home.social

#endpoint-security — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #endpoint-security, aggregated by home.social.

fetched live
  1. Aanvallers hebben een makkelijkere weg gevonden dan het zoeken naar onbekende lekken. Ze halen de sleutels gewoon op bij de mensen die de software bouwen.

    Elke dag een nieuwe vraag die je kunt beantwoorden op ccinfo.nl

    Weet u welke inloggegevens er op dit moment in platte tekst op de laptops van uw ontwikkelaars staan?

    #Cybersecurity #credentials #endpointsecurity #devsecops #informatiebeveiliging

  2. Threat Actor Leverages AI to Craft EDR Evasion Tools

    Sophos X-Ops stumbled upon a secret laboratory while investigating a routine endpoint alert, uncovering a trove of AI-powered tools designed to sneak past modern EDR agents. The surprising discovery revealed a sophisticated operation using partly AI-generated Python scripts to craft evasive tools.

    osintsights.com/threat-actor-l

    #EdrEvasionTools #AigeneratedMalware #EndpointSecurity #ThreatActor #StealthyPostexploitation

  3. Microsoft Defender Automatically Isolates Hacked Endpoints

    Microsoft Defender for Endpoint just got a major boost with its new automatic isolation feature, which swiftly isolates compromised devices to prevent attackers from wreaking havoc on your organization. This cutting-edge capability is part of Microsoft's automatic attack disruption feature, designed to contain…

    osintsights.com/microsoft-defe

    #MicrosoftDefender #EndpointSecurity #AutomaticAttackDisruption #ThreatContainment #EmergingThreats

  4. Enable Defender for Endpoint EDR in block mode for proactive threat disruption & integration with other Defender tools. aka.ms/DefenderEndpoint

  5. CISA Mandates Patching of Ivanti Flaw Exploited in Zero-Day Attacks

    The US Cybersecurity and Infrastructure Security Agency (CISA) is requiring immediate patching of a high-risk Ivanti flaw, CVE-2026-6973, that allows attackers with admin privileges to remotely execute code on vulnerable systems. This critical vulnerability affects Ivanti Endpoint Manager Mobile (EPMM) version 12.8.0.0 and earlier.

    osintsights.com/cisa-mandates-

    #ZeroDay #Ivanti #Cve20266973 #EndpointSecurity #PatchManagement

  6. Running Ubuntu 26.04 LTS as a daily driver, enrolled in Microsoft Intune with MDE, and it just works.

    Linux endpoint management has come a long way. Zero friction, full compliance.

    #Ubuntu #Intune #MDE #Linux #EndpointSecurity #Microsoft

  7. Running Ubuntu 26.04 LTS as a daily driver, enrolled in Microsoft Intune with MDE, and it just works.

    Linux endpoint management has come a long way. Zero friction, full compliance.

    #Ubuntu #Intune #MDE #Linux #EndpointSecurity #Microsoft

  8. 🥩🥩Mr T-Bone tip!🥩🥩[New from Tech Community]
    Check out what's sizzling in Microsoft Intune this April! Fresh updates, cool features—don't miss the juicy details!

    #MVPBuzz #Security #MicrosoftTechCommunity #CloudManagement #EndpointSecurity
    👉👉 tip.tbone.se/jz4Gw9
    [AI generated, Human reviewed]

  9. Ransomware Exploits QEMU VMs to Evade Endpoint Security

    Malicious software can now secretly launch a virtual machine inside your computer, allowing it to evade detection and phone home to its operator - a chilling new tactic that exposes weaknesses in traditional endpoint defenses. This stealthy approach, recently spotted in the Payouts King ransomware, uses the QEMU emulator to create a hidden…

    osintsights.com/ransomware-exp

    #Ransomware #EndpointSecurity #Qemu #VirtualMachine #MalwareOperations

  10. Malware Abuses Signed Software to Disable Antivirus Protections

    Thousands of vulnerable endpoints across schools, utilities, governments, and hospitals have fallen prey to a sneaky malware that masquerades as legitimate software, only to disable antivirus protections and wreak havoc with SYSTEM-level privileges. This stealthy attack has left countless organizations defenseless…

    osintsights.com/malware-abuses

    #SignedSoftwareAbuse #AntivirusEvasion #SystemPrivilegeEscalation #Adware #EndpointSecurity

  11. Adware Operation Neutralizes Antivirus on 23,000 Hosts via Signed Updates

    Imagine receiving a routine software update that secretly disables your antivirus protection, leaving you vulnerable to cyber threats - that's exactly what happened to 23,000 hosts in a shocking adware operation. Hackers cleverly used signed updates to deliver payloads that neutralized antivirus defenses, putting…

    osintsights.com/adware-operati

    #AdwareOperations #AntivirusProtection #EndpointSecurity #Malware #EmergingThreats

  12. CISA Mandates Emergency Patch for Exploited Ivanti EPMM Flaw

    The Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority alert, ordering US government agencies to patch a critical vulnerability in Ivanti Endpoint Manager Mobile (EPMM) within just four days, as the flaw has been under active exploitation since January. With a Sunday deadline looming, federal IT…

    osintsights.com/cisa-mandates-

    #IvantiEpmm #Cisa #EndpointSecurity #ExploitedVulnerability #EmergingThreats

  13. 🥩🥩Mr T-Bone tip!🥩🥩[New from Tech Community]
    Intune is now even faster and quicker to sync and keep up to date. Catch up on the coolest features landing this March! Fresh updates just for you—don’t miss out! 😎✨

    #CloudManagement #EndpointSecurity #MVPBuzz #Security #MicrosoftTechCommunity

    👉👉 tip.tbone.se/8vQyam
    [AI generated, Human reviewed]

  14. Don’t trust unmanaged devices. Block access with Conditional Access + Intune compliance policies. aka.ms/Intune

  15. 🛡️ Cyber Tip: Use business grade antivirus and keep it updated.

    Enterprise level protection with real time monitoring helps detect and stop threats before they spread.

    zurl.co/buqUn

    #Zevonix #CyberSecurity #EndpointSecurity #DaytonaBeach

  16. 🛡️ Cyber Tip: Use device management tools to secure endpoints.

    Centralized control helps enforce policies, push updates, and respond quickly to threats across all company devices.

    zurl.co/jfPfO

    #Zevonix #CyberSecurity #EndpointSecurity #ITSecurity

  17. Microsoft Intune als Einfallstor! Der Medizintechnikkonzern Stryker wurde Opfer eines Cyberangriffs und die Angreifer nutzten Microsoft Intune als Hebel. Die Folge: globale Betriebsausfälle. Intune ist kein Nischenprodukt. Es ist in Zehntausenden Unternehmen weltweit das zentrale Werkzeug für Geräteverwaltung, Zugriffssteuerung und Softwareverteilung – von KMU bis Konzern, quer durch alle Branchen. #MicrosoftIntune #Stryker #Microsoft #Endpointsecurity #Intune #MDM

  18. CISA warns of attacks targeting endpoint management systems after Stryker breach.
    • Microsoft Intune targeted
    • Ops disruption + data theft claims
    • Immediate hardening required

    Details 👇
    technadu.com/cisa-urges-organi

    #InfoSec #CISA #EndpointSecurity

  19. Brainworm: Wenn KI-Agenten durch natürliche Sprache zur Waffe werden

    Brainworm benötigt weder ausführbare Dateien noch Skripte – es genügt manipulierter Text in einer Konfigurationsdatei, um einen Agenten wie Claude Code unter fremde Kontrolle zu bringen.

    Weder klassische Endpoint-Security noch einfache Zugriffskontrollen reichen aus, um Angriffe auf dieser Ebene zuverlässig abzuwehren.

    all-about-security.de/brainwor

    #kiagenten #claudecode #endpointsecurity #edr

  20. On the note of obsidian, looks like I need different encryption on different platforms to address end point security.

    Cryptomator is infeasible on android.
    Everything else is infeasible on desktops, but can be easily work around with.

    The more I look into standard android the more I appreciate what signal has done on local encryption. Most app data are still in plaintext in lockdown and signal managed to be encrypted and still searchable when using.

    #obsidian #notetaking #notetakingapp #signal #encryption #endpointsecurity #cryptomator

  21. 🚨 Trend Micro fixes 8 CRITICAL & high-severity flaws in Apex One (Windows/macOS). No exploits yet, but risk is significant. Patch ASAP to prevent endpoint compromise. Details: radar.offseq.com/threat/trend- #OffSeq #Vuln #EndpointSecurity

  22. Incident Overview:
    Platform: Step Finance
    Loss: ~$40M treasury theft
    Vector: Compromised executive devices
    Status: Operations terminated

    Recovery efforts:
    • ~$3.7M Remora assets recovered
    • ~$1M additional tokens recovered
    • Snapshot-based reimbursement for STEP holders
    • Buyback + redemption process underway

    Collateral shutdown:
    Remora Markets, SolanaFloor

    Strategic insight:
    Executive endpoint compromise → treasury compromise.

    Crypto treasury management must incorporate hardened device policies, hardware-backed key storage, enforced MFA, anomaly detection.

    Source: therecord.media/step-finance-c

    Follow us for tactical crypto threat briefings.
    Share mitigation strategies below.

    #Infosec #CryptoSecurity #DeFiRisk #TreasuryManagement #EndpointSecurity #Blockchain #DigitalAssets #ThreatModeling #CyberIncident #SecurityOperations

  23. Join us on Wednesday, March 4 at 11 a.m. EST for a live webinar on how to reduce endpoint risk without disrupting users or IT workflows with Keeper Endpoint Privilege Manager.

    We’ll cover how to defend against today’s most common endpoint-based attack techniques, reduce risk by removing local admin rights without impacting productivity, apply least-privilege access controls across Windows, macOS and Linux, and protect users from memory-based attacks.

    Register here 👉 bit.ly/4aQV1eE.

    #KeeperSecurity #Cybersecurity #EndpointSecurity #PrivilegedAccess #Webinar

  24. Join us on Wednesday, March 4 at 11 a.m. EST for a live webinar on how to reduce endpoint risk without disrupting users or IT workflows with Keeper Endpoint Privilege Manager.

    We’ll cover how to defend against today’s most common endpoint-based attack techniques, reduce risk by removing local admin rights without impacting productivity, apply least-privilege access controls across Windows, macOS and Linux, and protect users from memory-based attacks.

    Register here 👉 bit.ly/4aQV1eE.

    #KeeperSecurity #Cybersecurity #EndpointSecurity #PrivilegedAccess #Webinar

  25. New by me: I’ve been seeing a spike in unwanted apps (PUPs/adware) sneaking onto client endpoints, so I built a practical workaround when allowlisting tools aren’t in the budget.

    This post walks through:
    ✅ a PowerShell cleanup script (Audit vs Remediate)
    ✅ a JSON “bad app” list you can update over time
    ✅ how to automate it in your RMM (with a Kaseya VSA X example)
    ✅ why I avoid Win32_Product and how the fallback config works

    MSPs: this is endpoint hygiene, not magic, but it’s consistent and scalable.

    kylereddoch.me/blog/fighting-t

    #MSP #PowerShell #RMM #Windows #Cybersecurity #EndpointSecurity #Kaseya

  26. New by me: I’ve been seeing a spike in unwanted apps (PUPs/adware) sneaking onto client endpoints, so I built a practical workaround when allowlisting tools aren’t in the budget.

    This post walks through:
    ✅ a PowerShell cleanup script (Audit vs Remediate)
    ✅ a JSON “bad app” list you can update over time
    ✅ how to automate it in your RMM (with a Kaseya VSA X example)
    ✅ why I avoid Win32_Product and how the fallback config works

    MSPs: this is endpoint hygiene, not magic, but it’s consistent and scalable.

    kylereddoch.me/blog/fighting-t

    #MSP #PowerShell #RMM #Windows #Cybersecurity #EndpointSecurity #Kaseya

  27. Palo Alto Networks to acquire Koi Security for $400M, targeting the emerging Agentic Endpoint attack surface.

    Koi (Assaraf, Dardikman, Kruk) developed LLM-powered analysis to detect:
    • Malicious extensions/plugins
    • Package ecosystem abuse (NPM, Homebrew)
    • AI agent exploit chaining
    • Model artifact manipulation
    • Credential hijacking within agent frameworks

    Planned integration into Prisma AIRS™ and Cortex XDR® aims to improve AI runtime visibility and enforcement.

    Question for defenders:
    Are your telemetry pipelines mapping AI agent behavior - or just traditional executables?

    Source: paloaltonetworks.com/company/p

    Drop your technical perspective below.
    Follow Technadu for advanced threat intelligence reporting.

    #Infosec #ThreatModeling #AppSec #EndpointSecurity #AIsecurity #DetectionEngineering #XDR #ZeroTrust #SupplyChainSecurity #LLMsecurity #BlueTeam #RedTeam #CyberArchitecture

  28. Lock down endpoints. Apply Conditional Access with device compliance checks—don’t trust unmanaged devices.

  29. This campaign reinforces a critical shift: infostealers are no longer just credential hunters - they’re context harvesters.

    AI agents storing plaintext memories, tokens, and configs create a rich target set for commodity malware. Once a host is compromised, attackers don’t need exploits - just file access.

    Source: infostealers.com/article/ai-ag

    💬 How should AI agent data be classified in security models?
    🔔 Follow TechNadu for threat-focused, non-sensational analysis

    #InfoSec #ThreatModeling #AIrisk #Infostealers #EndpointSecurity #MaaS #TechNadu

  30. Step Finance reports that compromised executive endpoints led to unauthorized access to multiple treasury wallets, with losses later estimated at approximately $40M.

    The incident underscores persistent risks around endpoint compromise, privileged access, and operational security in DeFi environments. Partial recovery was achieved through token protections and partner coordination, while some platform operations were paused for reinforcement.

    As DeFi platforms mature, incidents like this reinforce the importance of strict device hardening, segmented access, and treasury-level defense-in-depth.

    Source: bleepingcomputer.com/news/secu

    💬 What controls meaningfully reduce exec-level compromise risk in Web3?
    ➕ Follow TechNadu for calm, technically grounded infosec coverage

    #Infosec #DeFiSecurity #EndpointSecurity #CryptoRisk #Web3Security #StepFinance

  31. Recent research highlights a phishing campaign leveraging tax-related lures to deploy ValleyRAT, a modular RAT with strong persistence and evasion features.

    The infection chain demonstrates continued abuse of trusted binaries, DLL sideloading, and plugin-based architectures to enable targeted post-compromise activity. The campaign underscores the importance of monitoring user-facing entry points and low-noise persistence mechanisms.

    Open to insights on effective detection and response strategies for similar campaigns.
    Follow TechNadu for objective threat intelligence reporting.

    #InfoSec #ThreatHunting #MalwareAnalysis #PhishingDefense #EndpointSecurity #CyberThreats

  32. We often find built-in Windows defences disabled or misconfigured during assessments. Those same controls can help stop credential theft, boot-level malware, and memory attacks when properly configured.

    In our latest blog post, Nicole walks through five Windows security features you should be using, explains what they do, why they matter, and how to check them on your systems.

    📌pentestpartners.com/security-b

    #windowssecurity #incidentresponse #endpointsecurity #cybersecurity #dfir

  33. THE SECURITY PARADOX: How Desktop OS Indexing Un-Encrypts Your E2E Sync Folders

    E2E services protect data in transit and cloud. But when your sync client decrypts files to local disk, your OS indexer treats it as plaintext.

    macOS Spotlight, Windows Search, and Linux indexers (Tracker/Baloo) catalog full file contents—creating a forensic record independent of E2E.

    LEAKAGE PATHWAYS:
    1. Direct search (Spotlight/Finder)
    2. API access (mdfind/Core Spotlight)
    3. System intelligence uplink

    REMEDIATION:
    • macOS: Spotlight Privacy + index rebuild
    • Windows: Indexing Options
    • Linux: .trackerignore (GNOME) or balooctl6 purge (KDE)

    The indexer never sleeps.

    Full analysis: steelefortress.com/fortress-fe

    #InfoSec #Privacy #EndpointSecurity #E2EE

  34. 𝗠𝘆𝘁𝗵 𝗕𝘂𝘀𝘁𝗲𝗿 𝗪𝗲𝗱𝗻𝗲𝘀𝗱𝗮𝘆: "𝗜 𝗵𝗮𝘃𝗲 𝗮𝗻𝘁𝗶𝘃𝗶𝗿𝘂𝘀, 𝘀𝗼 𝗜'𝗺 𝗳𝘂𝗹𝗹𝘆 𝗽𝗿𝗼𝘁𝗲𝗰𝘁𝗲𝗱." 🛡️

    ​This is like saying a single lock on your front door means your entire house is secure. Antivirus software is absolutely essential—it's your first line of defense against known threats—but it's far from a complete cybersecurity strategy.

    ​Think of it like our Cyber Toddlers learning to walk. They need strong legs (antivirus), but they also need:

    1. ​Balance: (Regular patching and updates)
    2. ​Awareness: (Employee training to spot phishing)
    3. ​Guardrails: (MFA, strong passwords, proper firewall configs)
    4. ​A Safe Space: (Backup solutions, incident response plans)

    ​Relying solely on antivirus is dangerously incomplete. It's a foundational piece, but it's not the whole puzzle.

    ​What's one other security measure you prioritize beyond just antivirus? Share your wisdom! 👇

    #Antivirus #CybersecurityMyth #LayeredSecurity #CyberToddler #EndpointSecurity #BizSec

  35. Viele reden über Cyber-Resilienz – die Realität in den Netzen sagt etwas anderes: 39% der IT-Geräte laufen ohne aktive Endpoint-Protection, 77% der Unternehmensnetzwerke sind unzureichend segmentiert, 32,5% der Geräte operieren außerhalb der IT-Kontrolle, 26% der Linux- und 8% der Windows-Systeme sind veraltet und ungepatcht. #CyberSecurity #Risikomanagement #ITSecurity #EndpointSecurity #EDR #PatchManagement #Netzwerksegmentierung #ZeroTrust #PaloAlto

  36. Cyber criminals are increasingly bypassing traditional defenses through phishing attacks and malicious software that accesses application memory to extract passwords, session tokens and other sensitive data.

    Keeper Security is mitigating that risk with Keeper Forcefield, an advanced endpoint security product for Windows that protects sensitive applications and processes from unauthorized access.

    Learn more: bit.ly/47Zebyq.

    #KeeperSecurity #Cybersecurity #EndpointSecurity

  37. October is Cybersecurity Awareness Month! 🚨 New research shows a significant gap in security coverage for managed endpoints due to device diversity and hybrid work. IT teams must adapt to ensure robust protection. What strategies are you implementing to close this gap? #Cybersecurity #Privacy #EndpointSecurity

    Read more: short.steelefortress.com/3dl9he

  38. A critical flaw in Lanscope Endpoint Manager is being exploited right now—attackers are already in the wild. Curious how major organizations are shoring up defenses? Read on for actionable strategies to protect your network.

    thedefendopsdiaries.com/mitiga

    #endpointsecurity
    #patchmanagement
    #cyberthreats
    #zerotrust
    #incidentresponse