Stealthy adversaries continually exploit system utilities to execute malicious code. A particularly potent and frequently misused tactic is MITRE ATT&CK® T1059 - Command and Scripting Interpreter, wherein attackers harness built-in interpreters like PowerShell, Bash, Python, or JavaScript to run arbitrary commands. This strategy enables adversaries to conduct … [Read more...] about Detect script-based threats with ES|QL: MITRE T1059 in action
Falcon Cloud Security Adds New AWS Detections
CrowdStrike Falcon® Cloud Security now delivers real-time detections for AWS IAM Identity Center, helping organizations detect and respond to identity-driven cloud threats before they escalate. A few months ago, we released CrowdStrike Falcon® Identity Protection support for AWS IAM Identity Center to help organizations detect and stop identity-based attacks before they … [Read more...] about Falcon Cloud Security Adds New AWS Detections
Mustang Panda Targets Myanmar With StarProxy, EDR Bypass, and TONESHELL Updates
The China-linked threat actor known as Mustang Panda has been attributed to a cyber attack targeting an unspecified organization in Myanmar with previously unreported tooling, highlighting continued effort by the threat actors to increase the sophistication and effectiveness of their malware. This includes updated versions of a known backdoor called TONESHELL, as well as a new … [Read more...] about Mustang Panda Targets Myanmar With StarProxy, EDR Bypass, and TONESHELL Updates
Apple surpasses 60 percent reduction in global greenhouse gas emissions
April 16, 2025 UPDATE Apple unveils environmental progress, surpassing 60 percent reduction in global greenhouse gas emissions Ahead of Earth Day, Apple hits new milestones in emissions reductions, clean energy, and recycled materials Customers are invited to recycle devices in-store with a special offer through May 16 Apple today announced that the company has surpassed a … [Read more...] about Apple surpasses 60 percent reduction in global greenhouse gas emissions
The Need for a Strong CVE Program
The Common Vulnerabilities and Exposures (CVE) program has long served as the foundation for standardized vulnerability disclosure and management, enabling effective communication and remediation strategies across the industry. As the cybersecurity community grapples with a potential lapse in the stewardship of the CVE program, organizations worldwide could face challenges … [Read more...] about The Need for a Strong CVE Program
Experts Uncover Four New Privilege Escalation Flaws in Windows Task Scheduler
Apr 16, 2025Ravie LakshmananEndpoint Security / Vulnerability Cybersecurity researchers have detailed four different vulnerabilities in a core component of the Windows task scheduling service that could be exploited by local attackers to achieve privilege escalation and erase logs to cover up evidence of malicious activities. The issues have been uncovered in a binary named … [Read more...] about Experts Uncover Four New Privilege Escalation Flaws in Windows Task Scheduler
Essential Components of a Cloud Runtime Protection Strategy
Securing cloud environments at runtime is no easy feat. Unlike traditional infrastructure, cloud workloads are dynamic, ephemeral, and often span multiple platforms — making continuous visibility a moving target. Adversaries continue to set their sights on cloud: According to the CrowdStrike 2025 Global Threat Report, new and unattributed cloud intrusions were up 26% … [Read more...] about Essential Components of a Cloud Runtime Protection Strategy
Meet four emerging filmmakers bending cultural and creative lines with iPhone 16 Pro Max
April 15, 2025 UPDATE Meet four emerging filmmakers bending cultural and creative lines with iPhone 16 Pro Max The talent behind this year’s MAMI Select: Filmed on iPhone projects delve into how India’s varied landscapes and cultures shaped their shorts Writer, director, and actor Konkona Sen Sharma believes that beyond technology, a filmmaker’s most important tool is … [Read more...] about Meet four emerging filmmakers bending cultural and creative lines with iPhone 16 Pro Max
Elastic Security simplifies customization of prebuilt SIEM detection rules
Customizing and updating prebuilt SIEM detection rules just got easier, improving precision, enabling broader coverage, and saving time.Customizing and updating prebuilt detection rules is now easier than ever with Elastic Security. We’ve streamlined detection engineering workflows and enabled greater use case coverage with out-of-the-box SIEM detection rules.Elastic Security … [Read more...] about Elastic Security simplifies customization of prebuilt SIEM detection rules
Cisco Secure Client’s Cloud Transformation
It started over 16 years ago. Cisco Secure Client, then known as AnyConnect, quickly rose to prominence as the go-to VPN solution for organizations worldwide. It became synonymous with reliable, secure remote connectivity, helping businesses bridge the gap between their teams and the resources they needed. But technology never stands still. As threats evolved and workforces … [Read more...] about Cisco Secure Client’s Cloud Transformation