Catégorie : Cybersecurity
Sophos-SecureWorks Deal Focuses on Building Advanced MDR, XDR Platform
Sophos CEO Joe Levy says the $859 million deal to acquire SecureWorks from majority owner Dell Technologies will put the Taegis platform — with network detection and response, vulnerability detection and response, and identity threat detection and response capabilities — at the core.
Open Source LLM Tool Sniffs Out Python Zero-Days
Vulnhuntr is a Python static code analyzer that uses Claude AI to find and explain complex, multistep vulnerabilities.
AWS’s Predictable Bucket Names Make Accounts Easier to Crack
Amazon’s open source Cloud Development Kit generates dangerously predictable naming patterns that could lead to an account takeover.
Lazarus Group Exploits Chrome Zero-Day in Latest Campaign
The North Korean actor is going after cryptocurrency investors worldwide leveraging a genuine-looking game site and AI-generated content and images.
‘Prometei’ Botnet Spreads Its Cryptojacker Worldwide
The Russian-language malware primarily enlists computers to mine Monero, but theoretically it can do worse.
Russia-Linked Hackers Attack Japan’s Govt, Ports
Russia-linked hackers have taken aim at Japan, following its ramping up of military exercises with regional allies and the increase of its defense budget.
Supply Chain Cybersecurity Beyond Traditional Vendor Risk Management
Traditional practices are no longer sufficient in today’s threat landscape. It’s time for cybersecurity professionals to rethink their approach.
CISOs: Throwing Cash at Tools Isn’t Helping Detect Breaches
A survey shows three-quarters of CISOs are drowning in threat detections put out by a sprawling stack of tools, yet still lack the basic visibility necessary to identify breaches.
Time to Get Strict With DMARC
Adoption of the email authentication and policy specification remains low, and only about a tenth of DMARC-enabled domains enforce policies. Everyone is waiting for major email providers to get strict.
MacOS Safari ‘HM Surf’ Exploit Exposes Camera, Mic, Browser Data
Microsoft researchers toyed with app permissions to uncover CVE-2024-44133, using it to access sensitive user data. Adware merchants may have as well.









