Endpoint detection and response: The path to security maturity starts with visibility

Looking to set off on the right foot with endpoint detection and response? Prioritize visibility into your systems. For organizations considering adoption of an endpoint detection and response (EDR) solution, MITRE Engenuity’s most recent ATT&CK® Evaluation provides a singular glimpse into how a prospective EDR tool stands in the face of sophisticated threats. The work of … More Endpoint detection and response: The path to security maturity starts with visibility

Vishing: What is it and how do I avoid getting scammed?

How do vishing scams work, how do they impact businesses and individuals, and how can you protect yourself, your family and your business? We’ve all heard of phishing, the tried-and-tested email scam that spoofs authoritative sources to trick recipients into handing over sensitive information or downloading malware. Well, vishing is its voice call equivalent. It’s … More Vishing: What is it and how do I avoid getting scammed?

Tracking ransomware cryptocurrency payments: What now for Bitcoin?

Should we expect cybercriminals to ditch the pseudonymous cryptocurrency for other forms of payment that may be better at throwing law enforcement off the scent? Earlier this week, the Department of Justice announced it seized around $2.3 million worth of bitcoin (BTC 63.7) collected in the BTC 75 payment for Colonial Pipeline ransomware. Does this mean Bitcoin … More Tracking ransomware cryptocurrency payments: What now for Bitcoin?

Google fixes actively exploited Chrome zero‑day

The latest Chrome update patches a bumper crop of security flaws across the browser’s desktop versions. Google has rolled out an update for its Chrome web browser to fix a bunch of security flaws, including a zero-day vulnerability that is known to be actively exploited by threat actors. The bugs affect the Windows, macOS, and … More Google fixes actively exploited Chrome zero‑day

Gelsemium: When threat actors go gardening

ESET researchers shed light on new campaigns from the quiet Gelsemium group. Since mid-2020, ESET Research has been analyzing multiple campaigns, later attributed to the Gelsemium cyberespionage group, and has tracked down the earliest version of their main malware, Gelsevirine, to 2014. During the investigation, ESET researchers found a new version of Gelsevirine, a backdoor … More Gelsemium: When threat actors go gardening