Security News > 2020 > March

A new module for TrickBot banking Trojan has recently been discovered in the wild that lets attackers leverage compromised systems to launch brute-force attacks against selected Windows systems running a Remote Desktop Protocol connection exposed to the Internet. "From add-ons for stealing OpenSSH and OpenVPN sensitive data, to modules that perform SIM-swapping attacks to take control of a user's telephone number, and even disabling Windows built-in security mechanisms before downloading its main modules, TrickBot is a jack-of-all-trades."

A new module for TrickBot banking Trojan has recently been discovered in the wild that lets attackers leverage compromised systems to launch brute-force attacks against selected Windows systems running a Remote Desktop Protocol connection exposed to the Internet. "From add-ons for stealing OpenSSH and OpenVPN sensitive data, to modules that perform SIM-swapping attacks to take control of a user's telephone number, and even disabling Windows built-in security mechanisms before downloading its main modules, TrickBot is a jack-of-all-trades."

Delta Risk, a leading provider of SOC-as-a-Service and security services, announced the integration of Microsoft Defender Advanced Threat Protection with its cloud-native Security Orchestration and Automation platform, ActiveEye. Delta Risk provides Managed Detection and Response for both new and existing Defender ATP customers who need an experienced partner to help them quickly identify and respond to endpoint threats with a 24×7 security operations center.

Box, a leader in cloud content management, announced new integrations with Microsoft 365, building on Box's interoperability within Microsoft environments. These include the integration of Box within Microsoft Teams, which will be generally available on March 31, as well as an updated Box add-in for Microsoft Outlook on mobile and new security and identity integrations.

SecZetta, the leading provider of third-party identity management solutions, and Focal Point, a leading cybersecurity services provider, announced a new solution integrator partnership. Together, SecZetta and Focal Point provide clients with a 360° view of third-party identity and lifecycle management, placed into the context of their broader IAM and risk management practices.

Checkmarx, the global leader in software security solutions for DevOps, announced that Hellman & Friedman has entered into a definitive agreement to acquire the Company from Insight Partners, which will continue to own a substantial minority interest. The acquisition will bolster the company's already outstanding growth at a time when software security has never been more critical for modern enterprises building out their software solutions.

NS1, a leader in next generation application networking, has expanded its executive team with the appointments of Ryan Davis as chief information security officer and Jay Liu as vice president of product strategy. With expertise in application and cloud security, and driving product strategies through technology innovation, they will help shape internal practices and guide product innovation for NS1's suite of application-centric network automation solutions.

LeanIX, a provider of Software-as-a-Service solutions in Enterprise Architecture Management, announced the appointment of Claudine Bianchi to the newly created position of global Chief Marketing Officer. "Claudine is a battle-tested veteran of enterprise technology who knows how to scale quickly and dominate a segment," said André Christ, co-founder and CEO of LeanIX. "I'm very happy to welcome Claudine to the team because it marks an important moment in our company history."

Samsung Electronics, the world leader in advanced memory technology, announced that it has begun mass producing the industry's first 512-gigabyte eUFS 3.1 for use in flagship smartphones. Delivering three times the write speed of the previous 512GB eUFS 3.0 mobile memory, Samsung's new eUFS 3.1 breaks the 1GB/s performance threshold in smartphone storage.

With many people being laid off or working from home thanks to the Coronavirus pandemic, cybercrooks are almost certain to have more than their usual share of recruitable "Money mules" - people who get roped into money laundering schemes under the pretense of a work-at-home job offer. The "Vasty Health Care Foundation" is one of several fraudulent Web sites that recruit money mules in the name of helping Coronavirus victims.