intrusion detection
ICS intrusion detection has blind spots that complicate plant security
Industrial control systems on plant floors run alongside a growing layer of monitoring software meant to catch intruders before they reach a turbine, a valve, or a chemical …
Why a decade-old EnCase driver still works as an EDR killer
Attackers are leaning on a new EDR killer malware that can shut down 59 widely used endpoint security products by misusing a kernel driver that once shipped with Guidance …
Meet ARGUS, the robot built to catch hackers and physical intruders
Hospitals, airports, and campuses are no longer dealing with separate security problems. Someone can slip past a checkpoint while another actor launches a network scan, and …
Suricata: Open-source network analysis and threat detection
Suricata is an open-source network intrusion detection system (IDS), intrusion prevention system (IPS), and network security monitoring engine. Suricata features Suricata …
Active Directory compromise: Cybersecurity agencies provide guidance
Active Directory (AD), Microsoft’s on-premises directory service for Windows domain networks, is so widely used for enterprise identity and access management that …
A zero-day vulnerability (and PoC) to blind defenses relying on Windows event logs
A zero-day vulnerability that, when triggered, could crash the Windows Event Log service on all supported (and some legacy) versions of Windows could spell trouble for …
CISA releases free tool for detecting malicious activity in Microsoft cloud environments
Network defenders searching for malicious activity in their Microsoft Azure, Azure Active Directory (AAD), and Microsoft 365 (M365) cloud environments have a new free solution …
Microsoft announces automatic BEC, ransomware attack disruption capabilities
Last year, Microsoft announced automatic attack disruption capabilities in Microsoft 365 Defender, its enterprise defense suite. On Wednesday, it announced that these …
Intruder dwell time jumps 36%
Sophos released the Active Adversary Playbook 2022, detailing attacker behaviors that Sophos’ Rapid Response team saw in the wild in 2021. The findings show a 36% increase in …
Attackers are leveraging Follina. What can you do?
As the world is waiting for Microsoft to push out a patch for CVE-2022-30190, aka “Follina”, attackers around the world are exploiting the vulnerability in a …
Network intrusion detections skyrocketing
A WatchGuard report shows a record number of evasive network malware detections with advanced threats increasing by 33%, indicating a higher level of zero day threats than …
Perimeter intrusion detection systems market to reach $21.3 billion by 2026
The global market for perimeter intrusion detection systems estimated at $11 billion in the year 2020, is projected to reach a revised size of $21.3 billion by 2026, growing …
Featured news
Resources
Don't miss
- Autonomous AI-driven worm can reason its way through corporate networks
- Only 11% of production agents pass the AI agent security bar
- A small Slovenian team handles 6,000 cyber incidents a year
- Agent Threat Rules: Open detection rule format for AI agent security threats
- Google fixes actively exploited Android vulnerability (CVE-2025-48595)