#endpoint-protection — Public Fediverse posts

ICYMI: A security researcher recently published a working tool that extracts credentials stored in Microsoft Edge directly from the browser's parent process memory. No exploit is needed – just sufficient system privileges.

This is the kind of threat Keeper Security is designed to help address. In addition to our secure and encrypted password manager, Keeper Forcefield blocks unauthorized memory access at the kernel level – so even if a machine is compromised, there's nothing to extract.

#KeeperSecurity #Cybersecurity #PasswordSecurity #EndpointProtection #MicrosoftEdge

#checkpoint basically says whoever is developing #public #internet facing software needs #AI to find #exploits before others find them (any program that exchanges messages)
#firewall #virusscanner #endpointprotection good but not enough

https://blog.checkpoint.com/artificial-intelligence/claude-mythos-wake-up-call-what-ai-vulnerability-discovery-means-for-cyber-defense/ #cyber #cybersecurity

In 2025, the top 5 known exploited vulnerability (#KEV) vendors as of https://cyble.com/blog/cisa-kev-2025-exploited-vulnerabilities-growth/ were:

Microsoft (39)
#Apple (9)
#Cisco (8)
#Fortinet (8)
#Google #Chromium (7)

If you like to minimize your #security risk here, avoiding those vendors could improve your overall exposure.

As you can see, this is particularly true for #Microsoft.

Mitigation using #AntiMalware or #EndPointProtection is not the answer as we've learned in the previous year where the "Most Frequently Exploited #Vulnerabilities" have been security products!
Source: https://services.google.com/fh/files/misc/m-trends-2025-en.pdf

If you have high requirements for #ITsecurity, you need to migrate your systems to #Linux which is also part of KEV but on a *much* better level!

#Windows #macOS #iOS #exploits

WhatsApp accounts targeted in ‘GhostPairing’ attack https://www.csoonline.com/article/4108925/whatsapp-accounts-targeted-in-ghostpairing-attack.html #CommunicationsSecurity #EndpointProtection #MessagingSecurity #NetworkSecurity #MobileSecurity #Security

Hundreds of Ivanti EPM systems exposed online as critical flaw patched https://www.csoonline.com/article/4104158/hundreds-of-ivanti-epm-systems-exposed-online-as-critical-flaw-patched.html #EndpointProtection #Vulnerabilities #Security

Gemini for Chrome gets a second AI agent to watch over it https://www.csoonline.com/article/4103346/gemini-for-chrome-gets-a-second-ai-agent-to-watch-over-it-2.html #ArtificialIntelligence #EndpointProtection #BrowserSecurity #Security

Neue bösartige Browser-Erweiterungen entdeckt https://www.csoonline.com/article/4100071/neue-bosartige-browser-erweiterungen-entdeckt.html #EndpointProtection #BrowserSecurity #Security

Newly discovered malicious extensions could be lurking in enterprise browsers https://www.csoonline.com/article/4099446/newly-discovered-malicious-extensions-could-be-lurking-in-enterprise-browsers.html #EndpointProtection #BrowserSecurity #Cybercrime #Security #Malware

Microsoft gives Windows admins a legacy migration headache with WINS sunset https://www.csoonline.com/article/4098729/microsoft-gives-windows-admins-a-legacy-migration-headache-with-wins-sunset-2.html #NetworkAdministrator #EndpointProtection #NetworkSecurity #WindowsSecurity #Security #Careers #Roles

AI browsers can be tricked with malicious prompts hidden in URL fragments https://www.csoonline.com/article/4097087/ai-browsers-can-be-tricked-with-malicious-prompts-hidden-in-url-fragments.html #ArtificialIntelligence #EndpointProtection #BrowserSecurity #Security

New ClickFix attacks use fake Windows Update screens to fool employees https://www.csoonline.com/article/4096241/new-clickfix-attacks-use-fake-windows-update-screens-to-fool-employees.html #EndpointProtection #WindowsSecurity #Cybercrime #Security #Malware

Recognizing and responding to cyber threats: What differentiates NDR, EDR and XDR https://www.csoonline.com/article/4091641/recognizing-and-responding-to-cyber-threats-what-differentiates-ndr-edr-and-xdr.html #SecurityInfrastructure #EndpointProtection #RiskManagement #Security

Sneaky2FA phishing tool adds ability to insert legit-looking URLs https://www.csoonline.com/article/4094165/sneaky2fa-phishing-tool-adds-ability-to-insert-legit-looking-urls.html #EndpointProtection #SocialEngineering #BrowserSecurity #Cybercrime #Phishing #Security

Hidden API in Comet AI browser raises security red flags for enterprises https://www.csoonline.com/article/4092995/hidden-api-in-comet-ai-browser-raises-security-red-flags-for-enterprises.html #EndpointProtection #BrowserSecurity #Security

More work for admins as Google patches latest zero-day Chrome vulnerability https://www.csoonline.com/article/4092287/more-work-for-admins-as-google-patches-latest-zero-day-chrome-vulnerability.html #Zero-DayVulnerabilities #EndpointProtection #BrowserSecurity #Vulnerabilities #Security

🚨 New sophisticated threat alert! RONINGLOADER leverages signed drivers to disable Microsoft Defender & bypass EDR, targeting Chinese users with multi-stage malware. Stay informed & protected! 🛡️🔒 #CyberSecurity #Malware #InfoSec #EndpointProtection https://gbhackers.com/roningloader/
#newz

Microsoft fixes Windows 10 update flaw https://www.csoonline.com/article/4091597/microsoft-fixes-windows-10-update-flaw.html #EndpointProtection #WindowsSecurity #Security

Russian APT abuses Windows Hyper-V for persistence and malware execution https://www.csoonline.com/article/4085272/russian-apt-abuses-windows-hyper-v-for-persistence-and-malware-execution.html #AdvancedPersistentThreats #EndpointProtection #WindowsSecurity #Cyberattacks #Cybercrime #Security

Chinese hackers target Western diplomats using hard-to-patch Windows shortcut flaw https://www.csoonline.com/article/4082701/chinese-hackers-target-western-diplomats-using-hard-to-patch-windows-shortcut-flaw.html #EndpointProtection #Vulnerabilities #WindowsSecurity #Security

Critical Microsoft WSUS flaw exploited in wild after insufficient patch https://www.csoonline.com/article/4078952/critical-microsoft-wsus-flaw-exploited-in-wild-after-insufficient-patch.html #EndpointProtection #Vulnerabilities #WindowsSecurity #Security

AI browsers can be abused by malicious AI sidebar extensions: Report https://www.csoonline.com/article/4078306/ai-browsers-can-be-abused-by-malicious-ai-sidebar-extensions-report-2.html #EndpointProtection #BrowserSecurity #Cybercrime #Security #Malware

Security patch or self-inflicted DDoS? Microsoft update knocks out key enterprise functions https://www.csoonline.com/article/4076016/security-patch-or-self-inflicted-ddos-microsoft-update-knocks-out-key-enterprise-functions-2.html #DataandInformationSecurity #EndpointProtection #WindowsSecurity #Encryption #Security

Network security devices endanger orgs with ’90s era flaws https://www.csoonline.com/article/4074945/network-security-devices-endanger-orgs-with-90s-era-flaws.html #DataandInformationSecurity #ApplicationSecurity #EndpointProtection #TechnologyIndustry #NetworkSecurity #Vulnerabilities #DevSecOps #Industry #Security #Markets

OT security: Why it pays to look at open source – Source: www.csoonline.com https://ciso2ciso.com/ot-security-why-it-pays-to-look-at-open-source-source-www-csoonline-com/ #rssfeedpostgeneratorecho #EndpointProtection #CyberSecurityNews #IncidentResponse #NetworkSecurity #CSOonline #CSOOnline

OT security: Why it pays to look at open source https://www.csoonline.com/article/4055176/ot-security-why-it-pays-to-look-at-open-source.html #EndpointProtection #IncidentResponse #NetworkSecurity

10 most powerful cybersecurity companies today – Source: www.csoonline.com https://ciso2ciso.com/10-most-powerful-cybersecurity-companies-today-source-www-csoonline-com/ #IdentityManagementSolutions #IntrusionDetectionSoftware #rssfeedpostgeneratorecho #EndpointProtection #CyberSecurityNews #NetworkSecurity #riskmanagement #accesscontrol #CSOonline #Microsoft #zerotrust #CSOOnline #Security

10 most powerful cybersecurity companies today https://www.csoonline.com/article/569075/the-10-most-powerful-cybersecurity-companies.html #IdentityManagementSolutions #IntrusionDetectionSoftware #EndpointProtection #NetworkSecurity #RiskManagement #AccessControl #Microsoft #ZeroTrust #Security

CrowdStrike: A new era of cyberthreats from sophisticated threat actors is here – Source: www.csoonline.com https://ciso2ciso.com/crowdstrike-a-new-era-of-cyberthreats-from-sophisticated-threat-actors-is-here-source-www-csoonline-com/ #ThreatandVulnerabilityManagement #rssfeedpostgeneratorecho #EndpointProtection #CyberSecurityNews #CloudSecurity #CSOonline #CSOOnline

CrowdStrike: A new era of cyberthreats from sophisticated threat actors is here https://www.csoonline.com/article/4033014/crowdstrike-a-new-era-of-cyberthreats-from-sophisticated-threat-actors-is-here.html #ThreatandVulnerabilityManagement #EndpointProtection #CloudSecurity