Hot Topics

Mandiant

CISA Order Highlights Persistent Risk at Network Edge

CISA Order Highlights Persistent Risk at Network Edge

| | Adam Boileau, Barracuda Networks, cisa, CVE-2023-27997, Cybersecurity and Infrastructure Security Agency, Fortinet, Fortra, GoAnywhere, Latest Warnings, Mandiant, MOVEit Transfer, Patrick Gray, Progress Software, risky-business-podcast, The Coming Storm, Time to Patch
The U.S. government agency in charge of improving the nation's cybersecurity posture is ordering all federal civilian agencies to take new measures to restrict access to Internet-exposed networking equipment. The directive comes ...
Krebs on Security
Barracuda Urges Replacing — Not Patching — Its Email Security Gateways

Barracuda Urges Replacing — Not Patching — Its Email Security Gateways

| | Barracuda Networks, Caitlin Condon, CVE-2023-2868, Email Security Gateway, International Computer Science Institute, Latest Warnings, Mandiant, Nicholas Weaver, rapid7, Time to Patch
It's not often that a zero-day vulnerability causes a network security vendor to urge customers to physically remove and decommission an entire line of affected hardware -- as opposed to just applying ...
Krebs on Security
3CX Breach Was a Double Supply Chain Compromise

3CX Breach Was a Double Supply Chain Compromise

| | 3CX, A Little Sunshine, ClearSky Security, Diamond Sleet, double supply chain breach, Elastic Security, ESET, ICONICSTEALER, Kaspersky Lab, kim zetter, Latest Warnings, macos, Mandiant, Marc-Etienne M.Leveille, Microsoft, Ne'er-Do-Well News, Peter Kalnai, supply chain, The Coming Storm, Trading Technologies, X_Trader, zero-day, ZINC
We learned some remarkable new details this week about the recent supply-chain attack on VoIP software provider 3CX, a complex, lengthy intrusion that has the makings of a cyberpunk spy novel: North ...
Krebs on Security
Reading Mandiant M-Trends 2023

Reading Mandiant M-Trends 2023

| | google cloud, Mandiant, Threat Intelligence
The famous Mandiant 2023 M-Trends (NOT G-Trends, mind you…) report is out, and here are some of the things that I found to be surprising and NOT surprising :-)Mandiant M-Trends 2023 Detection by SourceSURPRISING“Mandiant ...
Stories by Anton Chuvakin on Medium
Microsoft (& Apple) Patch Tuesday, April 2023 Edition

Microsoft (& Apple) Patch Tuesday, April 2023 Edition

| | Bharat Jogi, CVE-2022-37969, CVE-2023-28219, CVE-2023-28220, CVE-2023-28252, DBAPPSecurity, Dustin Childs, iOS 15.5.7, iOS/iPadOS 16.4.1, Mandiant, Nokoyawa ransomware, Qualys, Security Tools, The Coming Storm, Time to Patch, Trend Micro Zero Day Initiative, Windows Common Log System File System
Microsoft today released software updates to plug 100 security holes in its Windows operating systems and other software, including a zero-day vulnerability that is already being used in active attacks. Not to ...
Krebs on Security
Microsoft Patch Tuesday, February 2023 Edition

Microsoft Patch Tuesday, February 2023 Edition

| | CVE-2023-21529, CVE-2023-21706, CVE-2023-21707, CVE-2023-21715, CVE-2023-21716, CVE-2023-21823, CVE-2023-23376, Dustin Childs, Immersive Labs, Internet Explorer 11, Johannes Ullrich, Kevin Breen, Latest Warnings, Mandiant, Microsoft Office, Microsoft Patch Tuesday February 2023, SANS Internet Storm Center, Security Tools, Time to Patch, Trend Micro Zero Day Initiative
Microsoft is sending the world a whole bunch of love today, in the form of patches to plug dozens of security holes in its Windows operating systems and other software. This year's ...
Krebs on Security
Battle with Bots Prompts Mass Purge of Amazon, Apple Employee Accounts on LinkedIn

Battle with Bots Prompts Mass Purge of Amazon, Apple Employee Accounts on LinkedIn

| | A Little Sunshine, amazon, Anastacia Brown, Apple, Binance, Employment Fraud, Indeed, Jay Pinho, linkedin, Mandiant, Nicholas Weaver, SignalHire, Web Fraud 2.0
On October 10, 2022, there were 576,562 LinkedIn accounts that listed their current employer as Apple Inc. The next day, half of those profiles no longer existed. A similarly dramatic drop in ...
Krebs on Security
Google Mandiant developers security culture

Google Acquires Cyberdefense Firm Mandiant for $5.4B

| | automated defense, Cloud Security, Cybersecurity, FedRAMP, google, Mandiant, Web security
Tech giant Google is shoring up its cloud security offerings with the $5.4 billion acquisition of security advisory and incident response services specialist Mandiant.  The company’s dynamic cyberdefense solutions are delivered through ...
Security Boulevard
Mandiant is for Sale and Microsoft Should Get Serious with Enterprise Security

Mandiant is for Sale and Microsoft Should Get Serious with Enterprise Security

| | enterprise security, fireeye, FireEye hack, Mandiant, Microsoft
FireEye Failed, Mandiant is for Sale and it’s Time for Microsoft to Get Serious with Enterprise Security  An autopsy of FireEye’s missteps and why Microsoft should acquire Mandiant and create a security ...
Security Boulevard
Indictment, Lawsuits Revive Trump-Alfa Bank Story

Indictment, Lawsuits Revive Trump-Alfa Bank Story

| | 66.216.133.29, A Little Sunshine, Alfa Bank, B.G.R. Group, Daniel J. Jones, dns, FBI, Heartland Payment Systems, Indiana University School of Informatics and Computing, James A. Baker, John H. Durham, L. Jean Camp, Mandiant, Michael Sussmann, Nicholas Weaver, Paul Vixie, Spectrum Health, Stroz Friedberg, The Democracy Integrity Project, Trump Organization, trump1.contact-client.com, University of California Berkeley
In October 2016, media outlets reported that data collected by some of the world's most renowned cybersecurity experts had identified frequent and unexplained communications between an email server used by the Trump ...
Krebs on Security
Load more