While most large enterprises are moving to the cloud in some form, the path is never as direct as chief information officers (CIOs) and chief information security officers (CISOs) might like it to be. Most come to terms with the fact that the cloud won’t be a single offering, but rather a hybrid multicloud that aligns critical applications with cloud s

Microsoft this week announced the general availability of Microsoft Threat Protection, its integrated security solution aimed at offering protection across users, email, applications, and endpoints.Released in public preview in December 2019, the solution builds on Microsoft Defender Advanced Threat Protection (ATP), Office 365 ATP, Azure ATP, and Microsoft

Endpoint security firm SentinelOne on Wednesday announced that it has raised $200 million in a Series E funding round, at a valuation of more than $1.1 billion, which gives the company “unicorn” status.The latest funding round, which brings the total raised by SentinelOne to $430 million, was led by Insight Partners, with participation from Tiger Global Mana

In an attempt to improve the security of its users, the Chrome browser will soon start blocking insecure downloads on HTTPS pages, Google announced.The plan, which the Internet giant laid out this week, is expected to be completed sometime in the fall, when Chrome 86 arrives.The announcement comes just days after the release of Chrome 80, which by default bl

Many devices, including ones often found in enterprise environments, are likely still vulnerable to direct memory access (DMA) attacks, despite the fact that hardware and software vendors have implemented protections that should prevent such attacks, firmware security company Eclypsium said on Thursday.DMA is designed to allow hardware components or peripher

A cyberattack disclosed recently by Mitsubishi Electric, which resulted in hackers gaining access to the company’s network and stealing corporate data, likely involved exploitation of a vulnerability in Trend Micro’s OfficeScan product.Discovered in June 2019 but disclosed only last week, the data breach impacted both employee and corporate data at the Japan

Cybersecurity firm McAfee announced on Thursday that its board of managers has appointed Peter Leav as the company’s new chief executive officer after Chris Young decided to step down.Leav will take on the role of CEO on February 3 and he will also be appointed to the company’s board of managers. Young will stay on in an advisory role to assist with the tran

The U.S. National Security Agency (NSA) has informed Microsoft that Windows is affected by a potentially serious spoofing vulnerability that could allow hackers to make a malicious file appear to come from a trusted source or conduct man-in-the-middle (MitM) attacks.The NSA reached out to reporters to inform them about the vulnerability before Microsoft rele

Microsoft Security Essentials (MSE) will stop protecting Windows 7 PCs on January 14, 2020, when support for Windows 7 is set to end.Organizations that cannot update their systems from Windows 7 to Windows 10 until January 14 can continue receiving patches for critical and important vulnerabilities for up to another three years if they purchase Extended Secu

The perpetrator was a master of disguise, outfitting himself as an employee to bypass the extensive preventive security controls and flee with the contents of the vault. Fortunately, the building was equipped with strong detection security measures, and the burglar—unaware of the location of a laser tripwire—soon set off a silent alarm. A handful of the best

Security architecture is like the ocean: no one owns it, and it is constantly affected by change. New technologies are introduced, staff changes occur, and as a result, communication suffers. I often see environments where ownership is placed into silos across teams in the enterprise, meaning IT administrators preventing threats may not get the insights unco

Globalization and business transformation have created an incredibly complex worldwide supply chain for almost all manufacturers. Hardware ostensibly manufactured in the U.S. will inevitably include components manufactured in many different locations around the world -- including nations that are in other circumstances described as 'adversary states'.The pot

Vulnerabilities discovered in Kaspersky Secure Connection, Trend Micro Maximum Security, and Autodesk Desktop Application could be exploited for DLL preloading, code execution, and privilege escalation, a security firm has warned.According to SafeBreach, Kaspersky Secure Connection (KSDE), a VPN client used with various Kaspersky applications, including Secu

A recently discovered technique allows ransomware to encrypt files on Windows-based systems without being detected by existing anti-ransomware products, Nyotron security researchers warn.Dubbed RIPlace, the technique allows malware to bypass defenses using the legacy file system "rename" operation, and the security researchers say it is effective even agains

Phoenix Keylogger Attempts to Disable More Than 80 security Products, Exfiltrates Data Direct from MemoryThe Phoenix Keylogger, operating at the cusp of keylogger and infostealer, was launched in July 2019. It is sold as malware-as-a-service (MaaS), and appears to be gaining traction in the criminal underworld.Nocturnus, the research team from Cybereaso