By Ionut Arghire

Microsoft on Thursday announced Windows Defender System Guard runtime attestation, a new Windows platform security technology set to roll out to all editions of Windows.

read more

…read more

Source:: securityweek


Print pagePDF pageEmail page

By Kevin Townsend

Cybersecurity Tech Accord Comprises Fine Words With No Defined Deliverables and Perhaps Impossible Intentions

read more

…read more

Source:: securityweek


Print pagePDF pageEmail page

By Eduard Kovacs

FireEye this week made several announcements, including the launch of new solutions and capabilities, new pricing and packaging models, and a strategic partnership with Oracle.

One of the new solutions is SmartVision Edition, which should help organizations detect malicious traffic moving within their network.

read more

…read more

Source:: securityweek


Print pagePDF pageEmail page

By Marc Solomon

The Industry Needs a Common Understanding of How to Best Put Threat Intelligence Into Practice

Knowledge is of no value unless you put it into practice.” When Russian author Anton Chekhov said this more than a century ago, he very well could have been speaking of threat intelligence.

read more

…read more

Source:: securityweek


Print pagePDF pageEmail page

By Ionut Arghire

Microsoft has rolled out a new Windows Defender Browser Protection extension to help Chrome users stay safe from malware and phishing websites.

read more

…read more

Source:: securityweek


Print pagePDF pageEmail page

By Tom Spring

Researchers are warning malware payloads can bypass traditional AV protection when delivered buried inside images, documents or even just a pixel. …read more

Source:: Threat Post


Print pagePDF pageEmail page

By Eduard Kovacs

Cisco informed customers on Wednesday that it has patched critical vulnerabilities in WebEx and UCS Director, along with nine high severity flaws in StarOS, IOS XR, Firepower and ASA products.

read more

…read more

Source:: securityweek


Print pagePDF pageEmail page

By Ashley Arbuckle

In the last twelve months it seems like supply chain attacks are on the rise—CCCleaner, Nyetya/NotPetya, Spectre and Meltdown, to name a few.

read more

…read more

Source:: securityweek


Print pagePDF pageEmail page

By Eduard Kovacs

Updates released on Wednesday for Drupal 8 patch a moderately critical cross-site scripting (XSS) vulnerability affecting a third-party JavaScript library.

The flaw impacts CKEditor, a WYSIWYG HTML editor included in the Drupal core. CKEditor exposes users to XSS attacks due to a flaw in the Enhanced Image (image2) plugin.

read more

…read more

Source:: securityweek


Print pagePDF pageEmail page

By Eduard Kovacs

A feature that allows users to wirelessly sync their iPhones and iPads with iTunes can be abused by hackers to take control of iOS devices in what researchers call a “Trustjacking” attack.

read more

…read more

Source:: securityweek


Print pagePDF pageEmail page