Endpoint Security Archives - Page 3 of 10

Attackers Hitting VMWare Horizon Servers With Log4j Exploits

Issued by: Security Week

The warning comes almost exactly one month after the first disclosure of a Log4j remote code execution vulnerability that threatens major damage on the internet and heightens the urgency for enterprise defenders to find and fix the issue. According to an advisory from NHS Digital, attackers are exploiting the critical vulnerability in the Apache Tomcat…

Recorded Future Acquires SecurityTrails in $65M Deal

Issued by: Security Week

With this transaction, Somerville, Mass.-based Recorded Future gets a direct entry into the competitive continuous Attack Surface Management (ASM) business and new technology to help organizations with real-time visibility into networks and servers exposed to malicious actors. The $65 million deal comes less than a year after Recorded Future announced an early-stage investment in SecurityTrails…

Mobile Security

Citizen Lab Exposes Cytrox as Vendor Behind ‘Predator’ iPhone Spyware

Issued by: Security Week

Citizen Lab teamed up with the threat-intel team at Facebook parent company Meta to expose Cytrox alongside a handful of PSOAs (private sector offensive actors) in the murky surveillance-for-hire industry. In a detailed technical report published late Thursday, Citizen Lab said Cytrox is responsible for a piece of iPhone eavesdropping malware that was planted on…

Application Security, Cloud Security, Network Security

Cybersecurity M&A Roundup for December 1-12, 2021

Issued by: Security Week

Eighteen cybersecurity-related acquisitions were announced December 1-12, 2021. Acclaim Technical Services acquires Entegra Systems Acclaim Technical Services (ATS), which specializes in operational support, language, and technology services, has acquired cyber technology solutions provider Entegra Systems. Both companies are US-based government contractors, and the acquisition of Entegra, which provides services to defense and intelligence agencies, will…

Malware & Threats

QNAP Warns of New Crypto-Mining Malware Targeting NAS Devices

Issued by: Security Week

The Taiwan-based company, which is well known for its NAS and professional network video recorder (NVR) solutions, on Tuesday urged users to take immediate action to keep their devices protected against the new threat. QNAP says it is currently investigating reports where attackers infect NAS appliances with a Bitcoin miner that can be identified by…

Application Security, Cloud Security

Cybersecurity M&A Roundup: 40 Deals Announced in November 2021

Issued by: Security Week

The number of cybersecurity-related mergers and acquisitions announced in the past months has remained constant, with 40 deals announced in November 2021. November 1-7 Appsian Security acquires Q Software ERP data security and compliance firm Appsian Security acquired Q Software, which specializes in security and compliance solutions for JD Edwards EnterpriseOne, JD Edwards World, and…

Malware & Threats

‘Sabbath’ Ransomware Operators Target Critical Infrastructure

Issued by: Security Week

According to a warning from Mandiant, the group previously operated under the names of Arcane and Eruption and was observed last year deploying the ROLLCOAST ransomware. In October 2021, the group created the public naming-and-shaming site 54BB47h (Sabbath), one month after a post was discovered where the malware group announced it was looking for partners…

Vulnerabilities

Shrootless: macOS Vulnerability Found by Microsoft Allows Rootkit Installation

Issued by: Security Week

Tracked as CVE-2021-30892 and named “Shrootless” by Microsoft, the vulnerability exists in the method used to install Apple-signed packages with post-install scripts. To successfully exploit the vulnerability, an attacker needs to create a specially crafted file that would allow them to hijack the installation process of said packages. Apple introduced SIP in macOS Yosemite to…

Network Security

Zerodium Buying Zero-Day Exploits Targeting VPN Software

Issued by: Security Week

Specifically, the company wants to acquire exploits that work against the Windows versions of the ExpressVPN, NordVPN and Surfshark applications. These VPN services have millions of users. Zerodium is looking for remote code execution, IP address leak, and other information disclosure exploits. It does not want to acquire local privilege escalation vulnerabilities. The company has…

Network Security

Cybereason Partners With Google Chronicle on XDR Product

Issued by: Security Week

Extended Detection and Response (XDR) is touted as the security solution for the increasingly complex modern IT ecosphere. The principle is to extend EDR threat hunting beyond the endpoint and across the entire infrastructure. Cybereason has announced a partnership with Google Chronicle – the latter to provide ecosphere data, and the former to provide the…