Using Sophos EDR to identify endpoints impacted by Dell kernel driver vulnerability CVE-2021-21551

Credit to Author: Anthony Merry| Date: Thu, 06 May 2021 09:09:24 +0000

Use this query to identify which endpoints are impacted by the Dell kernel driver vulnerability CVE-2021-21551, and which are not.<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/SxHmhU9-42Q” height=”1″ width=”1″ alt=””/>

Read more

The story of ZeroLogon

Credit to Author: Pieter Arntz| Date: Tue, 19 Jan 2021 18:37:09 +0000

ZeroLogon is a treasure for cybercriminals, an ongoing struggle for Microsoft, and a headache for everyone caught in the middle.

Categories: Exploits and vulnerabilities

Tags:

(Read more…)

The post The story of ZeroLogon appeared first on Malwarebytes Labs.

Read more

Sophos is a CVE numbering authority

Credit to Author: Editor| Date: Wed, 13 Jan 2021 14:02:56 +0000

We’re excited to announce that we have been named a Common Vulnerabilities and Exposures (CVE) Numbering Authority (CNA) in the CVE program, a recognized international standard for identifying and naming cybersecurity vulnerabilities. This status authorizes us to assign CVE identification to unique vulnerabilities within the scope of our products. Security researchers can now work directly [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/74kPxDuu1h8″ height=”1″ width=”1″ alt=””/>

Read more

XSS to TSS: tech support scam campaign abuses cross-site scripting vulnerability

Credit to Author: Jérôme Segura| Date: Wed, 21 Oct 2020 20:41:32 +0000

This tech support scam is being spread via Facebook links and uses several redirection mechanisms to avoid detection.

Categories:

Tags:

(Read more…)

The post XSS to TSS: tech support scam campaign abuses cross-site scripting vulnerability appeared first on Malwarebytes Labs.

Read more

Removing Open Source Visibility Challenges for Security Operations Teams

Credit to Author: Trend Micro| Date: Tue, 25 Aug 2020 13:00:11 +0000

  Identifying security threats early can be difficult, especially when you’re running multiple security tools across disparate business units and cloud projects. When it comes to protecting cloud-native applications, separating legitimate risks from noise and distractions is often a real challenge.   That’s why forward-thinking organizations look at things a little differently. They want to…

The post Removing Open Source Visibility Challenges for Security Operations Teams appeared first on .

Read more

Why is smartphone security so important?

Credit to Author: Akuti Ojah| Date: Tue, 28 Jul 2020 12:42:50 +0000

Let’s pause for a second here and think about the astonishingly smart palm-sized device – that is our phone. A decade or two ago it would have been impossible to imagine all the things that a modern-day smartphone can do. A day without our smartphone is quite unimaginable. From remembering…

Read more