#endpoint-security — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #endpoint-security, aggregated by home.social.
-
📣🚨 A #macOS XPC flaw let regular users disable CrowdStrike and Kandji tools, exposing security gaps that vendors patched after being reported.
Listen or Read: https://hackread.com/macos-flaw-users-disable-crowdstrike-kandji-security-tools/
#CyberSecurity #InfoSec #EndpointSecurity #CrowdStrike #Kandji
-
📣🚨 A #macOS XPC flaw let regular users disable CrowdStrike and Kandji tools, exposing security gaps that vendors patched after being reported.
Listen or Read: https://hackread.com/macos-flaw-users-disable-crowdstrike-kandji-security-tools/
#CyberSecurity #InfoSec #EndpointSecurity #CrowdStrike #Kandji
-
Aanvallers hebben een makkelijkere weg gevonden dan het zoeken naar onbekende lekken. Ze halen de sleutels gewoon op bij de mensen die de software bouwen.
Elke dag een nieuwe vraag die je kunt beantwoorden op https://www.ccinfo.nl
Weet u welke inloggegevens er op dit moment in platte tekst op de laptops van uw ontwikkelaars staan?
#Cybersecurity #credentials #endpointsecurity #devsecops #informatiebeveiliging
-
New by me: CybersecKyle Security How-To Series: Home Network and Devices, Part 2 - Windows 11 and macOS Baselines You Can Live With
#Cybersecurity #InfoSec #Windows #macOS #EndpointSecurity #CybersecKyleHowTo
-
New by me: CybersecKyle Security How-To Series: Home Network and Devices, Part 2 - Windows 11 and macOS Baselines You Can Live With
#Cybersecurity #InfoSec #Windows #macOS #EndpointSecurity #CybersecKyleHowTo
-
Threat Actor Leverages AI to Craft EDR Evasion Tools
Sophos X-Ops stumbled upon a secret laboratory while investigating a routine endpoint alert, uncovering a trove of AI-powered tools designed to sneak past modern EDR agents. The surprising discovery revealed a sophisticated operation using partly AI-generated Python scripts to craft evasive tools.
#EdrEvasionTools #AigeneratedMalware #EndpointSecurity #ThreatActor #StealthyPostexploitation
-
Microsoft Defender Automatically Isolates Hacked Endpoints
Microsoft Defender for Endpoint just got a major boost with its new automatic isolation feature, which swiftly isolates compromised devices to prevent attackers from wreaking havoc on your organization. This cutting-edge capability is part of Microsoft's automatic attack disruption feature, designed to contain…
#MicrosoftDefender #EndpointSecurity #AutomaticAttackDisruption #ThreatContainment #EmergingThreats
-
Enable Defender for Endpoint EDR in block mode for proactive threat disruption & integration with other Defender tools. https://aka.ms/DefenderEndpoint #EndpointSecurity #MicrosoftSecurity
-
CISA Mandates Patching of Ivanti Flaw Exploited in Zero-Day Attacks
The US Cybersecurity and Infrastructure Security Agency (CISA) is requiring immediate patching of a high-risk Ivanti flaw, CVE-2026-6973, that allows attackers with admin privileges to remotely execute code on vulnerable systems. This critical vulnerability affects Ivanti Endpoint Manager Mobile (EPMM) version 12.8.0.0 and earlier.
#ZeroDay #Ivanti #Cve20266973 #EndpointSecurity #PatchManagement
-
Running Ubuntu 26.04 LTS as a daily driver, enrolled in Microsoft Intune with MDE, and it just works.
Linux endpoint management has come a long way. Zero friction, full compliance.
-
Running Ubuntu 26.04 LTS as a daily driver, enrolled in Microsoft Intune with MDE, and it just works.
Linux endpoint management has come a long way. Zero friction, full compliance.
-
🥩🥩Mr T-Bone tip!🥩🥩[New from Tech Community]
Check out what's sizzling in Microsoft Intune this April! Fresh updates, cool features—don't miss the juicy details!#MVPBuzz #Security #MicrosoftTechCommunity #CloudManagement #EndpointSecurity
👉👉 https://tip.tbone.se/jz4Gw9
[AI generated, Human reviewed] -
Ransomware Exploits QEMU VMs to Evade Endpoint Security
Malicious software can now secretly launch a virtual machine inside your computer, allowing it to evade detection and phone home to its operator - a chilling new tactic that exposes weaknesses in traditional endpoint defenses. This stealthy approach, recently spotted in the Payouts King ransomware, uses the QEMU emulator to create a hidden…
#Ransomware #EndpointSecurity #Qemu #VirtualMachine #MalwareOperations
-
Malware Abuses Signed Software to Disable Antivirus Protections
Thousands of vulnerable endpoints across schools, utilities, governments, and hospitals have fallen prey to a sneaky malware that masquerades as legitimate software, only to disable antivirus protections and wreak havoc with SYSTEM-level privileges. This stealthy attack has left countless organizations defenseless…
#SignedSoftwareAbuse #AntivirusEvasion #SystemPrivilegeEscalation #Adware #EndpointSecurity
-
Adware Operation Neutralizes Antivirus on 23,000 Hosts via Signed Updates
Imagine receiving a routine software update that secretly disables your antivirus protection, leaving you vulnerable to cyber threats - that's exactly what happened to 23,000 hosts in a shocking adware operation. Hackers cleverly used signed updates to deliver payloads that neutralized antivirus defenses, putting…
#AdwareOperations #AntivirusProtection #EndpointSecurity #Malware #EmergingThreats
-
CISA Mandates Emergency Patch for Exploited Ivanti EPMM Flaw
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority alert, ordering US government agencies to patch a critical vulnerability in Ivanti Endpoint Manager Mobile (EPMM) within just four days, as the flaw has been under active exploitation since January. With a Sunday deadline looming, federal IT…
#IvantiEpmm #Cisa #EndpointSecurity #ExploitedVulnerability #EmergingThreats
-
🥩🥩Mr T-Bone tip!🥩🥩[New from Tech Community]
Intune is now even faster and quicker to sync and keep up to date. Catch up on the coolest features landing this March! Fresh updates just for you—don’t miss out! 😎✨#CloudManagement #EndpointSecurity #MVPBuzz #Security #MicrosoftTechCommunity
👉👉 https://tip.tbone.se/8vQyam
[AI generated, Human reviewed] -
Don’t trust unmanaged devices. Block access with Conditional Access + Intune compliance policies. https://aka.ms/Intune #ZeroTrust #EndpointSecurity
-
🛡️ Cyber Tip: Use business grade antivirus and keep it updated.
Enterprise level protection with real time monitoring helps detect and stop threats before they spread.
-
CrowdStrike and Intel team up to secure AI PCs before attackers catch up
https://fed.brid.gy/r/https://nerds.xyz/2026/03/crowdstrike-intel-ai-pc-security/
-
CrowdStrike and Intel team up to secure AI PCs before attackers catch up
https://web.brid.gy/r/https://nerds.xyz/2026/03/crowdstrike-intel-ai-pc-security/
-
🛡️ Cyber Tip: Use device management tools to secure endpoints.
Centralized control helps enforce policies, push updates, and respond quickly to threats across all company devices.
-
Microsoft Intune als Einfallstor! Der Medizintechnikkonzern Stryker wurde Opfer eines Cyberangriffs und die Angreifer nutzten Microsoft Intune als Hebel. Die Folge: globale Betriebsausfälle. Intune ist kein Nischenprodukt. Es ist in Zehntausenden Unternehmen weltweit das zentrale Werkzeug für Geräteverwaltung, Zugriffssteuerung und Softwareverteilung – von KMU bis Konzern, quer durch alle Branchen. #MicrosoftIntune #Stryker #Microsoft #Endpointsecurity #Intune #MDM
-
CISA warns of attacks targeting endpoint management systems after Stryker breach.
• Microsoft Intune targeted
• Ops disruption + data theft claims
• Immediate hardening required -
Brainworm: Wenn KI-Agenten durch natürliche Sprache zur Waffe werden
Brainworm benötigt weder ausführbare Dateien noch Skripte – es genügt manipulierter Text in einer Konfigurationsdatei, um einen Agenten wie Claude Code unter fremde Kontrolle zu bringen.
Weder klassische Endpoint-Security noch einfache Zugriffskontrollen reichen aus, um Angriffe auf dieser Ebene zuverlässig abzuwehren.
-
On the note of obsidian, looks like I need different encryption on different platforms to address end point security.
Cryptomator is infeasible on android.
Everything else is infeasible on desktops, but can be easily work around with.The more I look into standard android the more I appreciate what signal has done on local encryption. Most app data are still in plaintext in lockdown and signal managed to be encrypted and still searchable when using.
#obsidian #notetaking #notetakingapp #signal #encryption #endpointsecurity #cryptomator
-
🚨 Trend Micro fixes 8 CRITICAL & high-severity flaws in Apex One (Windows/macOS). No exploits yet, but risk is significant. Patch ASAP to prevent endpoint compromise. Details: https://radar.offseq.com/threat/trend-micro-patches-critical-apex-one-vulnerabilit-6afeacc3 #OffSeq #Vuln #EndpointSecurity
-
Incident Overview:
Platform: Step Finance
Loss: ~$40M treasury theft
Vector: Compromised executive devices
Status: Operations terminatedRecovery efforts:
• ~$3.7M Remora assets recovered
• ~$1M additional tokens recovered
• Snapshot-based reimbursement for STEP holders
• Buyback + redemption process underwayCollateral shutdown:
Remora Markets, SolanaFloorStrategic insight:
Executive endpoint compromise → treasury compromise.Crypto treasury management must incorporate hardened device policies, hardware-backed key storage, enforced MFA, anomaly detection.
Source: https://therecord.media/step-finance-cryptocurrency-theft-shutdown
Follow us for tactical crypto threat briefings.
Share mitigation strategies below.#Infosec #CryptoSecurity #DeFiRisk #TreasuryManagement #EndpointSecurity #Blockchain #DigitalAssets #ThreatModeling #CyberIncident #SecurityOperations
-
Join us on Wednesday, March 4 at 11 a.m. EST for a live webinar on how to reduce endpoint risk without disrupting users or IT workflows with Keeper Endpoint Privilege Manager.
We’ll cover how to defend against today’s most common endpoint-based attack techniques, reduce risk by removing local admin rights without impacting productivity, apply least-privilege access controls across Windows, macOS and Linux, and protect users from memory-based attacks.
Register here 👉 https://bit.ly/4aQV1eE.
#KeeperSecurity #Cybersecurity #EndpointSecurity #PrivilegedAccess #Webinar
-
Join us on Wednesday, March 4 at 11 a.m. EST for a live webinar on how to reduce endpoint risk without disrupting users or IT workflows with Keeper Endpoint Privilege Manager.
We’ll cover how to defend against today’s most common endpoint-based attack techniques, reduce risk by removing local admin rights without impacting productivity, apply least-privilege access controls across Windows, macOS and Linux, and protect users from memory-based attacks.
Register here 👉 https://bit.ly/4aQV1eE.
#KeeperSecurity #Cybersecurity #EndpointSecurity #PrivilegedAccess #Webinar
-
New by me: I’ve been seeing a spike in unwanted apps (PUPs/adware) sneaking onto client endpoints, so I built a practical workaround when allowlisting tools aren’t in the budget.
This post walks through:
✅ a PowerShell cleanup script (Audit vs Remediate)
✅ a JSON “bad app” list you can update over time
✅ how to automate it in your RMM (with a Kaseya VSA X example)
✅ why I avoid Win32_Product and how the fallback config worksMSPs: this is endpoint hygiene, not magic, but it’s consistent and scalable.
#MSP #PowerShell #RMM #Windows #Cybersecurity #EndpointSecurity #Kaseya
-
New by me: I’ve been seeing a spike in unwanted apps (PUPs/adware) sneaking onto client endpoints, so I built a practical workaround when allowlisting tools aren’t in the budget.
This post walks through:
✅ a PowerShell cleanup script (Audit vs Remediate)
✅ a JSON “bad app” list you can update over time
✅ how to automate it in your RMM (with a Kaseya VSA X example)
✅ why I avoid Win32_Product and how the fallback config worksMSPs: this is endpoint hygiene, not magic, but it’s consistent and scalable.
#MSP #PowerShell #RMM #Windows #Cybersecurity #EndpointSecurity #Kaseya
-
Palo Alto Networks to acquire Koi Security for $400M, targeting the emerging Agentic Endpoint attack surface.
Koi (Assaraf, Dardikman, Kruk) developed LLM-powered analysis to detect:
• Malicious extensions/plugins
• Package ecosystem abuse (NPM, Homebrew)
• AI agent exploit chaining
• Model artifact manipulation
• Credential hijacking within agent frameworksPlanned integration into Prisma AIRS™ and Cortex XDR® aims to improve AI runtime visibility and enforcement.
Question for defenders:
Are your telemetry pipelines mapping AI agent behavior - or just traditional executables?Drop your technical perspective below.
Follow Technadu for advanced threat intelligence reporting.#Infosec #ThreatModeling #AppSec #EndpointSecurity #AIsecurity #DetectionEngineering #XDR #ZeroTrust #SupplyChainSecurity #LLMsecurity #BlueTeam #RedTeam #CyberArchitecture
-
Lock down endpoints. Apply Conditional Access with device compliance checks—don’t trust unmanaged devices. #ZeroTrust #EndpointSecurity #AzureAD
-
This campaign reinforces a critical shift: infostealers are no longer just credential hunters - they’re context harvesters.
AI agents storing plaintext memories, tokens, and configs create a rich target set for commodity malware. Once a host is compromised, attackers don’t need exploits - just file access.
💬 How should AI agent data be classified in security models?
🔔 Follow TechNadu for threat-focused, non-sensational analysis#InfoSec #ThreatModeling #AIrisk #Infostealers #EndpointSecurity #MaaS #TechNadu
-
Step Finance reports that compromised executive endpoints led to unauthorized access to multiple treasury wallets, with losses later estimated at approximately $40M.
The incident underscores persistent risks around endpoint compromise, privileged access, and operational security in DeFi environments. Partial recovery was achieved through token protections and partner coordination, while some platform operations were paused for reinforcement.
As DeFi platforms mature, incidents like this reinforce the importance of strict device hardening, segmented access, and treasury-level defense-in-depth.
💬 What controls meaningfully reduce exec-level compromise risk in Web3?
➕ Follow TechNadu for calm, technically grounded infosec coverage#Infosec #DeFiSecurity #EndpointSecurity #CryptoRisk #Web3Security #StepFinance
-
Windows 12 is watching back 👀! “Microslop” rumors reveal new AI and telemetry risks. SOCs and CISOs, are you ready? #Windows12 #CyberSecurity #EndpointSecurity
-
Criticality Live by Secure Nation interviewing Bob Carver by moderators Joshua Copeland and Kayla Williams #cybersecurity #networksecurity #endpointsecurity #riskframeworks #businesscontinuity
https://www.youtube.com/live/8D2YKOqjdIM?si=urt_OY5jeLOqObtE -
OpenAEV: Open-source adversarial exposure validation platform https://www.helpnetsecurity.com/2026/01/05/openaev-open-source-adversarial-exposure-validation-platform/ #securityoperations #endpointsecurity #opensource #Don'tmiss #Hotstuff #Filigran #software #GitHub #News
-
Recent research highlights a phishing campaign leveraging tax-related lures to deploy ValleyRAT, a modular RAT with strong persistence and evasion features.
The infection chain demonstrates continued abuse of trusted binaries, DLL sideloading, and plugin-based architectures to enable targeted post-compromise activity. The campaign underscores the importance of monitoring user-facing entry points and low-noise persistence mechanisms.
Open to insights on effective detection and response strategies for similar campaigns.
Follow TechNadu for objective threat intelligence reporting.#InfoSec #ThreatHunting #MalwareAnalysis #PhishingDefense #EndpointSecurity #CyberThreats
-
UEFI Vulnerability in Major Motherboards Enables Early-Boot Attacks https://www.securityweek.com/uefi-vulnerability-in-major-motherboards-enables-early-boot-attacks/ #EndpointSecurity #securitybypass #vulnerability #motherboard #boot #UEFI #DMA
-
CrowdStrike rolls out Falcon AI Detection and Response as AI prompts become the new attack surface
https://web.brid.gy/r/https://nerds.xyz/2025/12/crowdstrike-falcon-ai-detection-response/
-
MITRE Posts Results of 2025 ATT&CK Enterprise Evaluations https://www.securityweek.com/mitre-posts-results-of-2025-attck-enterprise-evaluations/ #EndpointSecurity #CloudSecurity #MITREATT&CK #assessment #evaluation #MITRE
-
Intel, AMD Processors Affected by PCIe Vulnerabilities https://www.securityweek.com/intel-amd-processors-affected-by-pcie-vulnerabilities/ #EndpointSecurity #vulnerability #PCIExpress #Featured #Intel #PCIe #Amd #CPU
-
We often find built-in Windows defences disabled or misconfigured during assessments. Those same controls can help stop credential theft, boot-level malware, and memory attacks when properly configured.
In our latest blog post, Nicole walks through five Windows security features you should be using, explains what they do, why they matter, and how to check them on your systems.
#windowssecurity #incidentresponse #endpointsecurity #cybersecurity #dfir
-
Microsoft Silently Mitigated Exploited LNK Vulnerability https://www.securityweek.com/microsoft-silently-mitigated-exploited-lnk-vulnerability/ #EndpointSecurity #Vulnerabilities #Microsoft #Featured #Windows #Patch #LNK
-
THE SECURITY PARADOX: How Desktop OS Indexing Un-Encrypts Your E2E Sync Folders
E2E services protect data in transit and cloud. But when your sync client decrypts files to local disk, your OS indexer treats it as plaintext.
macOS Spotlight, Windows Search, and Linux indexers (Tracker/Baloo) catalog full file contents—creating a forensic record independent of E2E.
LEAKAGE PATHWAYS:
1. Direct search (Spotlight/Finder)
2. API access (mdfind/Core Spotlight)
3. System intelligence uplinkREMEDIATION:
• macOS: Spotlight Privacy + index rebuild
• Windows: Indexing Options
• Linux: .trackerignore (GNOME) or balooctl6 purge (KDE)The indexer never sleeps.
Full analysis: https://steelefortress.com/fortress-feed/security-paradox-e2e-indexing
-
𝗠𝘆𝘁𝗵 𝗕𝘂𝘀𝘁𝗲𝗿 𝗪𝗲𝗱𝗻𝗲𝘀𝗱𝗮𝘆: "𝗜 𝗵𝗮𝘃𝗲 𝗮𝗻𝘁𝗶𝘃𝗶𝗿𝘂𝘀, 𝘀𝗼 𝗜'𝗺 𝗳𝘂𝗹𝗹𝘆 𝗽𝗿𝗼𝘁𝗲𝗰𝘁𝗲𝗱." 🛡️
This is like saying a single lock on your front door means your entire house is secure. Antivirus software is absolutely essential—it's your first line of defense against known threats—but it's far from a complete cybersecurity strategy.
Think of it like our Cyber Toddlers learning to walk. They need strong legs (antivirus), but they also need:
1. Balance: (Regular patching and updates)
2. Awareness: (Employee training to spot phishing)
3. Guardrails: (MFA, strong passwords, proper firewall configs)
4. A Safe Space: (Backup solutions, incident response plans)Relying solely on antivirus is dangerously incomplete. It's a foundational piece, but it's not the whole puzzle.
What's one other security measure you prioritize beyond just antivirus? Share your wisdom! 👇
#Antivirus #CybersecurityMyth #LayeredSecurity #CyberToddler #EndpointSecurity #BizSec
-
Microsoft Highlights Security Risks Introduced by New Agentic AI Feature https://www.securityweek.com/microsoft-highlights-security-risks-introduced-by-new-agentic-ai-feature/ #ArtificialIntelligence #EndpointSecurity #agenticAI #Microsoft #security #Windows #AI
-
Viele reden über Cyber-Resilienz – die Realität in den Netzen sagt etwas anderes: 39% der IT-Geräte laufen ohne aktive Endpoint-Protection, 77% der Unternehmensnetzwerke sind unzureichend segmentiert, 32,5% der Geräte operieren außerhalb der IT-Kontrolle, 26% der Linux- und 8% der Windows-Systeme sind veraltet und ungepatcht. #CyberSecurity #Risikomanagement #ITSecurity #EndpointSecurity #EDR #PatchManagement #Netzwerksegmentierung #ZeroTrust #PaloAlto
-
Cyber criminals are increasingly bypassing traditional defenses through phishing attacks and malicious software that accesses application memory to extract passwords, session tokens and other sensitive data.
Keeper Security is mitigating that risk with Keeper Forcefield, an advanced endpoint security product for Windows that protects sensitive applications and processes from unauthorized access.
Learn more: https://bit.ly/47Zebyq.
-
AI can flag the risk, but only humans can close the loop https://www.helpnetsecurity.com/2025/11/05/dilek-cilingir-ey-ai-third-party-assessments/ #Artificialintelligence #thirdpartycompromise #digitalforensics #endpointsecurity #machinelearning #cybersecurity #compliance #monitoring #Don'tmiss #Features #News #EY
-
October is Cybersecurity Awareness Month! 🚨 New research shows a significant gap in security coverage for managed endpoints due to device diversity and hybrid work. IT teams must adapt to ensure robust protection. What strategies are you implementing to close this gap? #Cybersecurity #Privacy #EndpointSecurity
Read more: https://short.steelefortress.com/3dl9he
-
Microsoft Disables Downloaded File Previews to Block NTLM Hash Leaks https://www.securityweek.com/microsoft-disables-downloaded-file-previews-to-block-ntlm-hash-leaks/ #EndpointSecurity #securityfeature #FileExplorer #Microsoft #preview #Windows #NTLM
-
A critical flaw in Lanscope Endpoint Manager is being exploited right now—attackers are already in the wild. Curious how major organizations are shoring up defenses? Read on for actionable strategies to protect your network.
#endpointsecurity
#patchmanagement
#cyberthreats
#zerotrust
#incidentresponse -
Lanscope Endpoint Manager vulnerability exploited in zero-day attacks (CVE-2025-61932) https://www.helpnetsecurity.com/2025/10/23/cve-2025-61932-lanscope-endpoint-manager-exploited/ #endpointmanagement #endpointsecurity #securityupdate #Don'tmiss #JPCERT/CC #Hotstuff #0-day #Japan #Motex #News #CISA
-
Microsoft Patches 173 Vulnerabilities, Including Exploited Windows Flaws https://www.securityweek.com/microsoft-patches-173-vulnerabilities-including-exploited-windows-flaws/ #EndpointSecurity #vulnerability #PatchTuesday #Microsoft #Featured #Patch