On December 2024 Patch Tuesday, Microsoft resolved 71 vulnerabilities in a variety of its products, including a zero-day (CVE-2024-49138) that’s been exploited by attackers in the wild to execute... Read more »

The Department of the Treasury is sanctioning Chinese cybersecurity company Sichuan Silence, and one of its employees, Guan Tianfeng, for their roles in the April 2020 compromise of tens... Read more »

Stamus Networks announced Clear NDR, an open and transparent NDR system that empowers cyber defenders to uncover and stop serious threats and unauthorized activity before they cause harm to... Read more »

Horizon3.ai launched NodeZero Insights, a platform designed for security leaders, CIOs, CISOs and practitioners. This new solution delivers real-time dashboards to measure, track and strengthen an organization’s security posture... Read more »

Versa announced Versa Endpoint DLP, an integrated endpoint data loss prevention (DLP) capability delivered by the Versa SASE Client as part of the VersaONE Universal SASE Platform. The endpoint... Read more »

Attackers are exploiting a vulnerability (CVE-2024-50623) in file transfer software by Cleo – LexiCo, VLTransfer, and Harmony – to gain access to organizations’ systems, Huntress researchers warned on Monday.... Read more »

SecureAuth is releasing biometric continuous identity assurance (BCIA). This ability is designed to safeguard a company’s sensitive information for the duration of a user’s session — providing additional protection... Read more »

Low-code/no-code (LCNC) platforms enable application development by citizen developers, often generating “shadow engineering” projects that evade security oversight. While LCNC solutions like Power BI reports and automated workflows foster... Read more »