'

Gootbot: A new post-exploitation implant for lateral movement

Gootbot: A new post-exploitation implant for lateral movement

The creators of Gootloader, a malicious program commonly used to deploy ransomware and other malware threats on enterprise networks, have developed a new second-stage implant. Dubbed GootBot, the new post-exploitation tool is written in PowerShell and is pushed to other systems on compromised networks via lateral movement techniques. “The Gootloader group’s introduction of their own … Read more

Facebook tops security ratings among social networks

Facebook tops security ratings among social networks

Facebook is the most secure social networking site among the major players, thanks to improved privacy controls and support for more secure two-factor authentication technology, but the social media sector as a whole remains vulnerable to different types of account takeover. According to a study released Tuesday by access management vendor Cerby, the biggest area … Read more

MTE – The promising path forward for memory safety

MTE – The promising path forward for memory safety

Posted by Andy Qin, Irene Ang, Kostya Serebryany, Evgenii Stepanov Since 2018, Google has partnered with ARM and collaborated with many ecosystem partners (SoCs vendors, mobile phone OEMs, etc.) to develop Memory Tagging Extension (MTE) technology. We are now happy to share the growing adoption in the ecosystem. MTE is now available on some OEM … Read more

Automatic Conditional Access policies in Microsoft Entra streamline identity protection

Automatic Conditional Access policies in Microsoft Entra streamline identity protection

Extending our commitment to help customers be secure by default, today we’re announcing the auto-rollout of Microsoft Entra Conditional Access policies that will automatically protect tenants based on risk signals, licensing, and usage. We’ve designed these policies based on our deep knowledge of the current cyberthreat landscape to help our customers strengthen their security baseline, … Read more

Bitwarden Revolutionises Online Security with Passkey Management

Bitwarden Revolutionises Online Security with Passkey Management

Bitwarden has introduced a ground-breaking feature: passkey management. This innovation empowers every Bitwarden user to create, handle, and securely store passkeys within their vaults. With the Bitwarden web extension, users can effortlessly and securely access passkey-enabled websites. These synchronised passkeys are meticulously encrypted within users’ vaults, offering a seamless and passwordless login experience. A Secure, … Read more

Glasgow Caledonian University Selects CyberArk to Reduce Identity Security Risk for Thousands of Staff and Students

Glasgow Caledonian University Selects CyberArk to Reduce Identity Security Risk for Thousands of Staff and Students

CyberArk has announced that Glasgow Caledonian University (GCU) has selected the CyberArk Identity Security Platform to power its mission-critical identity and access management modernisation initiatives and improve security for its more than 27,000 staff and students. The top-performing modern university in Scotland, GCU has campuses in the centre of Glasgow and London and is well … Read more

Frontegg releases new identity, user management solution for SaaS products

Frontegg releases new identity, user management solution for SaaS products

Identity and access management platform Frontegg has announced the release of Frontegg Forward to support software as a service (SaaS) companies in handling customer identity and user management within their products. The new offering delivers four fundamental user management innovations that SaaS companies need to meet their growth imperatives over the next decade, the company … Read more

Eclypsium launches supply chain security guide to track risks and incidents

Eclypsium launches supply chain security guide to track risks and incidents

Digital supply chain security company Eclypsium has announced the launch of a new supply chain security guide to help IT, security, and procurement teams track risks and incidents. CIOs, CISOs, and supply chain leaders can use the guide to assess their exposure to supply chain cybersecurity threats and make better risk-based purchase decisions, the firm … Read more

IBM rebuilds QRadar for hybrid clouds and AI workloads

IBM rebuilds QRadar for hybrid clouds and AI workloads

IBM has announced rebuilding its security information and event management (SIEM) offering, QRadar, with a cloud-native architecture to help organizations scale their hybrid cloud and AI workloads. The new offering combines IBM’s existing SIEM skeleton within the QRadar suite with new generative AI and threat detection capabilities for improved data ingestion, and search and analytics … Read more

Secure from the get-go: top challenges in implementing shift-left cybersecurity approaches

Secure from the get-go: top challenges in implementing shift-left cybersecurity approaches

David Ulloa sees value in the shift-left strategy, which embeds security at the earliest stages of software development. Like other security chiefs, Ulloa believes that this approach can effectively and efficiently boost the organization’s security posture. But he concedes: not everyone shared his perspective when he first proposed using the strategy. So, Ulloa, CISO with … Read more