Threat research, operational playbooks, and security leadership.
10 results
A risk-based vulnerability management program is a proactive cybersecurity strategy that identifies, assesses, and prioritizes weaknesses in a continuous cycle. Key components include vulnerability scanning, penetration testing, and patch management, all of which are essential for a resilient security posture.
The U.S. ban on Kaspersky requires organizations to promptly transition to a new cybersecurity solution, creating operational and compliance challenges. A comprehensive plan should include uninstalling the software, selecting a new solution (such as one with both antivirus and EDR capabilities), and continuous monitoring.
Major breaches in 2024, including the "Mother of All Breaches" (MOAB) and the Change Healthcare attack, highlight the need for robust security measures. Key takeaways include implementing multi-factor authentication, conducting continuous security audits, and enhancing employee training on phishing and third-party vendor risks.
European cybersecurity regulations like NIS2, CRA, and DORA are being introduced to strengthen defenses in the digital world. NIS2 broadens the scope of critical sectors, the CRA focuses on securing digital products from design, and DORA enhances the operational resilience of the financial sector.
The Change Healthcare breach serves as a wake-up call for the healthcare industry, emphasizing the need for enhanced cybersecurity measures, regular risk assessments, and robust incident response plans. The incident highlights the critical importance of mitigating third-party risks and fostering a culture of continuous security improvement.
ArmorPoint successfully detected and mitigated an Emotet malware threat using its Endpoint Detection and Response (EDR) tool, preventing further execution. The incident highlights the importance of rapid response, machine timeline analysis, and post-incident actions like password resets to combat evolving threats.
On a quiet weekend late at night, Cybereason alerted ArmorPoint's analysts to a Windows process that was engaging in unexpected activity. The process was downloading a remote access executable and installing it on the customer's server.
In the rapidly evolving landscape of cybersecurity, it's crucial to stay ahead of the game when it comes to protecting sensitive data and systems. At ArmorPoint, we've been closely monitoring a concerning trend: a marked increase in attacks targeting on-premise Exchange Servers.…
In this particular case, ArmorPoint's analysts intercepted an unknown file that had not been previously flagged by security researchers.…
Phoenix, AZ January 7th, 2022 - ArmorPoint (armorpoint.com) and TSAChoice (tsachoice.com) are pleased to announce their newly-formed strategic partnership that combines TSAChoice’s industry-leading cybersecurity services with ArmorPoint’s best-in-class managed cybersecurity solut…