Tamper protection in Microsoft Defender for Endpoint on macOS is now generally available, according to Microsoft. Tamper protection enables administrators who work with Apple hardware in their environment to prevent unauthorized removal of Microsoft…

RedAlpha, a Chinese state-sponsored threat activity group, has been linked to a multi-year credential theft campaign targeting global humanitarian, think tank, and government organizations. RedAlpha most likely attempted to gain access to email accounts…

The 2022 USENIX Security Symposium Test of Time Award was given to University of Michigan researchers for their 2012 study, "Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices." The paper, written by Professor J. Alex Halderman,…

Security teams have long focused on ransomware, hackers, and nation-state threat actors. External threats are considered more urgent and dangerous, with greater potential consequences for organizations. Security teams can easily identify the enemy and…

According to a recent alert from the Department of Health and Human Services' Cybersecurity Coordination Center, healthcare provider organizations are being targeted by a phishing campaign that uses a secure message theme to harvest credentials. The…

According to a new report from Mezmo, only 22 percent of organizations have developed a formal DevSecOps strategy that integrates security into software development lifecycle processes. A large percentage of those with a strategy report a positive impact…

Okta discovered in its latest report on the state of zero trust security that zero trust adoption is gaining significant traction in the healthcare sector this year. According to Okta's 2021 report, only 37 percent of surveyed healthcare organizations…

Security researchers at Quarkslab discovered a critical vulnerability in Google's Titan M chip earlier this year.  Introduced in 2018, Titan M is a system-on-a-chip (SoC) designed to deliver increased security protections to Pixel devices, including…

US healthcare provider Novant Health has recently notified patients that their protected health information may have been leaked through a tracking tool linked to Facebook.  The company did not specify how many patients were affected by the pixel…

Security researchers at Akamai have discovered a vulnerability in the remote procedure calls (RPC) for the Windows Server service, which could allow an attacker to gain control over the domain controller (DC) in a specific network configuration and…

A cyberattack disrupted a UK water supplier's corporate IT systems, but the company claims that its water supply was unaffected. Meanwhile, the alleged attacker, the Clop ransomware group, claimed the attack was on another, larger water utility, which…

A recent attack on Mailchimp cryptocurrency-related users has affected users of the cloud infrastructure provider DigitalOcean. On August 8, DigitalOcean discovered that its Mailchimp account had been compromised as part of what it believes is a larger…