

Overview Background This advisory, authored by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), the United States Cybersecurity and Infrastructure Security Agency (CISA), the United States National Security Agency (NSA), the United States Federal Bureau of Investigation (FBI), the United Kingdom National Cyber Security Centre (NCSC-UK), the Canadian Centre for Cyber Security (CCCS),…

WatchGuard to Acquire ActZero to Boost MDR Services

Network security solutions provider WatchGuard has announced the acquisition of ActZero, a leading provider of managed detection and response (MDR) services, with proactive, rapid, and automated threat response, and cross-platform AI-driven threat analysis designed to outpace threats at machine speed. In a press release, WatchGuard said that the acquisition will assist the organization with expanding…

What Top Technologies IT Leaders Want From Solution Providers in 2025

Now that we’ve turned the page over to the new year, organizations will begin to set their sights on what technologies and services they should prioritize this year. Enterprises must deliver successful digital initiatives while navigating budget constraints. According to Gartner’s 2025 CIO Agenda, CIOs should aim to “grow the digital vanguard by making it…

Best of 2024: The Best SIEM Tools To Consider in 2024

What is a SIEM? SIEM solutions enable enterprises to monitor and analyze security-related data from a variety of sources, such as firewalls, intrusion detection systems (IDS), and endpoint security devices. By collecting and analysing this data, companies can spot patterns that may signal a security breach, allowing them to take quick and appropriate action to…

Arctic Wolf acquires Cylance from BlackBerry for $160 million

Minnesota-based Arctic Wolf, a cybersecurity operations firm, announced an agreement Monday to acquire BlackBerry’s Cylance business for $160 million, a stark drop from the $1.4 billion BlackBerry initially paid to acquire the startup in 2018.  Arctic Wolf is integrating Cylance’s AI-powered endpoint security technology into its platform to broaden its security solutions. With this acquisition,…

BlackBerry’s Critical Communications: The Triple Shield Available to Safeguard Organizations and Governments

From major IT outages and cyberattacks crippling critical infrastructure, to extreme weather testing global resilience, organizations face a relentless barrage of security and communications challenges, with the potential to also impact human safety. Against this backdrop, BlackBerry has emerged as the market leader in innovative technologies that don’t just respond to and manage crises and…

SonicWall Partners with CrowdStrike to Protect SMBs with New MDR Offering

Recently, SonicWall announced that it would be partnering with CrowdStrike to deliver a new Managed Detection and Response (MDR) offering to bring enterprise-grade security to small- and medium-sized businesses (SMBs). SonicWall and CrowdStrike bring together services and products SonicWall’s trusted Managed Security Services (MSS) combines with CrowdStrike’s Endpoint Detection and Response (EDR) capabilities from the…

New Paper: “Future of SOC: Transform the ‘How’” (Paper 5)

After a long, long, long writing effort … eh … break, we are ready with our 5th Deloitte and Google Cloud Future of the SOC paper “Future of SOC: Transform the ‘How’.” As a reminder (and I promise you do need it; it has been years…), the previous 4 papers are: “New Paper: “Future of the SOC: Evolution or…

Hands-On Walkthrough: Microsegmentation For all Users, Workloads and Devices by Elisity

Network segmentation remains a critical security requirement, yet organizations struggle with traditional approaches that demand extensive hardware investments, complex policy management, and disruptive network changes. Healthcare and manufacturing sectors face particular challenges as they integrate diverse endpoints – from legacy medical devices to IoT sensors – onto their production networks.

Managed Patch Management: An Opportunity for MSPs

There are various methods to protect against unauthorized access to your company’s networks, and patch management is a simple way to address security vulnerabilities or bugs in the system. Maintaining network security through updates and patches can improve your customers’ experience with their technology, and ensure your services remain valuable to the businesses that you…

SquareX Researchers Expose OAuth Attack on Chrome Extensions Days Before Major Breach

SquareX, an industry-first Browser Detection and Response (BDR) solution, leads the way in browser security. About a week ago, SquareX reported large-scale attacks targeting Chrome Extension developers aimed at taking over the Chrome Extension from the Chrome Store. On December 25th, 2024, a malicious version of Cyberhaven’s browser extension was published on the Chrome Store that…

Data protection challenges abound as volumes surge and threats evolve

In the global digital economy, data is the most important asset organizations must protect from theft and damage. CISOs are fundamentally guardians of that asset, obligated to keep it secure and available to relevant users when and where they need it. “Every company has become a data company in this day and age; even if…

How are you securing your communications in the wake of the Volt Typhoon revelations?

The FBI recently released information that text messages between Apple and Android texting systems were insecure and that attackers could listen in and access those communications, more fallout from the revelation that a Chinese-affiliated threat actor had breached telecommunications companies. The announcement that the group known as Salt Typhoon had compromised networks of major global…

Top 7 zero-day exploitation trends of 2024

Zero-day vulnerabilities saw big growth once again in 2024. With no patch available, zero-day flaws give attackers a significant jump on cybersecurity defense teams, making them a critical weapon for attacking enterprise systems. But while all zero-days are essential for CISOs and their team to be aware of, and for vendors to remedy in a…

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Cybercriminals are selling hundreds of thousands of credential sets stolen with the help of a cracked version of Acunetix, a powerful commercial web app vulnerability scanner, new research finds. The cracked software is being resold as a cloud-based attack tool by at least two different services, one of which KrebsOnSecurity traced to an information technology…

From reactive to proactive: Redefining incident response with unified, cloud-native XDR

In today’s rapidly evolving threat landscape, cybersecurity is a constant game of cat and mouse. The average security operations center (SOC) team receives 4,484 alerts every day and can spend up to 3 hours manually triaging to understand which signals represent a genuine threat and which are just noise. However, this model traps SOCs in…

Clop is back to wreak havoc via vulnerable file-transfer software

In what we can assure you is a new cybersecurity incident despite sounding incredibly similar to incidents of past notoriety: threat actors tied to a notorious ransomware and extortion group have exploited file-transfer software to carry out attacks.  Clop has claimed responsibility for attacks tied to vulnerabilities in software made by Cleo, an Illinois-based IT…

DORA steht vor der Tür

srcset=”https://b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_1942670248.jpg?quality=50&strip=all 12500w, https://b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_1942670248.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_1942670248.jpg?resize=768%2C432&quality=50&strip=all 768w, https://b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_1942670248.jpg?resize=1024%2C576&quality=50&strip=all 1024w, https://b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_1942670248.jpg?resize=1536%2C864&quality=50&strip=all 1536w, https://b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_1942670248.jpg?resize=2048%2C1152&quality=50&strip=all 2048w, https://b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_1942670248.jpg?resize=1240%2C697&quality=50&strip=all 1240w, https://b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_1942670248.jpg?resize=150%2C84&quality=50&strip=all 150w, https://b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_1942670248.jpg?resize=854%2C480&quality=50&strip=all 854w, https://b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_1942670248.jpg?resize=640%2C360&quality=50&strip=all 640w, https://b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_1942670248.jpg?resize=444%2C250&quality=50&strip=all 444w” width=”1024″ height=”576″ sizes=”(max-width: 1024px) 100vw, 1024px”>DORA soll die Cybersicherheit in der Finanzbranche erhöhen. Vector Image Plus – Shutterstock.com Ab 17. Januar 2025 sind alle Finanzdienstleister in der EU verpflichtet, den Digital Operational Resilience…

Catching the ghost in the machine: Adapting threat detection to cloud speed

The rapid adoption of cloud technology has transformed how businesses operate, offering scalability, agility, and opportunities for innovation. However, this transformation has also introduced a profound challenge: the “ghost in the machine”—elusive and dynamic threats that exploit the complexity and scale of cloud environments to remain hidden, evading traditional detection methods and posing significant risks…

The Hidden Risks of Mobile Calls and Messages: Why End-to-End Encryption is Just the Starting Line

The recent breaches of sovereign telecom networks in the United States, underscores how highly connected but fragmented public networks are increasingly vulnerable to sophisticated attacks.  Another rising concern is the blind trust organizations and individuals put into consumer-grade messaging apps such as WhatsApp to share government and commercially-sensitive information.  Some of the biggest risks concerning…

WatchGuard CISO on What MSPs Need to Know to Stay Secure in 2025

Security vendor WatchGuard has deep channel connections and years of expertise in network security, endpoint protection, and other specialties. WatchGuard Chief Information Security Officer Corey Nachreiner spoke with Channel Insider to discuss the emerging technology and impending threats MSPs must consider for themselves and their clients as the calendar turns to a new year. Supporting…

Attackers exploit zero-day RCE flaw in Cleo managed file transfer

Security researchers have warned about in-the-wild attacks that exploit a remote code execution vulnerability in managed file transfer (MFT) solutions developed by enterprise software vendor Cleo Communications.The impacted products include the latest versions of Cleo LexiCom, Cleo VLTrader and Cleo Harmony, with experts advising to temporarily disconnect these systems from the internet until a patch…

Attackers can abuse the Windows UI Automation framework to steal data from apps

An accessibility feature built into Windows to facilitate the use of computers by people with disabilities can be abused by malware to steal data from other applications or control them in malicious ways that evades detection by most endpoint protection systems. The Windows UI Automation framework has existed since the days of Windows XP and…

The imperative for governments to leverage genAI in cyber defense

In an era where cyber threats are evolving at an unprecedented pace, the need for robust cyber defense mechanisms has never been more critical. Sixty-two percent of all cyberattacks focus on public sector organizations directly and indirectly. Nation-state actors, equipped with generative artificial intelligence (genAI) sophisticated tools and techniques, pose significant threats to national security,…

GoTo Adds AI Capabilities Plus Automation, Management to Resolve & Rescue

Communications and IT management vendor GoTo announced additions to the GoTo Resolve and LogMeIn Rescue solutions aimed at streamlining IT processes. The solutions now include enhanced AI capabilities, streamlined IT workflows, and improvements to device management tools. “At GoTo, we’re committed to delivering innovative IT management and support solutions that empower teams to work smarter,”…

GoTo Adds AI Capabilities Plus Automation, Management to Resolve & Rescue

Communications and IT management vendor GoTo announced additions to the GoTo Resolve and LogMeIn Rescue solutions aimed at streamlining IT processes. The solutions now include enhanced AI capabilities, streamlined IT workflows, and improvements to device management tools. “At GoTo, we’re committed to delivering innovative IT management and support solutions that empower teams to work smarter,”…

GoTo Adds AI Capabilities Plus Automation, Management to Resolve & Rescue

Communications and IT management vendor GoTo announced additions to the GoTo Resolve and LogMeIn Rescue solutions aimed at streamlining IT processes. The solutions now include enhanced AI capabilities, streamlined IT workflows, and improvements to device management tools. “At GoTo, we’re committed to delivering innovative IT management and support solutions that empower teams to work smarter,”…

2023 Top Routinely Exploited Vulnerabilities

Summary The following cybersecurity agencies coauthored this joint Cybersecurity Advisory (hereafter collectively referred to as the authoring agencies): United States: The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and National Security Agency (NSA) Australia: Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) Canada: Canadian Centre for Cyber Security (CCCS) New…

Russian Military Cyber Actors Target US and Global Critical Infrastructure

Summary The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) assess that cyber actors affiliated with the Russian General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155) are responsible for computer network operations against global targets for the purposes of espionage, sabotage, and reputational…

#StopRansomware: RansomHub Ransomware

Summary Note: This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware. Visit stopransomware.gov to see…

#StopRansomware: RansomHub Ransomware

Summary Note: This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware. Visit stopransomware.gov to see…

Enhancing Cyber Resilience: Insights from CISA Red Team Assessment of a US Critical Infrastructure Sector Organization

Executive Summary The Cybersecurity and Infrastructure Security Agency (CISA) conducted a red team assessment (RTA) at the request of a critical infrastructure organization. During RTAs, CISA’s red team simulates real-world malicious cyber operations to assess an organization’s cybersecurity detection and response capabilities. In coordination with the assessed organization, CISA is releasing this Cybersecurity Advisory to…

North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs

Summary The U.S. Federal Bureau of Investigation (FBI) and the following authoring partners are releasing this Cybersecurity Advisory to highlight cyber espionage activity associated with the Democratic People’s Republic of Korea (DPRK)’s Reconnaissance General Bureau (RGB) 3rd Bureau based in Pyongyang and Sinuiju: U.S. Cyber National Mission Force (CNMF) U.S. Cybersecurity and Infrastructure Security Agency…

CISA Red Team’s Operations Against a Federal Civilian Executive Branch Organization Highlights the Necessity of Defense-in-Depth

EXECUTIVE SUMMARY In early 2023, the Cybersecurity and Infrastructure Security Agency (CISA) conducted a SILENTSHIELD red team assessment against a Federal Civilian Executive Branch (FCEB) organization. During SILENTSHIELD assessments, the red team first performs a no-notice, long-term simulation of nation-state cyber operations. The team mimics the techniques, tradecraft, and behaviors of sophisticated threat actors and…

WordPress Appliance - Powered by TurnKey Linux