Collaborate Disseminate
Microsoft Security Copilot has been made available to a larger number of enterprise customers, via an invitation-only Early Access Program. What is Microsoft Security Copilot? “Security Copilot is an AI assistant for security teams that builds on… Continue reading Microsoft announces wider availability of AI-powered Security Copilot
Users using Google to search for and download the KeePass password manager and the Notepad++ text editor may have inadvertently gotten saddled with malware, says Jérôme Segura, Director of Threat Intelligence at Malwarebytes. Malvertising via search en… Continue reading Google ads for KeePass, Notepad++ lead to malware
ClearFake, a recently documented threat leveraging compromised WordPress sites to push malicious fake browser updates, is likely operated by the threat group behind the SocGholish “malware delivery via fake browser updates” campaigns, Sekoi… Continue reading Researchers warn of increased malware delivery via fake browser updates
A threat actor is using compromised Skype accounts to deliver the DarkGate malware to target organizations, Trend Micro researchers have warned. “Versions of DarkGate have been advertised on Russian language forum eCrime since May 2023. Since the… Continue reading Compromised Skype accounts deliver DarkGate malware to employees
The “contain user” feature select Microsoft Defender for Endpoint customers have been trying out since November 2022 is now available to a wider pool of organizations, Microsoft has announced. The feature aims to help organizations disrupt … Continue reading Microsoft Defender can automatically contain compromised user accounts
In the wake of Google’s announcement of new rules for bulk senders, Microsoft is urging Microsoft 365 email senders to implement SPF, DKIM and DMARC email authentication methods. “These Domain Name Service (DNS) email authentication records… Continue reading Microsoft 365 email senders urged to implement SPF, DKIM and DMARC
Trend Micro has fixed a critical zero-day vulnerability (CVE-2023-41179) in several of its endpoint security products for enterprises that has been spotted being exploited in the wild. About CVE-2023-41179 The nature of the flaw hasn’t been revea… Continue reading Critical Trend Micro vulnerability exploited in the wild (CVE-2023-41179)
3 out of 4 workers use personal (and often unmanaged) phones and laptops for work and nearly half of companies let unmanaged devices access protected resources, a recent report by Kolide and Dimensional Research has revealed. When asked why they use pe… Continue reading Shadow IT: Security policies may be a problem
Your security solutions might stave off a LockBit infection, but you might still end up with encrypted files: according to Symantec’s threat researchers, some affiliates are using the 3AM ransomware as a fallback option in case LockBit gets flagg… Continue reading Attackers use fallback ransomware if LockBit gets blocked
Enterprise macOS users are being targeted by attackers slinging new information-stealing malware dubbed MetaStealer. The MetaStealer malware MetaStealer is delivered within malicious disk image format (.dmg) files. The names of the files – such a… Continue reading MetaStealer malware is targeting enterprise macOS users