Voice-based phishing was at the root of multiple attack sprees Mandiant responded to last year, reflecting a concerning shift in tactics.

Cisco’s response to the latest SD-WAN and firewall defects has been fast, but the harder question is how long sophisticated actors had a head start — and…

The vendor said six of the 83 vulnerabilities it addressed this month are more likely to be exploited.

The company’s latest security update contains the highest number of Android vulnerabilities patched in a single month since April 2018.

Silent probing uses AI to measure your team’s response patterns over time, building a behavioral profile that makes follow-on attacks harder to spot and easier to time.

Microsoft said three of the exploited vulnerabilities were publicly known, suggesting attackers already had details about the defects prior to Tuesday’s release.

Limited attacks occurred prior to Ivanti’s disclosure, followed by mass exploitation by multiple threat groups. More than 1,400 potentially vulnerable instances remain exposed.

A researcher who discovered the vulnerability said it was fixed in December, after he first reported it to the agency in September.

Microsoft closed out the year with 1,139 total defects patched, making it the second-largest year in volume behind 2020, according to Trend Micro.

A debate over actual exploitation is muddying response efforts. Multiple researchers say they’ve observed working proof of concepts while others assert evidence of attacks is lacking.