Upstream Attacks Likely with New Trojan Source Vulnerability
The new "Trojan Source" vulnerability enables stealthy malicious source code injections and could mean upstream attacks similar to the SolarWinds supply chain intrusion nearly four years ago.
View ArticleKaspersky Announces US Market Exit
Security software provider Kaspersky will gradually cease its U.S. operations beginning July 20, nearly a month after the U.S. Department of Commerce prohibited the sales and import of...
View ArticleMSSP Market News: SentinelOne Forms Defense Pact with CISA
Today's market news also covers Secureworks, QBE Insurance, Dataminr, Appgate, Rezonate, Kaspersky, Microsoft and Google Play.
View ArticleUnderstanding HIPAA, PCI DSS Protected Data
The first step towards strong data protection is understanding what data your organization handles. CYRISMA explains.
View ArticleOrganizations' Siloed Threat Intelligence Poses Security Risk: Cyware Research
Cyware CISO Terrence Driscoll says organizations must take a proactive approach by creating virtual and distributed cyber fusion centers to combine high-fidelity threat intelligence with threat...
View ArticleAT&T Reportedly Pays $370K Ransom
AT&T has reportedly paid a hefty ransom to hackers in exchange for the deletion of call detail records belonging to more than 100 million users exfiltrated through a breach of its Snowflake cloud...
View ArticleCISA: Urgent Remediation of Critical GeoServer Flaw needed
CISA has updated its Known Exploited Vulnerabilities catalog to include a critical GeoServer flaw, tracked as CVE-2024-36401.
View ArticleMSSP Market News: Exabeam and LogRhythm Complete Merger
Today's market news also covers KnowBe4, Neovera, Emagined Security, Okta, RELI Group, Cyber Bytes Foundation, BlackBerry, Invicti, IBM, Microsoft and Advance Auto Parts.
View ArticleHuntress Cyber Threat Report: Hackers Hiding in Plain Sight
Hackers are weaponizing legitimate tools to pull their "disappearing act." Huntress explains.
View ArticleJumpCloud Strategist Sees IT Teams Claw Back Control from MSPs
Fewer SMEs are turning to MSPs to manage their entire IT program, and 40% are worried about how MSPs handle security, JumpCloud reports.
View ArticleDisparities in SEC Breach Disclosure Rules Evident in CDK Global Attack
Experts point out that CDK Global's parent firm Brookfield Business Partners did not report its cybersecurity incident to the SEC.
View ArticleMSSP Market News: SonicWall Delivers Zero Trust Solution for MSPs
Today's market news also covers BlueVoyant, Zimperium, Pindrop, CyberMaxx, Ctera, Waterfall Security and CISA.
View ArticleData Management Approaches: Schema-on-Read vs. Schema-on-Write
Stellar Cyber explains how a Schema-on-Write data management approach provides customers with effective and accurate AI-driven threat detection results.
View ArticleVMware, SolarWinds Vulnerabilities Exploited, and Cisco Warns of Critical...
Cisco said the vulnerability was caused by an improper implementation of the password change process.
View ArticleInterpol Zeroes in on West African Cyber Fraud Operations
Interpol's crackdown on West African cyber fraud and organized crime is part of Operation Jackal III aimed at combating mounting financial fraud across the region.
View ArticleMSSP Market News: Cyvatar, Zimperium Partner for Mobile Threat Defense
Today's market news also covers Forcepoint, AppOmni, MACH37, ElevenLabs, Reality Defender, NETSCOUT SYSTEMS and NDAY Security.
View ArticleMSSPs Help Organizations Through CrowdStrike IT Outage
How are the widespread CrowdStrike outages impacting MSSPs? We hear from some of the top experts in the industry about the near- and long-term implications.
View ArticleGlobal Cyber Espionage Campaign Launched by Novel TAG-100 Operation
New attacks are exploiting known security flaws impacting internet-facing systems, including Microsoft Exchange Server, SonicWall, F5 BIG-IP instances, and the open-source Pantegana and Spark RAT...
View ArticleMSP Update: Service Providers Come Together to Help with CrowdStrike IT Outage
This week's update includes comprehensive CRA Network coverage of the CrowdStrike IT outage.
View ArticleSEC’s Lawsuit Against SolarWinds and CISO Dismissed
The ruling dismissed all claims against SolarWinds and Chief Information Security Officer Timothy Brown.
View Article