Critical Start, a Managed Detection and Response (MDR) cybersecurity solutions provider, has unveiled its new service extension, Critical Start MDR for Operational Technology (OT). This addition enhances the company’s Managed Cyber Risk Reduction (MCRR) strategy, which integrates threat, vulnerability, and risk monitoring to offer a strategic, data-driven approach to cybersecurity. OT, essential for industrial organizations, presents unique challenges that require specialized security solutions. The new service from Critical Start addresses these needs by providing OT-specific threat detection ..read more

In an innovative move to secure the employee onboarding process, Specops Software has announced the release of its new solution, First Day Password. This groundbreaking tool aims to eliminate the common security risks associated with sharing initial passwords for new hires. “Customers have been asking us to solve the problem of insecure password sharing ahead of employees’ first days for quite some time,” said Darren James, Senior Product Manager at Specops Software. “I am excited to share that we are now able to solve this password gap for any organization looking to secure their onboarding p ..read more

Preventing Cyber Attacks With MDM Mobile device management, or MDM, has proliferated as smart device penetration increases. Today's companies report Apple devices are among the market's fastest growing segments. However, equipping employees with these intelligent electronics must be done with caution. Without sufficient security protocols, hackers could penetrate an organization's defenses, costing a ton. Traditionally, there are two paths to cyber threat prevention: MDM and MTD. Mobile threat detection differs from MDM because it monitors network entrances and alerts admins. If suspicious act ..read more

Microsoft has issued a warning regarding the Russian APT28 threat group, revealing that the group is exploiting a vulnerability in Windows Print Spooler to escalate privileges and steal credentials using a newly identified hacking tool dubbed GooseEgg. This tool specifically targets the CVE-2022-38028 vulnerability, which was reported by the U.S. National Security Agency and subsequently patched by Microsoft during its October 2022 Patch Tuesday. However, Microsoft had not previously flagged this vulnerability as actively exploited. APT28, which operates under the umbrella of Military Unit 261 ..read more

A recent joint study by Flashpoint and ERP cybersecurity firm Onapsis has highlighted an alarming rise in cyber threats targeting SAP applications, marking a significant shift in the focus of cybercriminal activities. The research indicates that SAP business-critical applications have become increasingly valuable targets for cybercriminals, driven by the potential for financial gain, espionage, and sabotage. The report underscores 2023 as a pivotal year for SAP application security, witnessing unprecedented levels of threat activities. Well-established threat actors and state-sponsored cyberes ..read more

An estimated 22,500 Palo Alto GlobalProtect firewall devices are potentially susceptible to the critical CVE-2024-3400 flaw, a command injection vulnerability that allows unauthenticated attackers to execute commands with root privileges. This vulnerability has been actively exploited since March 26, 2024, according to security researchers. CVE-2024-3400 impacts specific versions of Palo Alto Networks' PAN-OS in the GlobalProtect feature. The flaw enables attackers to inject commands through arbitrary file creation. Palo Alto Networks disclosed the vulnerability on April 12 and urged system ad ..read more

Anvilogic, recognized as the industry’s inaugural multi-data platform SIEM, announced today the successful closure of a $45 million Series C funding round. With this latest influx, the total capital raised by the company since its 2019 inception totals $85 million. The round was spearheaded by Evolution Equity Partners and saw contributions from a cohort of returning investors including Foundation Capital, Cervin Ventures, and others. This funding round aims to broaden the generative AI capabilities of Anvilogic’s system for varied use cases throughout the entire Security Operations Center (SO ..read more

Tech startup VulnCheck has successfully completed its seed funding round, raising a total of $7.95 million to expand its exploit intelligence services. The round included $4.75 million in new investments, prominently featuring contributions from Sorenson Capital. This financial boost follows closely on the heels of VulnCheck being named a finalist in the RSA Conference 2024 Innovation Sandbox contest. The newly acquired funds are earmarked for accelerating growth and enhancing product development. VulnCheck specializes in services that support enterprise platforms and workflows, addressing the ..read more

The recent discovery of the CVE-2024-3400 vulnerability in Palo Alto Networks' PAN-OS firewall software, which has been actively exploited in a campaign dubbed "Operation Midnight Eclipse," highlights a broader issue facing the cybersecurity industry. This flaw allowed unauthenticated actors to execute code as root through command injection, leading to the installation of malware and data theft by state-sponsored groups. While Palo Alto Networks has begun issuing fixes, the incident has shed light on systemic vulnerabilities within the cybersecurity infrastructure. Adam Maruyama, Field CTO at ..read more

The RansomHub extortion gang has initiated the release of what they claim to be sensitive corporate and patient data stolen from United Health subsidiary Change Healthcare, escalating an already complex and drawn-out extortion saga. This action follows a disruptive cyberattack in February, which significantly hindered the U.S. healthcare system's ability to process billing and insurance claims. Initially, the cyberattack was linked to the notorious BlackCat/ALPHV ransomware group, who later admitted to exfiltrating 6 terabytes of data during their operation. Despite the eventual shutdown of th ..read more