Microsoft has not yet released patches for two zero-days, Follina and DogWalk, that both exploit vulnerabilities in the Microsoft Windows Support Diagnostic Tool. But the company has released a workaround for Follina, and micropatching service 0Patch has offered a temporary fix for DogWalk.
It's critical to enable companies to not only see what is going on in their IT environments but to also quickly react, and "sheer manpower" is no longer sufficient to respond to the surge of cyberthreats evolving today, says Mike DeCesare, CEO of Exabeam.
Cyber adversaries are embracing defense evasion, triple extortion, wiper malware and the accelerated exploit chain, and that is significantly reshaping the threat landscape that CISOs have to deal with, according to Derek Manky, head of Fortinet's FortiGuard Labs.
While adversaries are often still using many of the same old methods and exploits to compromise their victims, the exposure and consequences of these attacks are becoming increasingly damaging, says Bryan Ware, CEO of LookingGlass Cyber Solutions. He discusses how to keep ahead of the adversaries.
Software bills of material, or SBOMs, are still "years away" from being ubiquitous, says Grant Schneider, senior director for cybersecurity services at Venable. He says it will take time for them to catch on, and a set of standards and other critical components for industry need to be defined.
In an organization, people are the ones who develop and sustain organizational strategy. Talented people are discovering that it's possible to leave a toxic environment so they can breathe and thrive. Marco Túlio Moraes explores how to retain both talent and strategy.
SSNDOB, a darknet marketplace selling stolen Social Security numbers and birthdates, has been shut down, says the U.S. Department of Justice. The takedown was the result of a multiagency effort involving the IRS-CI, the FBI, the DOJ, and law enforcement agencies of Cyprus and Latvia.
Individuals who work on developing software - even if not employed by a technology firm - are under more stress than ever before, says Sonahi Shah, chief product officer at Invicti Security, who explains the ever-increasing pressure to develop secure code.
In the digitally transformed world, APIs suddenly are among the hottest attack vectors. Yet too many organizations fail to even have visibility into their API inventory, much less security. Oz Golan, CEO of Noname Security, discusses API security trends.
The world is a much different place since the previous in-person RSA Conference - and so is the cybersecurity marketplace. Alberto Yépez of Forgepoint Capital shares his view of the state of the industry and the market forces that may cause further change in 2022.
Recently CybelAngel CEO, Erwan Keraudy, and CRO Jeff Gore, sat down with Mathew Schwartz, Executive Editor of DataBreach Today to discuss ways for businesses to protect their growing external attack surface.
Art Coviello, former CEO of RSA and current partner with Rally Ventures, describes the cybersecurity industry trends he's watching closely as we hit the midway point of 2022, as well as which emerging technologies have not quite evolved in the way he might have anticipated.
Cyberwarfare has emerged as the bridge between espionage and kinetic conflict. "It's here," says Chase Cunningham of Ericom Software. He discusses how enterprise cybersecurity leaders should now think more deeply about their adversaries' motivations and capabilities.
When contracting for modern MDR services, Lyndon Brown of Pondurance advises prospective customers to ask about more than the managed service and detection. He says they should ask tough questions about response. Brown shares his insights and strategies.