What is it with these funny adversary names such as FANCY BEAR, WIZARD SPIDER and DEADEYE JACKAL? You read about them in the media and see them on CrowdStrike T-shirts and referenced by MITRE in the ATT&CK framework. Why are they so important to cyber defenders? How is an adversary born? You may think you have a problem with ransomware, bots or distributed denial of service (DDoS) attacks but you would be wrong. Because humans are behind every cyberattack, what you really have is an adversary problem.

On Friday, May 27, 2022, Security vendor nao_sec identified a malicious document leveraging a zero-day remote code execution RCE vulnerability (CVE-2022-30190) in Microsoft Windows Support Diagnostic Tool (MSDT). The actively exploited vulnerability exists when MSDT is called using the URL protocol from a calling application, such as Microsoft Word.

This month, Egnyte is excited to introduce the start of a redesign to its UI, productivity improvements around shortcuts and the API, new offerings for Advanced Privacy & Compliance and CMMC, continued improvements in governance, and a whole host of new features around course management in the Quality Document Management module for Life Sciences.

In case you missed the news, LimaCharlie has raised 5.45 million dollars in an oversubscribed seed round led by Susa Ventures, with participation from Xerox Ventures, CoFound Partners, Long Journey Ventures, Sands Capital, StoneMill Ventures, as well as existing investor, Lytical Ventures. The money is going to be used to expand engineering and to build out our go-to-market strategy.

If you want just to see how to find detections for the Follina MS Office RCE, skip down to the “detections” sections. Otherwise, read on for a quick breakdown of what happened, how to detect it, and MITRE ATT&CK mappings.

Cloud adoption continues to soar. More than two-thirds of small to mid-sized businesses intend to increase their use of cloud technologies over the next few years. While the cloud comes with many security benefits, it also carries unique concerns. As the cloud becomes increasingly central to business operations, cloud security should be a priority. Businesses must ensure this security from the ground up, not add it in later as an afterthought.

We just released our 22.5 Release to Forward Enterprise and boy what a surprise to have our NQE external data sources finally ready to show the world. Very simply, this allows you to pull in data from external HTTP sources (currently we support HTTP GET) and automagically model the data in our data model explorer and our integrated development environment. To enable this you simply need to add the resource endpoints for the HTTP API of the data you are interested in. i.e.

Trust is one of the things that makes us human. We evolved the ability to trust in order to make life or death judgment calls and it is wired into our brains from birth. Unfortunately, since time immemorial, nefarious characters have always abused the trust of others to their own advantage, and in the modern world it is now one of the primary tools in a cybercriminal’s arsenal.

We are proud to announce that for the seventh year in a row, WatchGuard has been recognized at the IT World Awards for 2022, securing six wins across multiple categories. This prestigious awards program honors information technology and cybersecurity vendors with advanced, ground-breaking products, solutions and services that are helping set the bar higher for others in all areas of IT and security.

Last week Dark Reading released an enterprise application security survey which raised serious concerns by IT and security teams Last week, Microsoft announced a new low-code application service called Power Pages, the fifth service joining the Power Platform. Whether you’re a low-code maker or professional developer, this low-code, scalable, and secure solution empowers you to build business-centric websites quickly and easily.