433 Central Ave., 4th Floor, St. Petersburg, FL 33701 | [email protected] | Office: (727) 493-2351

Darktrace launches AI-driven vulnerability detection, alert system Newsroom

AI-focused cybersecurity vendor Darktrace has announced the release of Newsroom, a new detection and warning system for critical vulnerabilities that uses open-source intelligence (OSINT) sources to identify threats posed to businesses. Newsroom leverages deep and AI-assisted knowledge of a customer’s external attack surface to gauge its exposure to detected vulnerabilities and provides a summary of exploits, affected software and assets within the organization, Darktrace stated. It also provides vulnerability mitigation guidance specific to businesses, while early adoption has revealed insight on remote code injection flaws in Citrix Gateway/Citrix ADC, CentOS Web Panel 7 Servers, and Zoho ManageEngine products, according to the vendor. Darktrace Newsroom is now available as part of the Darktrace PREVENT product range. To read this article in full, please click here
http://news.poseidon-us.com/Sjt0Bz

Researchers find hidden vulnerabilities in hundreds of Docker containers

Rezilion uncovered the presence of hundreds of Docker container images containing vulnerabilities that are not detected by most standard vulnerability scanners and SCA tools. The research revealed numerous high-severity/critical vulnerabilities hidden in hundreds of popular container images, downloaded billions of times collectively. This includes high-profile vulnerabilities with publicly known exploits. Some of the hidden vulnerabilities are known to be actively exploited in the wild and are part of the CISA known exploited vulnerabilities catalog, including … More → The post Researchers find hidden vulnerabilities in hundreds of Docker containers appeared first on Help Net Security.
http://news.poseidon-us.com/SjsnvN

Nudge Security launches SaaS attack surface management capabilities

Organizations face an average of six breaches in their SaaS supply chain every year, according to new data published by Nudge Security. With threat actors like Lapsus$ exploiting this modern attack surface, securing it has become a top cybersecurity priority and was the subject of a recent executive order. In fact, by 2025, 45% of organizations worldwide will have experienced attacks on their software supply chains, a three-fold increase from 2021, according to Gartner. To … More → The post Nudge Security launches SaaS attack surface management capabilities appeared first on Help Net Security.
http://news.poseidon-us.com/SjsDqj

Backdoor deployment overtakes ransomware as top attacker action

Deployment of backdoors on networks was the top action attackers made in almost a quarter of all incidents remediated in 2022. A spike in the use of the multi-purpose Emotet malware early in the year was the main culprit of this increase, accounting for 47% of backdoors deployed throughout the year, according to IBM Security X-Force Threat Intelligence Index. “Increased backdoor deployment may also be due to the amount of money this kind of access can generate on the dark web. Compromised corporate network access from an initial access broker typically sells for several thousands of US dollars,” stated the report. To read this article in full, please click here
http://news.poseidon-us.com/SjppBg

What is Traffic Light Protocol? Here’s how it supports CISOs in sharing threat data

Traffic Light Protocol (TLP) was created to facilitate greater sharing of potentially sensitive threat information within an organization or business and to enable more effective collaboration among security defenders, system administrators, security managers, and researchers. TLP grew out of efforts by various public-sector security incident response teams of various nations that began sharing security alerts. The protocol was developed so that recipients of threat data could assess its sensitivity and determine how to share it with others, without giving any aid to the bad actors, revealing personal data, or running afoul of data privacy regulations. To read this article in full, please click here
http://news.poseidon-us.com/SjpRvK

Resecurity warns about cyber-attacks on data center service providers

Resecurity warns about the increase of malicious cyber activity targeting data center service providers globally. According to the detailed report recently released by the California-based cybersecurity company, during September 2021, Resecurity notified several data center organizations about malicious cyber activity targeting them and their customers. Such organizations act as a critical part of the enterprise supply chain and become a juicy target for nation-state, criminal and cyberespionage groups. The details about this activity have been … More → The post Resecurity warns about cyber-attacks on data center service providers appeared first on Help Net Security.
http://news.poseidon-us.com/Sjp1lf